Windows 7 e internet muy lento. Desespera hacer algo

174 gigas en c. Tiene libre 40 gigas. Ha tardado bastante en ejecutar scand disk porque ha analizado todo. . He restaurado a día de ayer pero como ya estaba infectado pues sigue igual. Gracias por todo. De veras. A ver si hay alguna herramienta que busque algo. Es que Internet lentísimo y lo demás igual. Por eso lo hago desde el movil. Porque si no, tengo que abrir en modo prueba de fallos.

Y no puedo desinsatar malwarebytes.

Para que quieres desinstalar Malwarebytes…??

Si sigues con problemas creo que NO es por infecciones, que tampoco parece que tuvieras tantas…??

O es problema de defecto en disco o de corrupción del sistema operativo…??

Al hacer el proceso del CHKDSK te salio una pantalla al inicio como esta :

Cuanto tiempo estuviste viendo esa pantalla…??

Busca el informe de ese proceso para poder analizarlo, te puse las indicaciones anteriormente para buscarlo.

Saludos.

Nombre de registro:Application
Origen:        Windows Error Reporting
Fecha:         14/12/2019 0:41:24
Id. del evento:1001
Categoría de la tarea:Ninguno
Nivel:         Información
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        palote-PC
Descripción:
Depósito con errores 1145897620, tipo 353630818
Nombre de evento: APPCRASH
Respuesta: No disponible
Id. de archivo CAB: 0

Firma del problema:
P1: hitmanpro_x64.exe
P2: 3.8.16.310
P3: 5ddff015
P4: hitmanpro_x64.exe
P5: 3.8.16.310
P6: 5ddff015
P7: c0000005
P8: 00000000002c673d
P9: 
P10: 

Archivos adjuntos:
C:\Users\palote\AppData\Local\Temp\WERB3F3.tmp.WERInternalMetadata.xml

Es posible que estos archivos estén disponibles aquí:
C:\Users\palote\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_hitmanpro_x64.ex_5196973ed9776f3ae029324483376ddd2cb43b_09bbb73d

Símbolo de análisis: 
Nueva búsqueda de una solución: 0
Id. de informe: 11d8c79b-1e02-11ea-abb1-f7ac0c7e5f5c
Estado del informe: 0
XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Windows Error Reporting" />
    <EventID Qualifiers="0">1001</EventID>
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-12-13T23:41:24.000000000Z" />
    <EventRecordID>52212</EventRecordID>
    <Channel>Application</Channel>
    <Computer>palote-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>1145897620</Data>
    <Data>353630818</Data>
    <Data>APPCRASH</Data>
    <Data>No disponible</Data>
    <Data>0</Data>
    <Data>hitmanpro_x64.exe</Data>
    <Data>3.8.16.310</Data>
    <Data>5ddff015</Data>
    <Data>hitmanpro_x64.exe</Data>
    <Data>3.8.16.310</Data>
    <Data>5ddff015</Data>
    <Data>c0000005</Data>
    <Data>00000000002c673d</Data>
    <Data>
    </Data>
    <Data>
    </Data>
    <Data>
C:\Users\palote\AppData\Local\Temp\WERB3F3.tmp.WERInternalMetadata.xml</Data>
    <Data>C:\Users\palote\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_hitmanpro_x64.ex_5196973ed9776f3ae029324483376ddd2cb43b_09bbb73d</Data>
    <Data>
    </Data>
    <Data>0</Data>
    <Data>11d8c79b-1e02-11ea-abb1-f7ac0c7e5f5c</Data>
    <Data>0</Data>
  </EventData>
</Event>

Nombre de registro:Application
Origen:        Application Error
Fecha:         14/12/2019 0:41:23
Id. del evento:1000
Categoría de la tarea:(100)
Nivel:         Error
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        palote-PC
Descripción:
Nombre de la aplicación con errores: hitmanpro_x64.exe, versión: 3.8.16.310, marca de tiempo: 0x5ddff015
Nombre del módulo con errores: hitmanpro_x64.exe, versión: 3.8.16.310, marca de tiempo: 0x5ddff015
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000002c673d
Id. del proceso con errores: 0x848
Hora de inicio de la aplicación con errores: 0x01d5b20d0fe67b2e
Ruta de acceso de la aplicación con errores: C:\Users\palote\Desktop\hitmanpro_x64.exe
Ruta de acceso del módulo con errores: C:\Users\palote\Desktop\hitmanpro_x64.exe
Id. del informe: 11d8c79b-1e02-11ea-abb1-f7ac0c7e5f5c
XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Application Error" />
    <EventID Qualifiers="0">1000</EventID>
    <Level>2</Level>
    <Task>100</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-12-13T23:41:23.000000000Z" />
    <EventRecordID>52211</EventRecordID>
    <Channel>Application</Channel>
    <Computer>palote-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>hitmanpro_x64.exe</Data>
    <Data>3.8.16.310</Data>
    <Data>5ddff015</Data>
    <Data>hitmanpro_x64.exe</Data>
    <Data>3.8.16.310</Data>
    <Data>5ddff015</Data>
    <Data>c0000005</Data>
    <Data>00000000002c673d</Data>
    <Data>848</Data>
    <Data>01d5b20d0fe67b2e</Data>
    <Data>C:\Users\palote\Desktop\hitmanpro_x64.exe</Data>
    <Data>C:\Users\palote\Desktop\hitmanpro_x64.exe</Data>
    <Data>11d8c79b-1e02-11ea-abb1-f7ac0c7e5f5c</Data>
  </EventData>
</Event>
Nombre de registro:Application
Origen:        System Restore
Fecha:         14/12/2019 0:37:07
Id. del evento:8193
Categoría de la tarea:Ninguno
Nivel:         Error
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        palote-PC
Descripción:
No se pudo crear el punto de restauración (proceso = C:\Users\palote\Desktop\hitmanpro_x64.exe ; descripción = Punto de comprobación por HitmanPro; error = 0x8007043c).
XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="System Restore" />
    <EventID Qualifiers="0">8193</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-12-13T23:37:07.000000000Z" />
    <EventRecordID>52210</EventRecordID>
    <Channel>Application</Channel>
    <Computer>palote-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>C:\Users\palote\Desktop\hitmanpro_x64.exe </Data>
    <Data>Punto de comprobación por HitmanPro</Data>
    <Data>0x8007043c</Data>
    <Binary>3C0407809D010000870100009501000022CE28677C6DDA79E28C1C000000000000000000</Binary>
  </EventData>
</Event>
Nombre de registro:Application
Origen:        Microsoft-Windows-WMI
Fecha:         14/12/2019 0:17:31
Id. del evento:10
Categoría de la tarea:Ninguno
Nivel:         Error
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        palote-PC
Descripción:
No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
    <EventID Qualifiers="49152">10</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-12-13T23:17:31.000000000Z" />
    <EventRecordID>52198</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>palote-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>//./root/CIMV2</Data>
    <Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
    <Data>0x80041003</Data>
  </EventData>
</Event>
Nombre de registro:Application
Origen:        Microsoft-Windows-Winlogon
Fecha:         14/12/2019 0:16:04
Id. del evento:6000
Categoría de la tarea:Ninguno
Nivel:         Advertencia
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        palote-PC
Descripción:
El suscriptor de notificaciones winlogon <GPClient> no estaba disponible para controlar un evento de notificación.
XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Winlogon" Guid="{DBE9B383-7CF3-4331-91CC-A3CB16A3B538}" EventSourceName="Wlclntfy" />
    <EventID Qualifiers="32768">6000</EventID>
    <Version>0</Version>
    <Level>3</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-12-13T23:16:04.000000000Z" />
    <EventRecordID>52193</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>palote-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>GPClient</Data>
    <Binary>D9060000</Binary>
  </EventData>
</Event>
Nombre de registro:Application
Origen:        Microsoft-Windows-WMI
Fecha:         14/12/2019 0:07:21
Id. del evento:10
Categoría de la tarea:Ninguno
Nivel:         Error
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        palote-PC
Descripción:
No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
    <EventID Qualifiers="49152">10</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-12-13T23:07:21.000000000Z" />
    <EventRecordID>52166</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>palote-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>//./root/CIMV2</Data>
    <Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
    <Data>0x80041003</Data>
  </EventData>
</Event>

tengo mas errores, pero no se si sirve de algo enviarte más. Porque todo esto lo hago desde modo prueba de fallos, si no, no podria hacer nada. gracias por todo. Pero no tengo ni idea por que funciona en modo prueba de fallos bien y normalmente va tan lento que es horrible hacer nada. Además no puedo desinstalar malwarebites incluso desde modo prueba de fallos. Y me gustaria desinstalarlo y quitar todo lo que sea.

He descargado un programa vuestro y lo he pasado y salían muchos troyanos pero necesitaba activarlo para desinfectar. Hitman se llamaba pero no he podido hacer nada. O sea que seguirá todo en el pc

Gracias por todo dd veras, pero no se como arreglarlo. Espetó vuestra ayuda Un saludo

Hola.

Ninguno de los informes que has puesto corresponde con el informe que tenias que poner, NO creo que sea tan complicado leerse las instrucciones que os ponemos para intentar ayudaros. :face_with_raised_eyebrow:

Te dije que usaras estas indicaciones para buscar el informe :arrow_right: ¿Cuándo y cómo usar el visor de eventos (eventvwr.msc)?

Y además en esas indicaciones hemos puesto un ejemplo de cómo tiene que ser ese informe, SI lo hubieras mirado detenidamente habrías comprobado que NO se parece en NADA con los que TU has puesto. :-1:

Además de poco sirve que uses programas como HitmanPro o caulquier otro si luego NO nos pones el informe del análisis. :confused:

Y todavía NO has contestado las preguntas que te hice en mi último mensaje :arrow_right: publicación #34

SI NO obtengo la información que necesito me resulta imposible hacer de adivino. :mage:

:no_mouth:

No tengo windows original. Mi disco C es de 174 gigas. De los cuales hay libres actualmente 40 gigas. El disco D: que es la particion tiene en total 290 gigas, de los cuales hay libres 50 gigas. El Chequeo CHkdsk ha durado 1 hora y media. Tengo un monton de errores de diferentes numeros id. Te envio el analisis de todo lo que sale en Aplicaciones. Voy a intentar buscar lo que me pides. O por favor dime que es lo que necesitas para hacerlo bien y cuanto antes…


Nombre de registro:Application
Origen:        Microsoft-Windows-Wininit
Fecha:         14/12/2019 23:02:30
Id. del evento:1001
Categoría de la tarea:Ninguno
Nivel:         Información
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        palote-PC
Descripción:


Comprobando el sistema de archivos en C:
El tipo del sistema de archivos es NTFS.

Se ha programado una comprobación del disco.
Windows comprobará ahora el disco.                       

CHKDSK está comprobando archivos (etapa 1 de 5)...
  342016 registros de archivos procesados.                               

Comprobación de archivos completada.
  1246 registros de archivos grandes procesados.                       

  0 registros de archivos no válidos procesados.                    

  0 registros de EA procesados.                                           

  93 registros de análisis procesados.                               

CHKDSK está comprobando índices (etapa 2 de 5)...
  418068 entradas de índice procesadas.                                        

Comprobación de índices completada.
  0 archivos no indizados examinados.                               

  0 archivos no indizados recuperados.                              

CHKDSK está comprobando descriptores de seguridad (etapa 3 de 5)...
  342016 SD/SID de archivo procesados.                                        

Liberando 130 entradas de índice no usadas del índice $SII del archivo 0x9.
Liberando 130 entradas de índice no usadas del índice $SDH del archivo 0x9.
Liberando 130 descriptores de seguridad no usados.
Comprobación de descriptores de seguridad completada.
  38027 archivos de datos procesados.                                   

CHKDSK está comprobando el diario USN...
  35346872 bytes de USN procesados.                                            

Se ha completado la comprobación del diario USN.
CHKDSK está comprobando los datos de archivo (etapa 4 de 5)...
  342000 archivos procesados.                                                

Comprobación de datos de archivo completada.
CHKDSK está comprobando el espacio disponible (etapa 5 de 5)...
  10508329 clústeres disponibles procesados.                               

La comprobación del espacio disponible se completó.
Windows ha comprobado el sistema de archivos y no encontró problemas.

 183500799 KB de espacio total en disco.
 140866564 KB en 268480 archivos.
    149656 KB en 38028 índices.
         0 KB en sectores defectuosos.
    451263 KB en uso por el sistema.
El archivo de registro ha ocupado      65536 kilobytes.
  42033316 KB disponibles en disco.

      4096 bytes en cada unidad de asignación.
  45875199 unidades de asignación en disco en total.
  10508329 unidades de asignación disponibles en disco.

Información interna:
00 38 05 00 47 ad 04 00 92 c1 08 00 00 00 00 00  .8..G...........
79 0c 00 00 5d 00 00 00 00 00 00 00 00 00 00 00  y...]...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows ha finalizado la comprobación del disco.
Espere mientras se reinicia el sistema.

ES QUE ME QUEDAN MAS DE 45 ERRORES DE ESOS. DEBO DE ENVIARTE TODOS??? No quiero colapsar. solo dime si sigo enviandote todos los que me quedan. He seguido las instrucciones. pero es que me quedan mas de 50 errores. Pero si hay que hacerlo lo hago. No hay problema.

Hola.

Con poner el único que YO acabo de dejar era suficiente, era cuestion de fijarse ademas de en :

Y lógicamente con el detalle-contenido del informe de ejemplo.

No parece que TU disco o su estructura lógica de índices este muy afectado en sus distintas fases :

Ahora quiero que revises con otra herramienta tu disco para verificar que NO tengas otro tipo de problemas en esos trozos del disco.

  • Descarga Hard Disk Sentinel Professional Trial v5.50 (ZIP) >> desde aquí (y guárdalo en tu escritorio).
  • Descomprime el fichero zip en una carpeta y ejecútalo.
  • Adjunta en tu próxima respuesta una captura de pantalla, donde se aprecie la pantalla principal de este programa, es decir, abre el programa y captura la primera pantalla que te dé. No des clic en ninguna opción dentro de él.
  • Si NO puedes hacer la instalación desde el modo normal de windows hazlo desde el modo seguro. :face_with_raised_eyebrow:

Para subir una imagen sigue estos pasos :arrow_right: Como Insertar una imagen.

Saludos.

Lo he hecho en modo normal.

Aunque va muy lento todavia. He notado algo de mejoria. Chrome muy lento tambien, pero al escribir algo parece que responde en menos tiempo que antes. Pero va de pena todavia.

Tengo el programa abierto segun las fotos que te he enviado hasta que me digais que debo hacer. GRacias

Hola.

Pues parece que NO son problemas de tu disco duro, NO presenta errores NI haciendo la comprobacion desde windows con CHKDSK, NI tampoco conHard Disk Sentinel. :thinking:

Lo más lógico es que sea un problema de Windows o que sea de algun programa/software que hayas instalado recientemente o que hubiese alguna actualizacion que lo pueda provocar. :roll_eyes:

Desde que momento te están pasando estos problemas exactamente…??

Has tenido algún antivirus instalado que hayas desinstalado recientemente y sustituido por otro…??

Instalaste algun programa/software recientemente que pueda coincidir con este problema…??

Me pasa desde el dia 9. Estuve buscando y descargue adobe photoshop 2014 y camera raw. Instalñe camara raw, Pero no lo puedo desinstalar porque no me aparece como instalado. Ni camara raw ni el adobe photoshop 2014. Instalé adwcleanner y malwrebytes. y Eset online. Deberia de quitar todos los registros de todo eso. No es asi??? A ver que tal va. Pero no se como hacerlo. Me imagino que será manual. buscando las carpetas e ir eliminandolas. No es asi?? El único programa que me aparece instalado en Programas y caracteristicas es el hard disk sentinel y el Malwarebytes version 4. Ademas tambien pasé la herramienta Hitmanpro. Pero no pude desinfectar nada de todo lo que salia porque se necesitaba algun codigo. Gracias por vuestra ayuda. A ver si puedo desinfectarlo del todo. Ademas tengo el antivirus de microsoft esential. Va lento todavia. Pero interntet va demasiado. Es eterno abrir una pagina. Y no te digo nada si quiero abrir varias cosas a la vez.

Bien… pues haces lo siguiente, descarga e instala este programa :arrow_right: Manual de Revo Uninstaller :+1:

Y úsalo para desinstalar todos aquellos programas que TU quieras y que puedas ver con este programa.

Cuando Revo te pida, que selecciones el método de desinstalación, seleccionas “Avanzado”.

Si durante el proceso te solicita “Reiniciar” NO lo hagas, dile que NO y deja que Revo siga trabajando.

Cuando termines todos los procesos de desinstalación ya REINICIAS tú el ordenador.

Compruebas el funcionamiento y nos comentas.

Saludos.

Ayer utilice Revo. Desinstalé Malwarebytes y

y cual es la sorpresa que en Programas y caracteristicas no aparece. Pero está en inicio junto a su desistalador. Y cuando le doy a desinstalar, se queda bloqueado y no se desinstala. El ordenador sigue igual. Te envio un par de fotos, para que lo veas. No soy capaz de desinstalarlo. PUEDO INTENTAR HACER LO QUE SEA DESDE EL MODO PRUEBA DE FALLOS??? Porque este ordenador va fatal. y desdespera. Quiero desinstalar todo lo que sea, borrar el eset online, quiero borrar las carpetas de lo que instalé. a ver si es que está infectado en algun sitio de esos.

Hola.

Usa RevoUninstaller desde el modo seguro de windows… :+1:

Para desinstalar cualquier programa NO solo se deben eliminar las carpetas de forma manual, esa manera de hacerlo es totalmente incorrecta, :-1:.

SI desde Windows NO se deja o NO se puede por la razón que sea, lo que se debe usar son programas alternativos que realizan la desinstalación TOTAL del programa, como puede ser RevoUninstaller.

Que despues de usar RevoUninstaller te puedan quedar o aparecer alguna entrada o resto de Malwarebytes o de cualquier otro antivirus es algo normal, basicamente por ser los antivirus “programas” bastante “rebeldes” en sus procesos de desinstalación.

Por eso la gran mayoría de fabricantes de antivirus disponen-proporcionan herramientas específicas para poder realizar la desinstalación “completa” de ese tipo de programas, por aqui te dejo una pagina nuestra con la recopilación de los más usuales :

:arrow_right: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall

En él encontrarás dos programas específicos para Malwarebytes, usa los dos, uno a uno, y después de usar cada uno de ellos REINICIA.

Despues entras en modo seguro de windows de nuevo y vuelves a usar RevoUninstaller para seguir desinstalando todo aquel programa que encuentres y quieras eliminar.

Saludos.

Buenas de nuevo. Al final he conseguido que vaya mucho mejor. Lo que hice fue utilizar el programa Revo . Desinstalé los antivirus que tenia restos de antes y e Hice todo lo que me mandasteis, También limpié archivos basura con Revo, y evidencias con Revo. Y por último Eliminacion irrecuperable. Bueno, Que limpié casi todo. También desinstalé el chrome y un el adobe photoshop que habia instalado ultimo por si acaso. Me queda quitar restos de programas que estan en C: Ejemplo Hard Disk Sentinel y Hitman Pro 3.8 y algun restos como mbamtray.exe de Malwarebytes en C:, tambien Farbar Recovery Scan tool (de First64) No se como desinstalar estos programas y lo más importante. He hecho 2 veces lo de desinstalar malwarebytes y nada de nada. te mando el último reporte:

2019-12-17 22:11:33.918   mb-clean:3.1.0.1035  @ Malwarebytes. All rights reserved.
2019-12-17 22:11:34.843   Find Malwarebytes 3 installation location from C:\Program Files\Malwarebytes\Anti-Malware\.
2019-12-17 22:11:35.674   Malwarebytes self-protection module is not installed.
2019-12-17 22:11:35.681   Launching process:C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /log="C:\Users\palote\AppData\Local\Temp\Mbam3x.log"
2019-12-17 22:11:35.688   Failed to launch C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /log="C:\Users\palote\AppData\Local\Temp\Mbam3x.log", reason:((error=2))
2019-12-17 22:11:35.696   >>>>>> Starting 2nd phase cleanup for Malwarebytes version 3.x.x.xxxx <<<<<<
2019-12-17 22:11:35.703   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2019-12-17 22:11:35.710   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2019-12-17 22:11:35.717   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2019-12-17 22:11:35.724   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2019-12-17 22:11:35.731   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2019-12-17 22:11:35.739   HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2019-12-17 22:11:35.746   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2019-12-17 22:11:37.725   Trying to delete path C:\ProgramData\Malwarebytes\
2019-12-17 22:11:37.732   Cannot delete path C:\ProgramData\Malwarebytes\, reason:((error=3))
2019-12-17 22:11:37.741   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2019-12-17 22:11:37.749   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:((error=3))
2019-12-17 22:11:37.756   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2019-12-17 22:11:37.765   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2019-12-17 22:11:37.795   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2019-12-17 22:11:37.806   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\
2019-12-17 22:11:37.839   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\
2019-12-17 22:11:37.847   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\, reason:((error=145))
2019-12-17 22:11:37.855   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\ on reboot
2019-12-17 22:11:37.864   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\
2019-12-17 22:11:37.873   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\
2019-12-17 22:11:37.936   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\
2019-12-17 22:11:37.945   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\, reason:((error=145))
2019-12-17 22:11:37.953   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\ on reboot
2019-12-17 22:11:37.961   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\
2019-12-17 22:11:37.979   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\
2019-12-17 22:11:37.988   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\, reason:((error=145))
2019-12-17 22:11:37.996   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\ on reboot
2019-12-17 22:11:38.005   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\
2019-12-17 22:11:38.014   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\, reason:((error=145))
2019-12-17 22:11:38.022   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\ on reboot
2019-12-17 22:11:38.031   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2019-12-17 22:11:38.039   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\, reason:((error=145))
2019-12-17 22:11:38.047   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\ on reboot
2019-12-17 22:11:38.056   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\
2019-12-17 22:11:38.082   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\
2019-12-17 22:11:38.091   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\, reason:((error=145))
2019-12-17 22:11:38.098   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\ on reboot
2019-12-17 22:11:38.107   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2019-12-17 22:11:38.133   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\
2019-12-17 22:11:38.180   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\
2019-12-17 22:11:38.188   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\, reason:((error=145))
2019-12-17 22:11:38.196   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\ on reboot
2019-12-17 22:11:38.205   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\
2019-12-17 22:11:38.223   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\
2019-12-17 22:11:38.232   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\, reason:((error=145))
2019-12-17 22:11:38.240   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\ on reboot
2019-12-17 22:11:38.248   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2019-12-17 22:11:38.256   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\, reason:((error=145))
2019-12-17 22:11:38.264   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\ on reboot
2019-12-17 22:11:38.272   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\
2019-12-17 22:11:38.292   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\Private\
2019-12-17 22:11:38.308   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\Private\
2019-12-17 22:11:38.316   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\Private\, reason:((error=145))
2019-12-17 22:11:38.324   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\Private\ on reboot
2019-12-17 22:11:38.332   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\
2019-12-17 22:11:38.341   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\, reason:((error=145))
2019-12-17 22:11:38.349   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\ on reboot
2019-12-17 22:11:38.358   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Templates.2\
2019-12-17 22:11:38.397   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Templates.2\
2019-12-17 22:11:38.405   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Templates.2\, reason:((error=145))
2019-12-17 22:11:38.413   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Templates.2\ on reboot
2019-12-17 22:11:38.421   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\XmlListModel\
2019-12-17 22:11:38.443   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\XmlListModel\
2019-12-17 22:11:38.451   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\XmlListModel\, reason:((error=145))
2019-12-17 22:11:38.459   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\XmlListModel\ on reboot
2019-12-17 22:11:38.467   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2019-12-17 22:11:38.476   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\, reason:((error=145))
2019-12-17 22:11:38.483   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\ on reboot
2019-12-17 22:11:38.493   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\
2019-12-17 22:11:38.501   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\, reason:((error=145))
2019-12-17 22:11:38.510   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\ on reboot
2019-12-17 22:12:26.245   --------END OF LOG FILE ----------
2019-12-17 22:13:59.158   >>>>>Starting post reboot phase cleanup for Malwarebytes version 3.x.x.xxxx <<<<<<<<.
2019-12-17 22:13:59.298   Trying to delete REG key: HKCU\SOFTWARE\Malwarebytes
2019-12-17 22:13:59.298   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2019-12-17 22:13:59.298   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2019-12-17 22:13:59.298   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2019-12-17 22:13:59.298   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2019-12-17 22:13:59.298   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2019-12-17 22:13:59.828   HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2019-12-17 22:14:03.619   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2019-12-17 22:14:06.334   Trying to delete path C:\ProgramData\Malwarebytes\
2019-12-17 22:14:10.109   Cannot delete path C:\ProgramData\Malwarebytes\, reason:((error=3))
2019-12-17 22:14:10.124   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2019-12-17 22:14:10.124   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:((error=3))
2019-12-17 22:14:10.140   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2019-12-17 22:14:10.171   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2019-12-17 22:14:10.171   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2019-12-17 22:14:10.187   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\
2019-12-17 22:14:10.234   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\
2019-12-17 22:14:10.249   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\, reason:((error=145))
2019-12-17 22:14:10.249   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\ on reboot
2019-12-17 22:14:10.265   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\
2019-12-17 22:14:10.265   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\
2019-12-17 22:14:10.670   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\
2019-12-17 22:14:10.670   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\, reason:((error=145))
2019-12-17 22:14:10.686   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\ on reboot
2019-12-17 22:14:10.686   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\
2019-12-17 22:14:10.702   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\
2019-12-17 22:14:10.717   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\, reason:((error=145))
2019-12-17 22:14:10.717   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\ on reboot
2019-12-17 22:14:10.733   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\
2019-12-17 22:14:10.748   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\, reason:((error=145))
2019-12-17 22:14:10.748   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\ on reboot
2019-12-17 22:14:10.764   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\
2019-12-17 22:14:10.764   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\, reason:((error=145))
2019-12-17 22:14:10.780   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\ on reboot
2019-12-17 22:14:10.780   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\
2019-12-17 22:14:10.873   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\
2019-12-17 22:14:10.873   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\, reason:((error=145))
2019-12-17 22:14:10.889   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\ on reboot
2019-12-17 22:14:10.889   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2019-12-17 22:14:10.904   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\
2019-12-17 22:14:10.920   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\
2019-12-17 22:14:10.936   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\, reason:((error=145))
2019-12-17 22:14:10.936   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\images\ on reboot
2019-12-17 22:14:10.951   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\
2019-12-17 22:14:10.967   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\
2019-12-17 22:14:10.967   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\, reason:((error=145))
2019-12-17 22:14:10.982   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\ on reboot
2019-12-17 22:14:10.982   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\
2019-12-17 22:14:10.998   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\, reason:((error=145))
2019-12-17 22:14:10.998   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\ on reboot
2019-12-17 22:14:11.014   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\
2019-12-17 22:14:11.014   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\Private\
2019-12-17 22:14:11.092   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\Private\
2019-12-17 22:14:11.107   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\Private\, reason:((error=145))
2019-12-17 22:14:11.107   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\Private\ on reboot
2019-12-17 22:14:11.123   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\
2019-12-17 22:14:11.123   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\, reason:((error=145))
2019-12-17 22:14:11.138   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\ on reboot
2019-12-17 22:14:11.138   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Templates.2\
2019-12-17 22:14:11.232   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Templates.2\
2019-12-17 22:14:11.232   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Templates.2\, reason:((error=145))
2019-12-17 22:14:11.248   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Templates.2\ on reboot
2019-12-17 22:14:11.248   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\XmlListModel\
2019-12-17 22:14:11.263   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\XmlListModel\
2019-12-17 22:14:11.263   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\XmlListModel\, reason:((error=145))
2019-12-17 22:14:11.279   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\XmlListModel\ on reboot
2019-12-17 22:14:11.279   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\
2019-12-17 22:14:11.294   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\, reason:((error=145))
2019-12-17 22:14:11.294   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\ on reboot
2019-12-17 22:14:11.310   Trying to delete file or folder: C:\Program Files\Malwarebytes\Anti-Malware\
2019-12-17 22:14:11.310   Failed to delete C:\Program Files\Malwarebytes\Anti-Malware\, reason:((error=145))
2019-12-17 22:14:11.326   Trying to delete file or folder C:\Program Files\Malwarebytes\Anti-Malware\ on reboot
2019-12-17 22:16:32.886   --------END OF LOG FILE ----------

Hola.

Excelente. :+1:

Que restos de antivirus tenias…??

Que antivirus has dejado operativo…??

Correcto. :clap:

Esos programas deberias poder verlos desde Revouninstaller… :thinking:

Ese resto donde te aparece y te sigue apareciendo después de usar las dos herramientas específicas de Malwarebytes…??

Los programas o herramientas o al menos la gran mayoría que nosotros te indicamos de momento NO las elimines por si todavía las necesitamos, y YA te daremos instrucciones finales para poder eliminarlas.

Según el informe que pones de Malwarebytes éste YA no debe estar NI en tu ordenador NI tampoco debe figurar desde Revouninstaller, otra cosa es que por el mal funcionamiento de tu equipo haya quedado algún resto de él.

Pero de eso NO te preocupes porque con FRST podemos ver lo que queda de esos restos u otros y eliminarlos.

Saludos.

He vuelto a pasar el First.exe. He visto que tengo esto y se supone que he desinstalado. Podria intervenir para que vaya lento mi pc???

C:\Windows\Tasks\AdwCleaner_onReboot.job Task: {21AB56F4-A2E1-449B-A1E1-3FB111E310FD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe

Reportes:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by palote (administrator) on PALOTE-PC (Packard Bell EasyNote TS11HR) (18-12-2019 17:12:18)
Running from C:\Users\palote\Desktop
Loaded Profiles: palote (Available Profiles: palote)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Macrovision Europe Ltd.) [File not signed] C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1605632 2010-11-14] (Intel® Corporation) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2018-01-21] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [DriverMax] => [X]
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [DriverMax_RESTART] => [X]
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36060048 2019-12-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {0ca4efe8-61c8-11e9-a6f6-b05bee847e5f} - F:\startme.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {53025a57-0adb-11ea-af64-f077d438f75c} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {5833cbe9-70d3-11e8-9a61-bccf7b3ad459} - G:\Setup.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {5833cbea-70d3-11e8-9a61-bccf7b3ad459} - G:\Setup.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {5833ccf9-70d3-11e8-9a61-bccf7b3ad459} - G:\shelexec.exe \index.htm
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {6d41e6f2-cbfd-11e8-9c9b-8595b2bb2c25} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {7934f69b-70ac-11e8-ba8f-bf4241aaae51} - G:\Setup.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {7a3cbb87-fb1b-11e9-96ed-968570daf421} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {f27181e7-be31-11e8-a5ce-8c630a438d5f} - G:\startme.exe
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inicio rápido de Adobe Acrobat.lnk [2018-02-20]
ShortcutTarget: Inicio rápido de Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1040-7D00-7760-000000000003}\_SC_Acrobat.exe () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1683147B-9EC7-444E-95B3-6538802E8773} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [12762872 2018-03-06] (Piriform Ltd -> Piriform Ltd)
Task: {1FD4FA0C-52A8-43A3-9AD4-132A06629B06} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-21] (Google Inc -> Google Inc.)
Task: {21AB56F4-A2E1-449B-A1E1-3FB111E310FD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {24827C41-D141-4AF0-898F-40A95242A17E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-21] (Google Inc -> Google Inc.)
Task: {313498E0-D1C5-46CF-9D4D-A91171CC84D4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {469ADE91-9A19-4528-B874-23099FF2DBE9} - System32\Tasks\{004E9BDA-58C4-494E-81C4-6414580E37FB} => C:\Windows\system32\pcalua.exe -a E:\DRIVER\setup.exe -d E:\DRIVER
Task: {4D0524F6-B561-422A-8DB2-9CA649A80546} - System32\Tasks\{F1414C1C-1E8D-498C-8B92-2D986588BF45} => C:\Windows\system32\pcalua.exe -a "F:\DISCO DURO PORTATIL OCT2017\DRIVERS Y PROGRAMAS2\winamp3_0-full.exe" -d "F:\DISCO DURO PORTATIL OCT2017\DRIVERS Y PROGRAMAS2"
Task: {4F7A5A14-75CE-4F13-8CC8-CDF4AC5BCEDF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {62EAFB79-B6B6-4E0E-B436-8FBB1417B052} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {935EE8E5-B146-4FDE-922C-52DC3C1506F9} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {9FDE5E3A-D542-47BC-90A6-E96CDD9BFDDE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A3082D1E-6311-4D44-9461-F40047D1E873} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {B31DF376-3123-449F-A8C0-4A429116E19C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B4C44C34-AA1D-4A57-87B0-8B73300BF4CF} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C69D7CEE-D549-42DE-8910-C231D1858135} - System32\Tasks\{3AEEEC24-24F1-40A8-90E0-F4EA3F088D42} => C:\Windows\system32\pcalua.exe -a "C:\Users\palote\Downloads\programas\reproductor windows media player win7\MPSetup.exe" -d "C:\Users\palote\Downloads\programas\reproductor windows media player win7"
Task: {D44D2DA2-2381-4F91-AEE2-E60933E89683} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {FA7995C5-6660-4BDD-A249-419DFCF69C16} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\palote\Downloads\adwcleaner_8.0.0.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{462BE81E-6AE6-419A-A914-810D3A642BE8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8A180360-E0F8-42FB-B6D0-1F034C58507A}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.es/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Aplicación auxiliar de vínculos de Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll [2012-11-16] (Wondershare Software Co., Ltd.  -> Wondershare Software Co., Ltd.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: (Wondershare Video Converter Ultimate) - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2018-04-18] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.elpais.com/"
CHR Profile: C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default [2019-12-17]
CHR Extension: (Presentaciones) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-21]
CHR Extension: (Safe Torrent Scanner) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2019-08-05]
CHR Extension: (Documentos) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-21]
CHR Extension: (Google Drive) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-21]
CHR Extension: (YouTube) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-21]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp [2018-04-18]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-10]
CHR Extension: (Hojas de cálculo) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-21]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-27]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-08]
CHR Extension: (Download with JDownloader) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpmbokkdeapjommajdfmmheiiakdlgo [2018-10-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR Profile: C:\Users\palote\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-17]
CHR Profile: C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-12-17]
CHR Extension: (Presentaciones) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-21]
CHR Extension: (Documentos) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-21]
CHR Extension: (Google Drive) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-21]
CHR Extension: (YouTube) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-21]
CHR Extension: (Hojas de cálculo) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-21]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-29]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-21]
CHR Extension: (Gmail) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-29]
CHR Profile: C:\Users\palote\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-17]
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2018-04-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-07-06] (BattlEye Innovations e.K. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-12-05] (Dropbox, Inc -> Dropbox, Inc.)
S2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [499200 2010-11-07] (Red Bend Ltd.) [File not signed]
S4 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22304 2018-01-17] (Intel(R) Driver & Support Assistant -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-07-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [888080 2018-03-07] (Intel(R) Software Development Products -> )
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2018-02-20] (Macrovision Europe Ltd.) [File not signed]
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Sony Ericsson Mobile Communication -> Avanquest Software) [File not signed]
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [183568 2018-03-07] (Intel(R) Software Development Products -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH -> TeamViewer GmbH)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [888080 2018-03-07] (Intel(R) Software Development Products -> )
S4 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [869376 2010-11-07] (Intel(R) Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare software CO., LIMITED -> Wondershare)
S4 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2548224 2019-09-05] (Sony) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BazisPortableCDBus; C:\Windows\System32\drivers\BazisPortableCDBus.sys [268896 2018-06-15] (Avtonomniy Energoservis, ZAO -> SysProgs.org)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [57728 2019-12-14] (SurfRight B.V. -> )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [80384 2018-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [180736 2018-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-03-07] (Intel Corporation -> )
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2018-04-28] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 U6000ALL; C:\Windows\System32\DRIVERS\U6000ALL.sys [276480 2008-11-24] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation -> Microsoft Corporation)
U3 aswbdisk; no ImagePath
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-18 17:12 - 2019-12-18 17:13 - 000029263 _____ C:\Users\palote\Desktop\FRST.txt
2019-12-18 17:09 - 2019-12-18 17:09 - 002264064 _____ (Farbar) C:\Users\palote\Desktop\FRST64.exe
2019-12-17 22:11 - 2019-12-17 22:16 - 000018249 _____ C:\Users\palote\Desktop\mb-clean-results.txt
2019-12-17 17:13 - 2019-12-17 17:13 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2019-12-17 17:13 - 2019-12-17 17:13 - 000000000 ____D C:\Program Files\Microsoft Security Client
2019-12-17 17:13 - 2019-12-17 17:13 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2019-12-17 17:12 - 2019-12-17 17:12 - 015083200 _____ (Microsoft Corporation) C:\Users\palote\Desktop\mseinstall.exe
2019-12-17 16:26 - 2019-12-17 16:26 - 000007022 _____ C:\Users\palote\Documents\cc_20191217_162649.reg
2019-12-16 22:40 - 2019-12-16 22:40 - 000000000 ____D C:\Users\palote\AppData\Roaming\VS Revo Group
2019-12-16 21:20 - 2019-12-16 21:20 - 000003072 _____ C:\Users\palote\networksettings.txt
2019-12-16 06:07 - 2019-12-17 21:44 - 000000994 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-12-16 06:07 - 2019-12-17 21:44 - 000000994 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2019-12-16 06:07 - 2019-12-17 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-12-16 06:07 - 2019-12-16 06:07 - 000000000 ____D C:\Program Files\VS Revo Group
2019-12-16 06:03 - 2019-12-16 06:05 - 007411912 _____ (VS Revo Group ) C:\Users\palote\Desktop\revosetup.exe
2019-12-16 05:44 - 2019-12-16 05:54 - 000004943 _____ C:\Windows\system32\default_error_stack-000010-000000.txt
2019-12-15 22:30 - 2019-12-15 22:30 - 000004943 _____ C:\Windows\system32\default_error_stack-000009-000000.txt
2019-12-15 22:00 - 2019-12-15 22:00 - 000004943 _____ C:\Windows\system32\default_error_stack-000008-000000.txt
2019-12-15 21:29 - 2019-12-15 21:29 - 000004943 _____ C:\Windows\system32\default_error_stack-000007-000000.txt
2019-12-15 20:59 - 2019-12-15 20:59 - 000004943 _____ C:\Windows\system32\default_error_stack-000006-000000.txt
2019-12-15 20:28 - 2019-12-15 20:28 - 000004943 _____ C:\Windows\system32\default_error_stack-000005-000000.txt
2019-12-15 19:58 - 2019-12-15 19:58 - 000004943 _____ C:\Windows\system32\default_error_stack-000004-000000.txt
2019-12-15 19:27 - 2019-12-15 19:27 - 000004943 _____ C:\Windows\system32\default_error_stack-000003-000000.txt
2019-12-15 18:57 - 2019-12-15 18:57 - 000004943 _____ C:\Windows\system32\default_error_stack-000002-000000.txt
2019-12-15 18:26 - 2019-12-15 18:26 - 000004943 _____ C:\Windows\system32\default_error_stack-000001-000000.txt
2019-12-15 17:56 - 2019-12-15 17:56 - 000004943 _____ C:\Windows\system32\default_error_stack-000000-000000.txt
2019-12-15 11:13 - 2019-12-15 11:13 - 000000000 ____D C:\Users\palote\AppData\Roaming\Hard Disk Sentinel
2019-12-15 11:11 - 2019-12-16 06:30 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2019-12-15 11:07 - 2019-12-15 11:07 - 000000000 ____D C:\Users\palote\Desktop\hdsentinel_trial_setup
2019-12-14 23:44 - 2019-12-14 23:50 - 000018615 _____ C:\Users\palote\Desktop\analisis errores varios.xlsx
2019-12-14 00:29 - 2019-12-14 00:29 - 000057728 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2019-12-14 00:28 - 2019-12-14 00:41 - 000000000 ____D C:\ProgramData\HitmanPro
2019-12-14 00:28 - 2019-12-14 00:28 - 011575104 _____ (SurfRight B.V.) C:\Users\palote\Desktop\hitmanpro_x64.exe
2019-12-13 17:37 - 2019-12-13 17:37 - 000000263 _____ C:\Users\palote\Desktop\DelFix.txt
2019-12-13 17:24 - 2019-12-13 17:37 - 000000263 _____ C:\DelFix.txt
2019-12-12 00:27 - 2019-12-18 17:13 - 000000000 ____D C:\FRST
2019-12-09 23:57 - 2019-12-12 00:52 - 000000000 ____D C:\Users\palote\AppData\Local\ElevatedDiagnostics
2019-12-09 23:11 - 2019-12-09 23:11 - 000014081 ____N C:\Users\palote\Downloads\Adobe.Photoshop.CC.2014.v15.2.rar.torrent
2019-12-09 23:11 - 2019-12-09 23:11 - 000000000 ____D C:\Users\palote\AppData\Roaming\2178518db49a54ff2ed70e8e6db8fdb8OLD
2019-12-09 23:11 - 2019-12-09 23:11 - 000000000 ____D C:\bcafb
2019-12-09 23:10 - 2019-12-09 23:10 - 000000829 _____ C:\Users\palote\Downloads\adobe_photoshop_cc_2014_v_15.zip
2019-12-09 23:10 - 2019-12-09 23:10 - 000000829 _____ C:\Users\palote\Downloads\adobe_photoshop_cc_2014_v_15 (1).zip
2019-12-09 19:56 - 2019-12-09 19:59 - 271106338 _____ C:\Users\palote\Downloads\CameraRaw_9_1_1.zip
2019-12-09 19:47 - 2019-12-09 19:47 - 000000040 ____H C:\C7F04CFB1071
2019-12-09 19:47 - 2019-12-09 19:47 - 000000000 ____D C:\Users\palote\AppData\LocalLow\Adobe
2019-12-09 19:46 - 2019-12-09 23:33 - 000000000 ____D C:\Program Files (x86)\Photoshop Cs6
2019-12-09 00:47 - 2019-12-09 00:47 - 000020781 _____ C:\Users\palote\Downloads\Zohan_Licencia_Para_Peinar_HDRip.torrent
2019-12-09 00:46 - 2019-12-09 00:46 - 000020303 _____ C:\Users\palote\Downloads\Este_Cuerpo_No_Es_El_Mio_BluRay720p.torrent
2019-12-09 00:43 - 2019-12-09 00:43 - 000019468 _____ C:\Users\palote\Downloads\Te_Presento_A_Sofia_HDRip.torrent
2019-12-09 00:41 - 2019-12-09 00:41 - 000015650 _____ C:\Users\palote\Downloads\It_Capitulo2_HDRip.torrent
2019-12-09 00:39 - 2019-12-09 00:39 - 000021373 _____ C:\Users\palote\Downloads\Venganza_Bajo_Cero_HDRip.torrent
2019-12-09 00:33 - 2019-12-09 00:33 - 000066716 _____ C:\Users\palote\Downloads\Un-Verano-En-Ibiza-2019.avi.torrent
2019-12-08 21:27 - 2019-12-08 21:28 - 008218800 _____ (Malwarebytes) C:\Users\palote\Downloads\adwcleaner_8.0.0.exe
2019-12-08 15:58 - 2019-12-08 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-12-05 17:52 - 2019-12-05 17:52 - 000188997 _____ C:\Users\palote\Desktop\Factura cristales  Maria_ 1.pdf
2019-12-05 17:42 - 2019-12-05 17:44 - 000000000 ____D C:\Users\palote\Documents\Ortodoncia Maria
2019-12-05 02:23 - 2019-12-05 02:23 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-12-05 02:23 - 2019-12-05 02:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-12-05 02:23 - 2019-12-05 02:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-12-05 02:23 - 2019-12-05 02:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-12-03 00:04 - 2019-12-03 00:05 - 000000000 ____D C:\Users\palote\Documents\Factura maria ballesteros
2019-12-02 22:15 - 2019-12-08 21:29 - 000000290 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-11-29 23:49 - 2019-12-15 00:48 - 000000000 ____D C:\Users\palote\Documents\Maria Historial Colegio
2019-11-29 20:51 - 2019-11-29 20:51 - 000186027 _____ C:\Users\palote\Documents\facturas noviembre 2.pdf
2019-11-29 20:49 - 2019-11-29 20:49 - 000247805 _____ C:\Users\palote\Documents\facturas noviembre.pdf
2019-11-19 22:14 - 2019-11-19 22:14 - 000094526 _____ C:\Users\palote\Downloads\T30007964781-1019.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-18 16:58 - 2009-07-14 05:45 - 000021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-18 16:58 - 2009-07-14 05:45 - 000021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-18 16:47 - 2018-02-01 23:51 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-18 16:47 - 2018-01-30 20:47 - 000000988 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-12-18 16:47 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-17 21:59 - 2019-05-06 19:30 - 000000000 ____D C:\Users\palote\Desktop\maria pen
2019-12-17 21:58 - 2019-04-24 19:47 - 000000000 ____D C:\Users\palote\Downloads\programas
2019-12-17 21:37 - 2018-01-30 20:47 - 000000992 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-12-17 17:14 - 2018-01-21 22:40 - 000001912 _____ C:\Windows\epplauncher.mif
2019-12-17 17:06 - 2011-04-12 10:10 - 000751282 _____ C:\Windows\system32\perfh00A.dat
2019-12-17 17:06 - 2011-04-12 10:10 - 000160292 _____ C:\Windows\system32\perfc00A.dat
2019-12-17 17:06 - 2009-07-14 06:13 - 001685960 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-17 17:06 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-12-17 16:28 - 2019-03-26 18:56 - 000000000 ____D C:\Users\palote\AppData\Local\BitTorrentHelper
2019-12-17 16:28 - 2018-12-09 22:32 - 000000000 ____D C:\Users\palote\AppData\Roaming\PhotoScape
2019-12-17 16:28 - 2018-01-21 22:51 - 000000000 ____D C:\Users\palote\AppData\Roaming\uTorrent
2019-12-17 16:18 - 2018-01-21 22:19 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-17 15:50 - 2018-04-26 23:03 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software
2019-12-17 00:24 - 2019-09-01 11:33 - 000000000 ____D C:\Users\palote\AppData\Local\CrashDumps
2019-12-17 00:24 - 2018-07-10 13:41 - 000000000 ____D C:\Users\palote\Desktop\María Jiménez
2019-12-16 21:20 - 2018-01-19 22:05 - 000000000 ____D C:\Users\palote
2019-12-16 20:52 - 2018-03-13 17:59 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-16 15:59 - 2018-01-21 15:49 - 000003718 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2019-12-14 23:52 - 2019-10-27 22:50 - 000001073 _____ C:\Users\Public\Desktop\Wondershare Filmora.lnk
2019-12-14 23:52 - 2019-10-27 22:50 - 000001073 _____ C:\ProgramData\Desktop\Wondershare Filmora.lnk
2019-12-14 15:23 - 2018-01-21 13:40 - 001705458 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-12-13 23:23 - 2018-09-13 14:50 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2019-12-13 23:23 - 2018-02-20 20:25 - 000000000 ____D C:\ProgramData\FLEXnet
2019-12-13 23:23 - 2018-01-30 20:55 - 000000000 ___RD C:\Users\palote\Dropbox
2019-12-13 23:23 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2019-12-12 22:03 - 2018-01-21 18:03 - 000000000 ____D C:\Users\palote\AppData\Roaming\vlc
2019-12-12 00:47 - 2018-04-20 20:57 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-12 00:47 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-12-10 00:12 - 2018-05-03 20:54 - 000000000 ____D C:\Users\palote\AppData\Local\cache
2019-12-09 23:25 - 2018-01-21 22:55 - 000000000 ____D C:\jdownloader
2019-12-09 23:11 - 2018-01-19 22:59 - 000000000 ____D C:\ProgramData\Intel
2019-12-09 23:11 - 2017-12-25 00:00 - 000000000 ____D C:\Users\palote\AppData\Roaming\2178518db49a54ff2ed70e8e6db8fdb8
2019-12-09 20:01 - 2018-03-11 21:45 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-12-09 12:18 - 2018-12-07 17:33 - 000000000 ____D C:\Users\palote\Documents\Camtasia Studio
2019-12-08 15:58 - 2018-01-30 20:47 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-12-02 19:42 - 2018-01-21 13:43 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-11-30 20:47 - 2019-04-24 19:42 - 000000000 ____D C:\Users\palote\Downloads\ebooks

==================== Files in the root of some directories ========

2019-09-05 14:11 - 2019-11-16 21:05 - 000000194 _____ () C:\Users\palote\AppData\Roaming\default.rss
2018-09-23 11:49 - 2019-09-01 10:49 - 000009216 _____ () C:\Users\palote\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-16 11:49 - 2018-12-16 11:49 - 000000218 _____ () C:\Users\palote\AppData\Local\recently-used.xbel
2018-11-19 20:27 - 2018-11-19 20:27 - 000000017 _____ () C:\Users\palote\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-09 15:00
==================== End of FRST.txt ========================

[

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by palote (18-12-2019 17:14:14)
Running from C:\Users\palote\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-01-19 21:05:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3253742837-1388098199-733594754-500 - Administrator - Disabled)
Invitado (S-1-5-21-3253742837-1388098199-733594754-501 - Limited - Disabled)
palote (S-1-5-21-3253742837-1388098199-733594754-1000 - Administrator - Enabled) => C:\Users\palote

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Nero SoundTrax Help (HKLM-x32\...\{B96C2601-52F5-4D5D-816A-63469EA311EF}) (Version: 4.0.15.0 - Nero AG) Hidden
. . (HKLM\...\{569F29BA-2D46-439B-8B7C-01D999B9201D}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{9F460796-0348-4B11-BCA0-714C4B85E3D7}) (Version: 3.1.2.2 - Intel) Hidden
µTorrent (HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
[email protected] File Recovery Professional 10 (HKLM-x32\...\{C34F36E0-4D8B-42E8-90AD-50C76E1AE282}_is1) (Version: 10 - LSoft Technologies Inc)
Adobe Acrobat 8 Professional - Italiano, Español, Nederlands (HKLM-x32\...\Adobe Acrobat 8 Professional - Italiano, Español, Nederlands) (Version: 8.0.0 - Adobe Systems)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}) (Version: 0.0.0.1 - Nero AG) Hidden
Apple Application Support (32 bits) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.2 - Broadcom Corporation)
calibre 64bit (HKLM\...\{97B85054-8AF4-4007-BCCF-C2EBAC8E74F9}) (Version: 3.41.3 - Kovid Goyal)
Camtasia Studio 8 (HKLM-x32\...\{1B57499B-1BEB-426A-A406-D9D004A1D2CE}) (Version: 8.5.0.1954 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7042 - CDBurnerXP)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DolbyFiles (HKLM-x32\...\{56BE5CC9-95E6-4128-ABEA-968414CA9C80}) (Version: 2.0 - Nero AG) Hidden
Doxillion, convertidor de documentos (HKLM-x32\...\Doxillion) (Version: 3.13 - NCH Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 86.4.146 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Drv (HKLM-x32\...\{DA71A94B-3617-4935-8BBE-1566B2174C95}) (Version: 1.00.0000 - My Company Name)
Epic Games Launcher (HKLM-x32\...\{79F5479A-BF71-4F4C-9C49-9D616AF923DE}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Express Burn, grabadora para CD, DVD y Blu-ray (HKLM-x32\...\ExpressBurn) (Version: 7.06 - NCH Software)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FormatFactory 2.90 (HKLM-x32\...\FormatFactory) (Version: 2.90 - Free Time)
Galería de fotos (HKLM-x32\...\{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
honestech VHS to DVD 2.5 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
HP Officejet 7500 E910 Ayuda (HKLM-x32\...\{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}) (Version: 140.0.93.93 - Hewlett Packard)
HP Officejet 7500 E910 Software básico del dispositivo (HKLM\...\{2AF97230-A10A-478A-A529-351354BBCD63}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{F0385150-FF86-4A18-AA55-6ED9E5F87DA7}) (Version: 2.1.03638 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e7adbf16-34ad-490a-a4e8-feb60fb99973}) (Version: 3.1.2.2 - Intel)
iTunes (HKLM\...\{4699F245-9592-4D3A-A0A1-6D4152E9F49B}) (Version: 12.9.5.7 - Apple Inc.)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Machete 4.2 (HKLM-x32\...\{1799612D-556F-4D26-ABB3-3ED6BB98ECE1}) (Version: 4.2.11 - MacheteSoft)
Menu Templates - Starter Kit (HKLM-x32\...\{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}) (Version: 9.0.4.0 - Nero AG) Hidden
Microsoft .NET Framework 4.7.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F25C8769-16B6-4B19-BB0B-76F213829AC6}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Templates - Starter Kit (HKLM-x32\...\{BCD82AB5-670D-4242-90FA-1F97103C16CD}) (Version: 9.0.4.0 - Nero AG) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{1530baa4-b4f4-48bd-9555-90f5485aa0db}) (Version:  - Nero AG)
Paquete de controladores de Windows - Sony Mobile Communications (ggsomc) SOMCFlashDevice  (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PMB_ModeEditor (HKLM-x32\...\{F8063714-BD75-42DC-8FAA-D0E1EED92519}) (Version: 11.0.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{CF081855-ED80-445A-BF63-025584939230}) (Version: 11.0.00 - Sony Corporation) Hidden
Real DVD Studio II (HKLM-x32\...\{5B6455A4-E812-479B-A762-C2356244CF97}) (Version: 1.00.0000 - NPG) Hidden
Real DVD Studio II (HKLM-x32\...\InstallShield_{5B6455A4-E812-479B-A762-C2356244CF97}) (Version: 1.00.0000 - NPG)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Servicio Xperia Companion (HKLM\...\{ED9C6E7D-FA20-4FA0-BC6E-3D05703B03C5}) (Version: 2.7.4.0 - Sony) Hidden
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Software Intel® PROSet/Wireless WiMAX (HKLM\...\{FBCA6D68-2FBE-4A52-8EAA-856CFEA714C8}) (Version: 6.01.0000 - Intel Corporation)
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Update Engine (HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Update Engine) (Version: 2.19.7.201905231210 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.094 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.094 - Sony)
SoundTrax (HKLM-x32\...\{3097B151-1F61-4211-A4CC-D70127B226AE}) (Version: 4.0.18.0 - Nero AG) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 7.6.14.0 - 2BrightSparks)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.88 - NCH Software)
Virtual DJ Pro Full - Atomix Productions (HKLM-x32\...\Virtual DJ Pro Full - Atomix Productions) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WBFS Manager 4.0 (HKLM\...\{D34C07CA-DCF0-4A5C-A4DD-55522B17F4F2}) (Version: 4.0 - WBFS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wondershare Filmora(Build 8.3.1) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare Video Converter Ultimate(Build 6.0.2.2) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.0.2.2 - Wondershare Software)
Wondershare Video Studio Express(Build 1.2.0.4) (HKLM-x32\...\Wondershare Video Studio Express_is1) (Version:  - Wondershare Software)
Xperia Companion (HKLM-x32\...\{dd23851d-6b5f-4299-9299-7fa29040d157}) (Version: 2.7.4.0 - Sony)
Xperia Companion (HKLM-x32\...\{E1C58CBB-69AA-4E5F-B464-8A633811D4BC}) (Version: 2.7.4.0 - Sony) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3253742837-1388098199-733594754-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\palote\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3253742837-1388098199-733594754-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\palote\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3253742837-1388098199-733594754-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\palote\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3253742837-1388098199-733594754-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\palote\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2008-09-19] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_101.dll [2012-01-20] (Free Time) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2012-11-15] (Wondershare Software Co., Ltd.  -> )
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_101.dll [2012-01-20] (Free Time) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2018-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-09-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-09-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-09-20] (Microsoft Corporation) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\palote\Favorites\NCH Software Download.lnk -> hxxp://www.nchsoftware.com/index.htm

==================== Loaded Modules (Whitelisted) =============

2006-11-17 03:47 - 2006-11-17 03:47 - 003387392 _____ () [File not signed] c:\program files (x86)\adobe\acrobat 8.0\acrobat\exlang32.esp
2006-11-17 03:21 - 2006-11-17 03:21 - 000077824 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Accessibility.ESP
2006-11-17 03:22 - 2006-11-17 03:22 - 000802816 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\AcroForm.ESP
2006-11-17 03:23 - 2006-11-17 03:23 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\ADBC.ESP
2006-11-17 03:24 - 2006-11-17 03:24 - 001216512 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Annots.ESP
2006-11-17 03:24 - 2006-11-17 03:24 - 000053248 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Catalog.ESP
2006-11-17 03:24 - 2006-11-17 03:24 - 000192512 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Checkers.ESP
2006-11-17 03:25 - 2006-11-17 03:25 - 000217088 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\DigSig.ESP
2006-11-17 03:25 - 2006-11-17 03:25 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\DistillerPI.ESP
2006-11-17 03:26 - 2006-11-17 03:26 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\eBook.ESP
2006-11-17 03:26 - 2006-11-17 03:26 - 000212992 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Editor.ESP
2006-11-17 03:27 - 2006-11-17 03:27 - 000098304 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\EScript.ESP
2006-11-17 03:27 - 2006-11-17 03:27 - 000006656 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\EWH32.ESP
2006-11-17 03:27 - 2006-11-17 03:27 - 000013312 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\HLS.ESP
2006-11-17 03:28 - 2006-11-17 03:28 - 000061440 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\HTML2PDF.ESP
2006-11-17 03:28 - 2006-11-17 03:28 - 000102400 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\ImageConversion.ESP
2006-08-31 09:28 - 2006-08-31 09:28 - 000008192 ____R () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\InDesignPI.ESP
2006-11-17 03:29 - 2006-11-17 03:29 - 000245760 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\JDFProdDef.ESP
2006-11-17 03:29 - 2006-11-17 03:29 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\MakeAccessible.ESP
2006-11-17 03:29 - 2006-11-17 03:29 - 000159744 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Multimedia.ESP
2006-11-17 03:30 - 2006-11-17 03:30 - 000045056 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\PaperCapture.ESP
2006-11-17 03:30 - 2006-11-17 03:30 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\PDDom.ESP
2006-11-17 03:31 - 2006-11-17 03:31 - 000954368 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\PPKLite.ESP
2006-11-17 03:32 - 2006-11-17 03:32 - 000013312 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\ReadOutLoud.ESP
2006-11-17 03:32 - 2006-11-17 03:32 - 000008704 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\reflow.ESP
2006-11-17 03:32 - 2006-11-17 03:32 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\SaveAsRTF.ESP
2006-11-17 03:32 - 2006-11-17 03:32 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\SaveAsXML.ESP
2006-11-17 03:33 - 2006-11-17 03:33 - 000098304 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Scan.ESP
2006-11-17 03:33 - 2006-11-17 03:33 - 000053248 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Search.ESP
2006-11-17 03:33 - 2006-11-17 03:33 - 000011776 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Search5.ESP
2006-11-17 03:33 - 2006-11-17 03:33 - 000032768 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\SendMail.ESP
2006-11-17 03:33 - 2006-11-17 03:33 - 000036864 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Spelling.ESP
2006-11-17 03:33 - 2006-11-17 03:33 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\TablePicker.ESP
2006-11-17 03:34 - 2006-11-17 03:34 - 000176128 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\TouchUp.ESP
2006-11-17 03:33 - 2006-11-17 03:33 - 000005632 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Updater.ESP
2006-11-17 03:34 - 2006-11-17 03:34 - 000049152 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\weblink.ESP
2006-11-17 03:34 - 2006-11-17 03:34 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\WebPDF.ESP
2006-11-17 03:34 - 2006-11-17 03:34 - 000012800 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\XPS2PDF.ESP
2018-07-05 16:25 - 2018-07-05 16:27 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-07-05 16:27 - 2018-07-05 16:27 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-07-05 16:27 - 2018-07-05 16:27 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2006-08-02 07:52 - 2006-08-02 07:52 - 000126976 ____R (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\asneu.dll
2006-10-23 01:10 - 2006-10-23 01:10 - 000467555 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\ImageViewer.API
2006-10-23 01:24 - 2006-10-23 01:24 - 000671744 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\ACE.dll
2006-09-14 23:20 - 2006-09-14 23:20 - 000212992 ____R (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_epic.dll
2006-09-14 23:46 - 2006-09-14 23:46 - 000208896 ____R (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_pcd.dll
2006-09-14 23:20 - 2006-09-14 23:20 - 000346112 ____R (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\adobe_personalization.dll
2006-10-11 01:06 - 2006-10-11 01:06 - 000466944 ____R (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeLinguistic.dll
2006-10-23 01:24 - 2006-10-23 01:24 - 004883456 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AGM.dll
2006-10-23 01:25 - 2006-10-23 01:25 - 000098816 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\BIB.dll
2006-10-23 01:26 - 2006-10-23 01:26 - 002281472 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\CoolType.dll
2006-10-23 01:09 - 2006-10-23 01:09 - 000352867 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Accessibility.api
2006-10-23 01:11 - 2006-10-23 01:11 - 007147107 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\AcroForm.api
2006-10-23 01:09 - 2006-10-23 01:09 - 000067683 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\ADBC.api
2006-10-23 01:10 - 2006-10-23 01:10 - 004099171 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Annots.api
2006-10-23 01:09 - 2006-10-23 01:09 - 000224355 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Catalog.api
2006-10-23 01:10 - 2006-10-23 01:10 - 000838755 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Checkers.api
2006-10-23 01:10 - 2006-10-23 01:10 - 001141859 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\DigSig.api
2006-10-23 01:10 - 2006-10-23 01:10 - 000089187 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\DistillerPI.api
2006-10-23 01:10 - 2006-10-23 01:10 - 000125027 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\DVA.api
2006-10-23 01:10 - 2006-10-23 01:10 - 000050787 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\eBook.api
2006-10-23 01:11 - 2006-10-23 01:11 - 002932323 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Editor.api
2006-10-23 01:10 - 2006-10-23 01:10 - 001367651 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\EScript.api
2006-10-23 01:11 - 2006-10-23 01:11 - 000124003 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\EWH32.api
2006-10-23 01:10 - 2006-10-23 01:10 - 000051299 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\HLS.api
2006-10-23 01:12 - 2006-10-23 01:12 - 002179171 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\HTML2PDF.api
2006-10-23 01:10 - 2006-10-23 01:10 - 000083555 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\IA32.api
2006-10-23 01:10 - 2006-10-23 01:10 - 000841827 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\ImageConversion.api
2006-10-23 01:10 - 2006-10-23 01:10 - 000082019 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\InDesignPI.api
2006-10-23 01:20 - 2006-10-23 01:20 - 000778339 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\JDFProdDef.api
2006-10-23 01:11 - 2006-10-23 01:11 - 002028643 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\MakeAccessible.api
2006-10-23 01:11 - 2006-10-23 01:11 - 001343587 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Multimedia.api
2006-10-23 01:20 - 2006-10-23 01:20 - 000164451 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\PaperCapture.api
2006-10-23 01:19 - 2006-10-23 01:19 - 000397411 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\PDDom.api
2006-10-23 01:12 - 2006-10-23 01:12 - 006076003 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\PPKLite.api
2006-10-23 01:20 - 2006-10-23 01:20 - 000106595 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\ReadOutLoud.api
2006-10-23 01:21 - 2006-10-23 01:21 - 000362595 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\reflow.api
2006-10-23 01:20 - 2006-10-23 01:20 - 000300643 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\SaveAsRTF.api
2006-10-23 01:20 - 2006-10-23 01:20 - 000335459 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\SaveAsXML.api
2006-10-23 01:22 - 2006-10-23 01:22 - 000740963 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Scan.api
2006-10-23 01:21 - 2006-10-23 01:21 - 000352355 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Search.api
2006-10-23 01:21 - 2006-10-23 01:21 - 000085091 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Search5.api
2006-10-23 01:21 - 2006-10-23 01:21 - 000124515 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\SendMail.api
2006-10-23 01:21 - 2006-10-23 01:21 - 000267875 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Spelling.api
2006-10-23 01:22 - 2006-10-23 01:22 - 000124003 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\TablePicker.api
2006-10-23 01:22 - 2006-10-23 01:22 - 001773667 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\TouchUp.api
2006-10-23 01:22 - 2006-10-23 01:22 - 000157795 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Updater.api
2006-10-23 01:22 - 2006-10-23 01:22 - 000182883 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\weblink.api
2006-10-23 01:12 - 2006-10-23 01:12 - 000662115 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\WebPDF.api
2006-10-23 01:22 - 2006-10-23 01:22 - 001461859 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\XPS2PDF.api
2006-10-23 01:33 - 2006-10-23 01:33 - 002457600 _____ (Adobe Systems, Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Adobelm.dll
2018-01-25 17:22 - 2012-06-09 19:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2006-10-06 12:43 - 2006-10-06 12:43 - 000554083 ____R (callas software gmbh) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Preflight.api
2006-11-17 03:31 - 2006-11-17 03:31 - 000004608 _____ (Callas Software GMBH) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\plug_ins\Preflight.ESP
2012-01-20 12:45 - 2012-01-20 12:45 - 000086016 _____ (Free Time) [File not signed] C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_101.dll
2010-11-07 11:01 - 2010-11-07 11:01 - 000506368 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\iWmxSDK.dll
2010-11-07 10:54 - 2010-11-07 10:54 - 000222720 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\PipeHandler.dll
2010-11-14 11:22 - 2010-11-14 11:22 - 000057344 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\es\WiMAXCU.resources.dll
2010-11-14 11:22 - 2010-11-14 11:22 - 000005120 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\es\WiMAXCU_UICustomControls.resources.dll
2010-11-14 11:22 - 2010-11-14 11:22 - 000009216 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\es\WiMAXCU_UIDisplayWiMAX.resources.dll
2010-11-14 11:22 - 2010-11-14 11:22 - 000061440 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU_BizTier.dll
2010-11-14 11:22 - 2010-11-14 11:22 - 000061440 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU_Common.dll
2010-11-14 11:22 - 2010-11-14 11:22 - 000073728 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU_ServicePublisher.dll
2010-11-14 11:22 - 2010-11-14 11:22 - 000811008 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU_UICustomControls.dll
2010-11-14 11:22 - 2010-11-14 11:22 - 000081920 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU_UIDisplayWiMAX.dll
2010-11-14 11:22 - 2010-11-14 11:22 - 000297472 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU_WiFiCoEx.dll
2010-11-14 11:22 - 2010-11-14 11:22 - 000081920 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU_WiMAXSDKInterop.dll
2006-10-23 01:33 - 2006-10-23 01:33 - 002531328 _____ (Macrovision Europe Ltd.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcrobatFNP.dll
2006-09-15 13:58 - 2006-09-15 13:58 - 000934400 ____R (Macrovision Europe Ltd.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\FNP_Act_Installer.dll
2018-03-07 15:56 - 2018-03-07 15:56 - 001630720 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2018-07-05 16:25 - 2018-07-05 16:25 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:0504E1FDA6C88148 [50]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMInstallerService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMInstallerService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3253742837-1388098199-733594754-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-10-27 22:51 - 000000963 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1                   65.52.240.48
127.0.0.1                   activation.cloud.techsmith.com
127.0.0.1 platform.wondershare.com 

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Calibre2\
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\palote\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{48FEF9F1-4AE2-4976-8608-76C62D30A07E}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Intel(R) Corporation) [File not signed]
FirewallRules: [{2C8FB6A9-2F26-460D-A9D6-56F3547E0066}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Intel(R) Corporation) [File not signed]
FirewallRules: [{4A689A11-1060-4CD1-B067-EBF0D3CC8C23}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Red Bend Ltd.) [File not signed]
FirewallRules: [{36741235-577A-485E-915D-13930D9764E7}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Red Bend Ltd.) [File not signed]
FirewallRules: [{4CA2F73D-B8FF-4C63-8479-A32AC1523929}] => (Allow) C:\Users\palote\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{850BC3B4-2EC4-408F-9BBC-1A12116402D6}] => (Allow) C:\Users\palote\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{06348DD1-D61C-4F04-BB8A-DDB30B88D149}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{A7780E03-97C4-4D8C-9955-16DB763B67F4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{207FA9CA-CFE9-4EF2-9CBC-015A3A162CC5}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{3560CD12-9443-42D4-A0C8-45E9FF7B238B}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [TCP Query User{CD64DC20-832A-4C1B-83B5-ED59A824B564}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{180A9278-7187-441F-985F-747BDCB44ADD}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{A4A517E2-0FA2-4B78-BCE4-445405AB8D1A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{D516FDFA-93FE-4229-B3FA-F908BC5FB601}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{95AE8065-8436-4060-BA03-5D452767315C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF2106E5-5B8E-4EAA-A7C5-94B376E22AE4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{849FF062-5805-48D8-9255-7161FCD084CE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1638B22A-E256-4702-9E46-ECE31EBE1321}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A46AE097-3EE1-4CE6-A7F2-FA327AF8ED9B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C39588D7-A2BA-4F63-A746-7A34DE40DBCE}] => (Allow) C:\Users\palote\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7516BB06-CA72-40BD-A15D-9070C4C65A68}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B662B60-D857-44A6-B851-8AF74DBFB421}] => (Allow) LPort=2869
FirewallRules: [{48A91FA4-1473-4868-87C7-737639AA9D91}] => (Allow) LPort=1900
FirewallRules: [{63654DA4-3B9C-418E-94B6-73EF9E049995}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9A3F897E-600B-4E96-98B6-21920ED15C12}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{41ACA3CB-F21F-4C15-8C87-A3AE599D7B8E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5AC34B7B-7736-489A-A31B-9076525572B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F3C257D0-2995-4FEE-B663-B57DC23CAD6C}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{95FF04D1-5F5D-489A-85E6-F565688E9F5F}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{72A59829-B5D3-4587-A577-1855BF791840}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6BDCD58D-8FAC-4283-A3A0-43107B86E44E}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0B8A7173-2BD9-4860-90B0-B841C7F5803C}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{969837CF-B215-442E-9C92-CE1780C7CC50}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E474A980-D3D2-41DB-B3FF-11FDB2B0FEF1}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0A70AA9F-92DF-4C45-A308-4712AB127422}] => (Allow) C:\ProgramData\Sony Mobile\Update Engine\{8D2A56DB-ACD1-4868-865C-D48E3406598D}\Sony Mobile Update Engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [{9FF85C59-8A29-4FD4-B1EF-8844FEE4353D}] => (Allow) C:\ProgramData\Sony Mobile\Update Engine\{8D2A56DB-ACD1-4868-865C-D48E3406598D}\Sony Mobile Update Engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [TCP Query User{B809CF7C-B57C-467C-AC72-696D69804CDB}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{14E7CEB2-C3D0-4EDA-99ED-A2FF03D801C5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{69CB3D56-EF3F-4015-BBA7-095E5526F9FE}] => (Allow) LPort=8317
FirewallRules: [{76C2E158-B600-473D-AF3D-85DB57D1975D}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [{C5FA2519-B8CA-48E8-9824-AA5B6662AB60}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

16-12-2019 06:32:13 Revo Uninstaller's restore point - Google Chrome
17-12-2019 16:03:02 Windows Update

==================== Faulty Device Manager Devices ============

Name: WirelessKeyboardFilter_01
Description: WirelessKeyboardFilter_01
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controladora Ethernet
Description: Controladora Ethernet
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/18/2019 04:48:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/17/2019 10:22:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/17/2019 10:15:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/17/2019 05:10:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa WINWORD.EXE, versión 12.0.6787.5000, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 6f4

Hora de inicio: 01d5b4f3c4e0faa9

Hora de finalización: 0

Ruta de acceso de la aplicación: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

Identificador de informe: a22fb864-20e7-11ea-9e35-eac7553f705a

Error: (12/17/2019 05:03:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/17/2019 04:41:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/17/2019 03:51:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/17/2019 01:25:04 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Los Servicios de cifrado no pudieron inicializar el objeto "System Writer" de la copia de seguridad de VSS.

Details:
Could not query the status of the EventSystem service.

System Error:
Se está cerrando el sistema.
.


System errors:
=============
Error: (12/18/2019 04:53:00 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (12/18/2019 04:53:00 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (12/18/2019 04:52:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (12/18/2019 04:52:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (12/18/2019 04:52:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Energy Server Service queencreek no respondió después de iniciar.

Error: (12/18/2019 04:51:44 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (12/18/2019 04:51:44 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (12/18/2019 04:47:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


==================== Memory info =========================== 

BIOS: Packard Bell V1.10 04/25/2011
Motherboard: Packard Bell SJV50_HR
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 83%
Total physical RAM: 3947.86 MB
Available physical RAM: 670.38 MB
Total Virtual: 7893.86 MB
Available Virtual: 4203.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:175 GB) (Free:37.9 GB) NTFS
Drive d: () (Fixed) (Total:290.66 GB) (Free:50.06 GB) NTFS

\\?\Volume{29eb5a16-fd59-11e7-a82f-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 59313647)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=175 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=290.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Y quien te dijo que usaras de nuevo FRST…??

Lo que debes hacer es contestar las preguntas que tienes pendientes. :rage:

O sigues mis instrucciones o doy por terminado el tema y haces TU mismo lo que a ti te parezca. :triumph:

Saludos.

1 me gusta

En primer lugar decirte que tu mensaje al ir a trozos, ni me di cuenta de todo lo que ponías, leí el final del mensaje y como ponías lo de first que era para saber lo que había instalado, pues al no poner lo que tenia que hacer supuse que debería hacer eso. Ahora que he leído el mensaje que va por partes, decirte que: queda resto de avast software en task en System 32. queda restos de hard disk sentinel en C: Programa files x86 (no le veo con revounistaller) queda restos de malwarebites en C: programa files el antivirus que tengo es Microsoft security essential.

AHORA YA NO SE QUE HACER. SI CONSIDERAS ACABAR EL TEMA, PUES ADELANTE, AQUI NADIE VA DE LISTO, AL REVES, LA GENTE QUE PIDE AYUDA ES PORQUE NO LO SABE, SI NO, DESDE LUEGO QUE NO CONFIARIA EN VUESTRA PAGINA WEB. Espero una respuesta o cerrado el Tema como sugeriste. Un saludo.

Hola @javisansegundo.

Veamos… precisamente mis respuestas van a “trozos” como tu dices, para ir respondiendo a las multiples cuestiones que cuentas y que te quede lo más claro y ordenado posible.

Cuando uno recibe un mensaje lo que debe hacer es posicionarse en el anterior(que será el tuyo) para releer lo que tú mismo dijiste y a continuación ver entero y completo el siguiente mensaje, con todas las respuesta, esa es la manera para NO perderse nada.

Claro…SI SOLO lees el final sacas las conclusiones que tu quieras, pero lo dicho, menos prisas y más leer tranquilamente TODO lo que te dicen, aplica lo que te habrá dicho tu abuela más de una vez…vísteme despacio que tengo prisa. :face_with_raised_eyebrow:

Nadie dice que vayas de listo, lo que debes IR es de LECTOR y seguidor de indicaciones, con calma y sin prisas de ningún tipo o hacer pasos por tu cuenta, somos un FORO y atendemos cuando podemos y sin tener delante nuestro a vuestros equipos lo que impide que podamos hacer de adivinos.

Necesitamos que seáis nuestros ojos y nos deis informes o respuesta a nuestras preguntas, NI más NI menos e iremos intentando daros instrucciones para poder ir avanzando poco a poco, aquí NO tenemos varitas mágicas y menos en equipos con tantos fallos y problemas como el tuyo.

Estudiaremos tus últimos informes y veremos qué indicaciones te damos.

Saludos.

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Advertising Center (HKLM-x32\...\{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}) (Version: 0.0.0.1 - Nero AG) Hidden
DolbyFiles (HKLM-x32\...\{56BE5CC9-95E6-4128-ABEA-968414CA9C80}) (Version: 2.0 - Nero AG) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Galería de fotos (HKLM-x32\...\{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Menu Templates - Starter Kit (HKLM-x32\...\{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}) (Version: 9.0.4.0 - Nero AG) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F25C8769-16B6-4B19-BB0B-76F213829AC6}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Templates - Starter Kit (HKLM-x32\...\{BCD82AB5-670D-4242-90FA-1F97103C16CD}) (Version: 9.0.4.0 - Nero AG) Hidden
PMB_ModeEditor (HKLM-x32\...\{F8063714-BD75-42DC-8FAA-D0E1EED92519}) (Version: 11.0.00 - Sony Corporation) Hidden
Real DVD Studio II (HKLM-x32\...\{5B6455A4-E812-479B-A762-C2356244CF97}) (Version: 1.00.0000 - NPG) Hidden
Servicio Xperia Companion (HKLM\...\{ED9C6E7D-FA20-4FA0-BC6E-3D05703B03C5}) (Version: 2.7.4.0 - Sony) Hidden
SoundTrax (HKLM-x32\...\{3097B151-1F61-4211-A4CC-D70127B226AE}) (Version: 4.0.18.0 - Nero AG) Hidden
Xperia Companion (HKLM-x32\...\{E1C58CBB-69AA-4E5F-B464-8A633811D4BC}) (Version: 2.7.4.0 - Sony) Hidden
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Windows:0504E1FDA6C88148 [50]
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [DriverMax] => [X]
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [DriverMax_RESTART] => [X]
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {0ca4efe8-61c8-11e9-a6f6-b05bee847e5f} - F:\startme.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {53025a57-0adb-11ea-af64-f077d438f75c} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {5833cbe9-70d3-11e8-9a61-bccf7b3ad459} - G:\Setup.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {5833cbea-70d3-11e8-9a61-bccf7b3ad459} - G:\Setup.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {5833ccf9-70d3-11e8-9a61-bccf7b3ad459} - G:\shelexec.exe \index.htm
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {6d41e6f2-cbfd-11e8-9c9b-8595b2bb2c25} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {7934f69b-70ac-11e8-ba8f-bf4241aaae51} - G:\Setup.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {7a3cbb87-fb1b-11e9-96ed-968570daf421} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {f27181e7-be31-11e8-a5ce-8c630a438d5f} - G:\startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inicio rápido de Adobe Acrobat.lnk [2018-02-20]
ShortcutTarget: Inicio rápido de Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1040-7D00-7760-000000000003}\_SC_Acrobat.exe () [File not signed]
Task: {21AB56F4-A2E1-449B-A1E1-3FB111E310FD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {469ADE91-9A19-4528-B874-23099FF2DBE9} - System32\Tasks\{004E9BDA-58C4-494E-81C4-6414580E37FB} => C:\Windows\system32\pcalua.exe -a E:\DRIVER\setup.exe -d E:\DRIVER
Task: {4D0524F6-B561-422A-8DB2-9CA649A80546} - System32\Tasks\{F1414C1C-1E8D-498C-8B92-2D986588BF45} => C:\Windows\system32\pcalua.exe -a "F:\DISCO DURO PORTATIL OCT2017\DRIVERS Y PROGRAMAS2\winamp3_0-full.exe" -d "F:\DISCO DURO PORTATIL OCT2017\DRIVERS Y PROGRAMAS2"
Task: {C69D7CEE-D549-42DE-8910-C231D1858135} - System32\Tasks\{3AEEEC24-24F1-40A8-90E0-F4EA3F088D42} => C:\Windows\system32\pcalua.exe -a "C:\Users\palote\Downloads\programas\reproductor windows media player win7\MPSetup.exe" -d "C:\Users\palote\Downloads\programas\reproductor windows media player win7"
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\palote\Downloads\adwcleaner_8.0.0.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
U3 aswbdisk; no ImagePath
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]
2019-12-16 20:52 - 2018-03-13 17:59 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-13 23:23 - 2018-09-13 14:50 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.