Desaparecieron Marcadores de Firefox

Addition.txt Parte 2 de 2

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Usuario\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

==================== Loaded Modules (Whitelisted) ==============

2013-12-06 16:06 - 2013-12-06 16:06 - 000214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2017-10-18 18:51 - 2017-10-18 18:51 - 000598528 _____ () C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll
2014-02-20 22:53 - 2018-09-10 12:38 - 000095168 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2014-11-08 14:13 - 2016-03-09 16:18 - 000025088 _____ () C:\Program Files\SAMSUNG\Samsung Link\JniSys.dll
2014-11-08 14:13 - 2016-03-09 16:18 - 002513920 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_proxy.dll
2014-11-08 14:13 - 2016-03-09 16:18 - 002436096 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_stub.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 000036864 _____ () C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 000144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 000018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 000030720 _____ () C:\Windows\system32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 000908800 _____ () C:\Windows\system32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 000521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000049152 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000016896 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000058880 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000299520 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll
2016-04-25 13:18 - 2016-04-25 13:18 - 000669696 ____N () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 001114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 000707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 000107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 000102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 000077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 005717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 004671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 000028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 000017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 000117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 001033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 000134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 000032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 000055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-12-12 20:31 - 2018-12-12 20:31 - 005786256 _____ () C:\Program Files\AVAST Software\Avast\defs\18121204\algo.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2013-12-06 15:53 - 2013-12-06 15:53 - 000094208 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraEsp.dll
2017-10-18 18:58 - 2017-10-18 18:58 - 000570368 _____ () C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX32.dll
2018-11-03 09:55 - 2018-11-03 09:55 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-12-12 18:23 - 2018-12-12 09:42 - 001140552 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-12-12 18:23 - 2018-12-12 09:42 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-12-12 18:23 - 2018-12-12 09:44 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes36.dll
2018-12-12 18:23 - 2018-12-12 09:42 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000082760 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom36.dll
2018-12-12 18:23 - 2018-12-12 09:43 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000092496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt562.sip.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 011820368 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:42 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-12-12 18:23 - 2018-12-12 09:44 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-12-12 18:23 - 2018-12-12 09:44 - 000038240 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-12-12 18:23 - 2018-12-12 09:43 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-12-12 18:23 - 2018-12-12 09:44 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000241488 _____ () C:\Program Files (x86)\Dropbox\Client\windragdrop.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:44 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 09:43 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp36-win32.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [118]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2385482525-178760063-3032261430-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE trusted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2017-08-25 18:36 - 000450575 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15459 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2385482525-178760063-3032261430-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BackupRemind.lnk => C:\Windows\pss\BackupRemind.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Firemin.lnk => C:\Windows\pss\Firemin.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Polaris Office Sync.lnk => C:\Windows\pss\Polaris Office Sync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla y Selector de OneNote 2010.lnk => C:\Windows\pss\Recorte de pantalla y Selector de OneNote 2010.lnk.Startup
MSCONFIG\startupreg: AdAwareTray => 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => 
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Chromium => "c:\users\usuario\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
MSCONFIG\startupreg: Clip2Net => C:\Program Files (x86)\Clip2Net\clip2net.exe
MSCONFIG\startupreg: CorelDRAW Graphics Suite 11b => 
MSCONFIG\startupreg: Draughts => "C:\Users\Usuario\AppData\Roaming\Checkers\Draughts\Draughts.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EPSON L800 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIG5P.EXE /FU "C:\Windows\TEMP\E_S55FD.tmp" /EF "HKCU"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_CF0D12F859BF15DAB73FDD0B7E1E013D => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => 
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LanguageShortcut => 
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
MSCONFIG\startupreg: Olympus ib => "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
MSCONFIG\startupreg: Polaris Office Sync => C:\Users\Usuario\AppData\Roaming\PolarisOfficeLink\POLinkLauncher.exe
MSCONFIG\startupreg: PowerDVD14Agent => 
MSCONFIG\startupreg: PSafeTray => 
MSCONFIG\startupreg: PSafeWDS => 
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => 
MSCONFIG\startupreg: SDTray => 
MSCONFIG\startupreg: SideSync => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Usuario\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Usuario\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: SSC Service Utility => C:\Program Files (x86)\SSC Service Utility\ssc_serv.exe /s
MSCONFIG\startupreg: StartCCC => 
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TunnelBear => C:\Program Files (x86)\TunnelBear\TBear.Client.exe -autoconnect
MSCONFIG\startupreg: uTorrent => "C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: VX1000 => C:\Windows\vVX1000.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{E722B8F5-AC8A-4D4A-90C8-7D4E4B534F84}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{0904E8C9-8D84-4D79-B57D-7EA2B88BC77C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{81E39A98-9ABA-40DA-AD0B-289E6DA0A93D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C15FBE1A-AAA6-43A5-B2A5-389136F66929}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2FD100E4-0A60-4F1F-B3D2-B90C6E06A6B4}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{7BC413A3-5337-446D-8F6A-22EC547F78E6}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{01D6D7D6-45A4-44F3-AAA2-520A034E139F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9D19973C-EF58-4E96-A4E3-B06F72452CE4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1AA4A925-DB3E-489B-B1E3-021B9B40DD79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9D4D61AD-C584-43E6-ABB4-8CEAFB1C6CB0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{508F35E1-A721-4808-877F-DB8137C425CB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{4F937B47-800A-4D67-BC23-DF35E42E7B93}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2C07B46F-D9C6-4DC9-9106-3BD34DE2527A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{635F1155-8187-4A86-9444-FE08DFF17049}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3716DBD9-185F-4C4B-892E-6AF6A7D44E63}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39D4598A-26DD-41CB-94A2-46F3931C63D0}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D3FA529B-58F6-4335-A3D8-2E4F48EC43A2}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{88CC4BAD-5DF4-42DA-9AE3-383B556560CB}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{E861FB15-8623-4F4D-BA1D-CBF64B6F338E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{5AB421A8-CE57-4352-8946-D7F47D62A9F6}C:\program files (x86)\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{2E0848BB-F52D-4800-BBC5-B143CF4BC840}C:\program files (x86)\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{2104D34B-3CCE-44C9-958D-C49343952F21}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{3FB9A8E4-EDFB-4F9A-9E50-A09EFF42896B}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{35430691-6B12-4A25-A8E7-6035A1F1799A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{59F66543-A68F-4E33-A199-D9DF894036BB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{64BDAE3E-1EFC-45C5-ADD0-D772E3F5F0CA}C:\program files (x86)\reaper\reaper.exe] => (Block) C:\program files (x86)\reaper\reaper.exe
FirewallRules: [UDP Query User{27B0743F-BE5F-44CF-BF40-31B36FD928D2}C:\program files (x86)\reaper\reaper.exe] => (Block) C:\program files (x86)\reaper\reaper.exe
FirewallRules: [TCP Query User{1C54E26C-A3D0-43F1-B706-3CF1571219B3}C:\program files (x86)\reaper\reamote.exe] => (Block) C:\program files (x86)\reaper\reamote.exe
FirewallRules: [UDP Query User{D2783017-5547-4AAE-9E4C-91D2BE67BC3A}C:\program files (x86)\reaper\reamote.exe] => (Block) C:\program files (x86)\reaper\reamote.exe
FirewallRules: [{C837D156-D8D7-4DB4-B453-13AE16C134B7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{9D4CA4CA-1FA5-4A6E-A1F9-977E075B659E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F97A3D26-F29A-488E-BF00-5A2DA6C29CF3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5DD7105D-3EEC-4576-B7F1-1D44EB136F65}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5EBDF409-0101-4BB4-ACAD-724C11766B85}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

12-12-2018 19:58:43 Removed McAfee Safe Connect
12-12-2018 20:02:06 Windows Update

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/13/2018 01:42:07 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/13/2018 12:57:13 AM) (Source: DbxSvc) (EventID: 293) (User: )
Description: Failed to validate client process executable is signed: C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

Error: (12/13/2018 12:57:13 AM) (Source: DbxSvc) (EventID: 282) (User: )
Description: Certificate mismatch for file: C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

Error: (12/13/2018 12:46:02 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/12/2018 11:44:34 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/12/2018 10:44:57 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/12/2018 09:42:16 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/12/2018 08:42:43 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.


System errors:
=============
Error: (12/13/2018 12:55:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Wondershare Application Framework Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (12/13/2018 12:55:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Wondershare Application Framework Service.

Error: (12/13/2018 12:54:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio VBoxAsw Support Driver no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar la ruta especificada.

Error: (12/13/2018 12:54:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio TunnelBear Maintenance no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (12/13/2018 12:54:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio TunnelBear Maintenance.

Error: (12/13/2018 12:53:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Hddb Build Service no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (12/13/2018 12:51:24 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.

Error: (12/12/2018 08:40:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Search no respondió después de iniciar.


Windows Defender:
===================================
Date: 2014-11-24 23:51:11.428
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;regkey:HKCU@S-1-5-18\software\new.net
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2014-11-24 23:41:57.722
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5572;process:pid:5704;process:pid:5932;process:pid:5952;process:pid:6648
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-11-24 23:41:31.280
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5704;process:pid:5932;process:pid:5952;process:pid:6648
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-11-24 23:41:15.445
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5704;process:pid:5932;process:pid:6648
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-11-24 23:40:25.116
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5704;process:pid:5932
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-07-11 20:14:47.420
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-07-11 20:02:18.445
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-05-30 15:21:14.220
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-03-25 15:54:45.907
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

CodeIntegrity:
===================================

Date: 2014-12-21 12:16:34.648
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Users\Usuario\AppData\Local\Temp\EverestDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-12-21 12:16:34.438
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Users\Usuario\AppData\Local\Temp\EverestDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-12-21 12:16:29.572
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-12-21 12:16:29.360
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

Processor: AMD A6-3500 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 73%
Total physical RAM: 4073.55 MB
Available physical RAM: 1085.72 MB
Total Virtual: 8145.25 MB
Available Virtual: 4717.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.74 GB) (Free:131.74 GB) NTFS
Drive e: (Nuevo vol) (Fixed) (Total:455.42 GB) (Free:179.3 GB) NTFS
Drive f: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
Drive h: (ANALIA AGUSTINA CAMILA) (Fixed) (Total:237.91 GB) (Free:83.79 GB) NTFS
Drive i: (Nuevo vol) (Fixed) (Total:227.75 GB) (Free:186.81 GB) NTFS
Drive j: (Nuevo vol) (Fixed) (Total:1863.01 GB) (Free:1485.25 GB) NTFS

\\?\Volume{bc87ece0-1996-11e3-a98f-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.35 GB) (Free:0.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=356 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=475.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D7D2BF09)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=227.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 0C699BCF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

FRST.txt Parte 1 de 2

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by Usuario (administrator) on USUARIO-PC (13-12-2018 01:40:57)
Running from E:\MIS DOCUMENTOS\DOWNLOAD\SOFTWARE\FARBAR
Loaded Profiles: Usuario (Available Profiles: Usuario & AVIGNON)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Arcai.com) C:\Program Files (x86)\netcut\services\aips.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Seiko Epson Corporation) C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Seiko Epson Corporation) C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-02] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4050752 2018-12-12] (Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [uTorrent] => C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe [1738936 2018-11-12] (BitTorrent Inc.)
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261698665850923&GUID=33110175-EE41-4A83-820A-57AC444D4C1B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261698665850923&GUID=33110175-EE41-4A83-820A-57AC444D4C1B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> DefaultScopeBefore {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2385482525-178760063-3032261430-1000 -> DefaultScopeBefore {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-18] (Oracle Corporation)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-02-18] (Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-02-18] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: u48yhiwf.default-1480511552264-1543675597432
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\u48yhiwf.default-1480511552264-1543675597432 [2018-12-13]
FF Homepage: Mozilla\Firefox\Profiles\u48yhiwf.default-1480511552264-1543675597432 -> hxxps://www.google.com/
FF Session Restore: Mozilla\Firefox\Profiles\u48yhiwf.default-1480511552264-1543675597432 -> is enabled.
FF Extension: (Ampliar imagen) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\u48yhiwf.default-1480511552264-1543675597432\Extensions\[email protected] [2018-12-10]
FF Extension: (Marcadores Duplicados) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\u48yhiwf.default-1480511552264-1543675597432\Extensions\[email protected] [2018-12-09]
FF Extension: (Firefox Lightbeam) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\u48yhiwf.default-1480511552264-1543675597432\Extensions\[email protected] [2018-12-09]
FF Extension: (Video DownloadHelper) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\u48yhiwf.default-1480511552264-1543675597432\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-12-09]
FF Extension: (Adblock Plus (versión de desarrollo)) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\u48yhiwf.default-1480511552264-1543675597432\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-09]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-11-09] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-12] ()
FF Plugin: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-02-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-12] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-12] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR Session Restore: ChromeDefaultData -> is enabled.
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-12-12] <==== ATTENTION
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-02]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2018-12-02]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-29]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-29]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-24]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-24]
CHR Extension: (Tampermonkey) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-05-29]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-29]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-24]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-01]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2017-09-26]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <no Path/update_url>
CHR HKU\S-1-5-21-2385482525-178760063-3032261430-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-12-02] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-02] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-27] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-27] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-12-12] (Dropbox, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-08-05] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (© pdfforge GmbH.)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
S2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [41344 2016-12-16] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-02-17] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [File not signed]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe [115856 2016-07-28] (Wondershare)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-12-02] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-12-02] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-12-02] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-12-02] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-12-02] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-12-02] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-12-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-12-02] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-12-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-12-02] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-12-02] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 dbx; C:\Windows\System32\DRIVERS\dbx.sys [45640 2017-07-06] (Dropbox, Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.)
S3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] ()
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-09-09] (Oracle Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 NPF; system32\drivers\NPF.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X] 

FRST.txt Parte 2 de 2

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-13 01:40 - 2018-12-13 01:40 - 000000000 ____D C:\FRST
2018-12-13 00:54 - 2018-12-13 00:54 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\uTorrent
2018-12-12 18:38 - 2018-12-12 19:03 - 000000000 ____D C:\Users\Usuario\Desktop\FORO SPYWARE
2018-12-12 18:23 - 2018-12-12 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-12-12 09:42 - 2018-12-12 09:42 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-12-12 09:42 - 2018-12-12 09:42 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-12-12 09:42 - 2018-12-12 09:42 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-12-12 09:42 - 2018-12-12 09:42 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-12-12 06:36 - 2018-12-05 23:39 - 003227648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-12-12 06:36 - 2018-11-28 19:02 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-12-12 06:36 - 2018-11-28 19:02 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-12-12 06:36 - 2018-11-28 19:02 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-12-12 06:36 - 2018-11-28 19:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-12-12 06:36 - 2018-11-28 19:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-12-12 06:36 - 2018-11-28 18:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-12-12 06:36 - 2018-11-28 18:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-12-12 06:36 - 2018-11-28 18:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-12-12 06:36 - 2018-11-28 18:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-12-12 06:36 - 2018-11-28 18:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-12-12 06:36 - 2018-11-15 16:46 - 000397088 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-12-12 06:36 - 2018-11-15 15:55 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-12-12 06:36 - 2018-11-15 00:00 - 025735680 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-12-12 06:36 - 2018-11-14 23:34 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-12-12 06:36 - 2018-11-14 22:51 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-12-12 06:36 - 2018-11-14 22:50 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-12-12 06:36 - 2018-11-13 01:54 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-12-12 06:36 - 2018-11-13 01:54 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-12-12 06:36 - 2018-11-13 01:42 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-12-12 06:36 - 2018-11-13 01:41 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-12-12 06:36 - 2018-11-13 01:40 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-12-12 06:36 - 2018-11-13 01:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-12-12 06:36 - 2018-11-13 01:39 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-12-12 06:36 - 2018-11-13 01:35 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-12-12 06:36 - 2018-11-13 01:33 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-12-12 06:36 - 2018-11-13 01:32 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-12-12 06:36 - 2018-11-13 01:30 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-12-12 06:36 - 2018-11-13 01:28 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-12-12 06:36 - 2018-11-13 01:28 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-12-12 06:36 - 2018-11-13 01:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-12-12 06:36 - 2018-11-13 01:28 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-12-12 06:36 - 2018-11-13 01:26 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-12-12 06:36 - 2018-11-13 01:21 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-12-12 06:36 - 2018-11-13 01:18 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-12-12 06:36 - 2018-11-13 01:13 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-12-12 06:36 - 2018-11-13 01:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-12-12 06:36 - 2018-11-13 01:13 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-12-12 06:36 - 2018-11-13 01:12 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-12-12 06:36 - 2018-11-13 01:11 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-12-12 06:36 - 2018-11-13 01:11 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-12-12 06:36 - 2018-11-13 01:10 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-12-12 06:36 - 2018-11-13 01:10 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-12-12 06:36 - 2018-11-13 01:07 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-12-12 06:36 - 2018-11-13 01:07 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-12-12 06:36 - 2018-11-13 01:06 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-12-12 06:36 - 2018-11-13 01:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-12-12 06:36 - 2018-11-13 01:05 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-12-12 06:36 - 2018-11-13 01:05 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-12-12 06:36 - 2018-11-13 01:04 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-12-12 06:36 - 2018-11-13 01:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-12-12 06:36 - 2018-11-13 01:03 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-12-12 06:36 - 2018-11-13 01:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-12-12 06:36 - 2018-11-13 00:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-12-12 06:36 - 2018-11-13 00:53 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-12-12 06:36 - 2018-11-13 00:52 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-12-12 06:36 - 2018-11-13 00:51 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-12-12 06:36 - 2018-11-13 00:51 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-12-12 06:36 - 2018-11-13 00:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-12-12 06:36 - 2018-11-13 00:50 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-12-12 06:36 - 2018-11-13 00:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-12-12 06:36 - 2018-11-13 00:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-12-12 06:36 - 2018-11-13 00:49 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-12-12 06:36 - 2018-11-13 00:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-12-12 06:36 - 2018-11-13 00:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-12-12 06:36 - 2018-11-13 00:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-12-12 06:36 - 2018-11-13 00:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-12-12 06:36 - 2018-11-13 00:42 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-12-12 06:36 - 2018-11-13 00:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-12-12 06:36 - 2018-11-13 00:38 - 013681152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-12-12 06:36 - 2018-11-13 00:38 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-12-12 06:36 - 2018-11-13 00:37 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-12-12 06:36 - 2018-11-13 00:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-12-12 06:36 - 2018-11-13 00:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-12-12 06:36 - 2018-11-13 00:27 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-12-12 06:36 - 2018-11-13 00:18 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-12-12 06:36 - 2018-11-13 00:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-12-12 06:36 - 2018-11-13 00:15 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-12-12 06:36 - 2018-11-13 00:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-12-12 06:36 - 2018-11-11 14:19 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-12-12 06:36 - 2018-11-11 14:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-12-12 06:36 - 2018-11-11 14:01 - 005551848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-12-12 06:36 - 2018-11-11 14:01 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-12-12 06:36 - 2018-11-11 14:01 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-12-12 06:36 - 2018-11-11 14:01 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-12-12 06:36 - 2018-11-11 14:01 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-12-12 06:36 - 2018-11-11 14:00 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:49 - 004054760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-12-12 06:36 - 2018-11-11 13:49 - 003960040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-12-12 06:36 - 2018-11-11 13:47 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-12-12 06:36 - 2018-11-11 13:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-12-12 06:36 - 2018-11-11 13:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-12-12 06:36 - 2018-11-11 13:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-12-12 06:36 - 2018-11-11 13:20 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-12-12 06:36 - 2018-11-11 13:20 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-12-12 06:36 - 2018-11-11 13:19 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-12-12 06:36 - 2018-11-11 13:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-12-12 06:36 - 2018-11-11 13:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-12-12 06:36 - 2018-11-11 13:16 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-12-12 06:36 - 2018-11-11 13:16 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-12-12 06:36 - 2018-11-11 13:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-12-12 06:36 - 2018-11-11 13:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-12-12 06:36 - 2018-11-11 13:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-12-12 06:36 - 2018-11-11 13:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-12-12 06:36 - 2018-11-11 13:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-12-12 06:36 - 2018-11-11 13:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-12-12 06:36 - 2018-11-11 13:15 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-12-12 06:36 - 2018-11-11 13:15 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-12-12 06:36 - 2018-11-11 13:15 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-12-12 06:36 - 2018-11-11 13:15 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-12-12 06:36 - 2018-11-11 13:14 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-12-12 06:36 - 2018-11-11 13:13 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:13 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:13 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:13 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-12-12 06:36 - 2018-11-08 13:58 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-12-12 06:36 - 2018-11-08 13:58 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-12-12 06:36 - 2018-11-08 13:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-12-12 06:36 - 2018-11-08 13:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-12-12 06:36 - 2018-11-08 13:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-12-12 06:36 - 2018-11-08 13:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-12-12 06:36 - 2018-11-08 13:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-12-12 06:36 - 2018-11-08 13:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-12-12 06:36 - 2018-11-06 01:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-12-12 06:36 - 2018-11-06 01:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-12-12 06:36 - 2018-10-06 13:03 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-12-12 06:36 - 2018-10-06 12:59 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-12-12 06:36 - 2018-10-06 12:59 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-12-12 06:36 - 2018-10-06 12:58 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-12-12 06:36 - 2018-10-06 12:58 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-12-12 06:36 - 2018-10-06 12:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-12-12 06:36 - 2018-10-06 12:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-12-12 06:36 - 2018-10-06 12:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-12-12 06:36 - 2018-10-06 12:44 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-12-12 06:36 - 2018-10-06 12:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-12-12 06:36 - 2018-10-06 12:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-12-12 06:36 - 2018-10-06 12:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-12-11 13:39 - 2018-12-12 19:59 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2018-12-11 13:39 - 2018-12-11 13:39 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\McAfee Safe Connect
2018-12-11 13:39 - 2018-12-11 13:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\McAfee_Inc
2018-12-07 21:40 - 2018-12-07 21:40 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2018-12-07 21:39 - 2018-12-07 21:39 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-07 21:39 - 2018-12-07 21:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2018-12-07 21:39 - 2018-12-07 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-07 21:39 - 2018-12-07 21:39 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-07 21:39 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-12-05 10:52 - 1999-12-31 21:00 - 000003863 _____ C:\Users\Usuario\Desktop\bookmarks.html
2018-12-03 21:08 - 2018-12-03 21:32 - 4188686904 _____ C:\Users\Usuario\Documents\Thunderbird 52.9.1 (es-ES) - 2018-12-03.pcv
2018-12-03 20:57 - 2018-12-03 20:59 - 1293448339 _____ C:\Users\Usuario\Documents\Firefox  - 2018-12-03.pcv
2018-12-02 22:18 - 2018-07-31 00:00 - 000123813 _____ C:\Users\Usuario\Desktop\bookmarks-2018-08-02_619_1+2qGdiJVIrvFKJMct35GQ==.jsonlz4
2018-12-02 20:36 - 2018-12-02 20:36 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-12-02 00:41 - 2018-12-02 00:41 - 000014308 _____ C:\Users\Usuario\Desktop\cc_20181202_004133.reg
2018-12-01 11:46 - 2018-12-01 11:46 - 000000000 ____D C:\Users\Usuario\Desktop\Datos viejos de Firefox
2018-11-21 22:13 - 2018-11-21 22:13 - 000121408 _____ C:\Users\Usuario\Desktop\cc_20181121_221254.reg
2018-11-21 08:55 - 2018-11-21 08:55 - 000074580 _____ C:\Users\Usuario\Desktop\COTO COMUNIAD - Impresion Tarjeta Provisoria.pdf
2018-11-15 20:27 - 2018-11-15 20:27 - 006451712 _____ (MANDA AUDIO) C:\Users\Usuario\MT-PowerDrumKit.dll
2018-11-15 20:25 - 2018-11-15 20:25 - 006451712 _____ (MANDA AUDIO) C:\Users\Usuario\Downloads\MT-PowerDrumKit.dll
2018-11-14 17:12 - 2018-11-14 17:12 - 000000930 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2018-11-14 11:17 - 2018-11-14 11:18 - 000093973 _____ C:\Users\Usuario\Desktop\Sistema de Consultas Web.pdf
2018-11-14 02:53 - 2018-11-10 22:25 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-14 02:53 - 2018-11-10 22:25 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-14 02:53 - 2018-11-10 22:25 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-11-14 02:53 - 2018-11-10 22:24 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-11-14 02:53 - 2018-11-10 22:10 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-14 02:53 - 2018-11-10 22:10 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-11-14 02:53 - 2018-11-10 21:47 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-11-14 02:53 - 2018-10-27 00:42 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-14 02:53 - 2018-10-27 00:42 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-14 02:53 - 2018-10-27 00:42 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-14 02:53 - 2018-10-27 00:42 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2018-11-14 02:53 - 2018-10-27 00:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-14 02:53 - 2018-10-27 00:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2018-11-14 02:53 - 2018-10-27 00:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-14 02:53 - 2018-10-27 00:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-11-14 02:53 - 2018-10-27 00:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-14 02:53 - 2018-10-27 00:11 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-14 02:53 - 2018-10-27 00:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-11-14 02:53 - 2018-10-27 00:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-11-14 02:53 - 2018-10-27 00:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2018-11-14 02:53 - 2018-10-27 00:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dispex.dll
2018-11-14 02:53 - 2018-10-06 10:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-11-14 02:53 - 2018-10-06 10:05 - 002565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-14 02:53 - 2018-09-22 23:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-14 02:53 - 2018-09-22 23:54 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-14 02:53 - 2018-09-22 23:54 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-14 02:53 - 2018-09-22 23:54 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-14 02:53 - 2018-09-22 23:54 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-14 02:53 - 2018-09-22 23:54 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-11-14 02:53 - 2018-09-22 23:54 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-14 02:53 - 2018-09-22 23:54 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-11-14 02:53 - 2018-09-22 23:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-11-14 02:53 - 2018-09-22 23:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-14 02:53 - 2018-09-22 23:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-14 02:53 - 2018-09-22 23:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-14 02:53 - 2018-09-22 23:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-11-14 02:53 - 2018-09-22 23:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2018-11-14 02:53 - 2018-09-22 23:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2018-11-14 02:53 - 2018-09-22 23:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2018-11-14 02:53 - 2018-09-22 23:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2018-11-14 02:53 - 2018-09-22 23:34 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-14 02:53 - 2018-09-22 23:34 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-14 02:53 - 2018-09-22 23:33 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-14 02:53 - 2018-09-22 23:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-14 02:53 - 2018-09-22 23:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-14 02:53 - 2018-09-22 23:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-11-14 02:53 - 2018-09-22 23:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2018-11-14 02:53 - 2018-08-28 00:48 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2018-11-14 02:53 - 2018-08-28 00:48 - 000419608 _____ C:\Windows\system32\locale.nls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-13 01:26 - 2016-11-16 17:03 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2018-12-13 01:04 - 2009-07-14 01:45 - 000017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-13 01:04 - 2009-07-14 01:45 - 000017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-13 00:57 - 2013-10-07 02:02 - 000000000 ___RD C:\Users\Usuario\Dropbox
2018-12-13 00:56 - 2018-03-31 10:36 - 000000000 ____D C:\Users\Usuario\AppData\Local\AVAST Software
2018-12-13 00:53 - 2016-07-27 12:30 - 000000990 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-12-13 00:53 - 2014-05-01 10:44 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
2018-12-13 00:53 - 2013-09-10 00:09 - 000000204 _____ C:\Windows\Tasks\AutoKMS.job
2018-12-13 00:53 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-13 00:49 - 2016-07-27 12:30 - 000000994 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-12-13 00:44 - 2018-03-28 12:37 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-12-13 00:43 - 2017-08-15 12:25 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-12-13 00:05 - 2016-10-20 17:50 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-12-12 20:42 - 2009-07-14 06:31 - 000751318 _____ C:\Windows\system32\perfh00A.dat
2018-12-12 20:42 - 2009-07-14 06:31 - 000160360 _____ C:\Windows\system32\perfc00A.dat
2018-12-12 20:42 - 2009-07-14 02:13 - 001687128 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-12 20:42 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2018-12-12 20:38 - 2009-07-14 01:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-12-12 20:34 - 2018-09-12 03:30 - 000495256 _____ C:\Windows\system32\FNTCACHE.DAT
2018-12-12 20:27 - 2013-09-10 00:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-12 20:13 - 2013-09-12 18:52 - 001660778 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-12-12 20:11 - 2013-09-09 14:17 - 000000000 ____D C:\Windows\system32\MRT
2018-12-12 20:05 - 2013-09-09 14:17 - 137260640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-12-12 20:05 - 2009-07-13 23:34 - 000000600 _____ C:\Windows\win.ini
2018-12-12 19:55 - 2018-03-14 01:50 - 000004500 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-12 19:55 - 2014-10-16 09:56 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe
2018-12-12 19:55 - 2013-09-30 00:02 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-12-12 19:55 - 2013-09-09 13:13 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-12 19:55 - 2013-09-09 13:13 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-12 19:55 - 2013-09-09 13:13 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-12-12 19:55 - 2013-09-09 13:13 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-12 18:36 - 2009-07-14 02:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-12-12 18:24 - 2016-07-27 12:30 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-12-12 13:49 - 2014-02-27 22:05 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vlc
2018-12-12 13:37 - 2013-09-15 16:45 - 000002724 ___SH C:\ProgramData\KGyGaAvL.sys
2018-12-12 10:32 - 2014-09-19 09:40 - 000000000 ____D C:\Program Files\MyDefrag v4.3.1
2018-12-11 13:33 - 2013-09-30 00:02 - 000000000 ____D C:\ProgramData\McAfee
2018-12-11 13:07 - 2017-04-24 20:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-12-10 23:47 - 2014-05-01 10:57 - 000000000 ____D C:\Users\Usuario\Desktop\UTORRENT DESCARGAS
2018-12-10 23:23 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\ModemLogs
2018-12-10 22:06 - 2017-06-20 12:51 - 000000000 ____D C:\Users\Usuario\Desktop\ACCESOS DIRECTOS
2018-12-10 11:50 - 2015-01-06 11:43 - 000027943 _____ C:\Users\Usuario\Desktop\Cuentas y claves.xlsx
2018-12-09 19:39 - 2013-10-17 12:13 - 000000000 ____D C:\Windows\Minidump
2018-12-09 17:09 - 2016-11-25 13:15 - 000000000 ____D C:\Program Files (x86)\Prucdomzukopy
2018-12-09 17:09 - 2016-07-05 13:50 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Free AVI MPEG WMV MP4 FLV Video Joiner
2018-12-09 16:48 - 2014-02-28 20:59 - 000002213 _____ C:\Users\AVIGNON\Desktop\Google Chrome.lnk
2018-12-09 16:48 - 2013-09-09 15:15 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-07 21:39 - 2013-10-06 14:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-04 11:59 - 2016-09-19 17:27 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2018-12-02 20:36 - 2018-11-03 09:56 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-12-02 20:36 - 2018-01-10 00:36 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-12-02 20:36 - 2017-08-15 12:25 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-12-02 20:36 - 2017-08-15 12:25 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-12-02 20:36 - 2017-08-15 12:25 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-12-02 20:36 - 2017-08-15 12:25 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-12-02 20:36 - 2014-05-14 00:53 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-12-02 20:36 - 2013-12-25 12:16 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-12-02 20:36 - 2013-09-10 00:11 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-12-02 20:36 - 2013-09-10 00:11 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-12-02 20:36 - 2013-09-10 00:11 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-12-02 20:36 - 2013-09-10 00:11 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-12-02 20:36 - 2013-09-09 14:11 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-12-02 20:36 - 2013-09-09 14:11 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-12-02 00:30 - 2014-05-19 16:08 - 000000000 ____D C:\Program Files (x86)\System Ninja
2018-11-23 14:31 - 2018-07-21 20:20 - 000002083 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2018-11-22 18:43 - 2018-03-31 10:38 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-21 19:22 - 2018-03-19 19:06 - 000000000 ____D C:\Users\Usuario\Documents\REAPER Media
2018-11-21 18:31 - 2009-07-14 02:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-21 18:07 - 2009-07-14 02:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2018-11-21 17:09 - 2018-03-19 07:43 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\REAPER
2018-11-15 20:27 - 2013-09-09 23:35 - 000000000 ____D C:\Users\Usuario
2018-11-14 17:12 - 2018-07-21 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2018-11-14 17:12 - 2018-07-21 20:54 - 000000000 ____D C:\Program Files\Calibre2

==================== Files in the root of some directories =======

2018-11-15 20:27 - 2018-11-15 20:27 - 006451712 _____ (MANDA AUDIO) C:\Users\Usuario\MT-PowerDrumKit.dll
2014-05-06 08:57 - 2014-05-06 08:57 - 000005265 _____ () C:\Users\Usuario\AppData\Roaming\callbanner.png
2014-05-21 20:34 - 2016-07-04 20:48 - 000099384 _____ () C:\Users\Usuario\AppData\Roaming\inst.exe
2017-05-15 23:22 - 2017-05-15 23:22 - 000000022 _____ () C:\Users\Usuario\AppData\Roaming\langInstall.exe
2014-05-21 20:34 - 2016-07-04 20:48 - 000007859 _____ () C:\Users\Usuario\AppData\Roaming\pcouffin.cat
2014-05-21 20:34 - 2016-07-04 20:48 - 000001167 _____ () C:\Users\Usuario\AppData\Roaming\pcouffin.inf
2014-05-21 20:35 - 2016-07-04 20:48 - 000000033 _____ () C:\Users\Usuario\AppData\Roaming\pcouffin.log
2014-05-21 20:34 - 2016-07-04 20:48 - 000082816 _____ (VSO Software) C:\Users\Usuario\AppData\Roaming\pcouffin.sys
2014-05-21 20:36 - 2018-09-27 12:21 - 000001044 _____ () C:\Users\Usuario\AppData\Roaming\vso_ts_preview.xml
2014-01-05 22:19 - 2016-04-07 16:34 - 000007168 _____ () C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-03 17:37 - 2014-11-03 17:58 - 000000058 _____ () C:\Users\Usuario\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-11-03 00:31 - 2014-11-03 00:31 - 000004096 ____H () C:\Users\Usuario\AppData\Local\keyfile3.drm
2015-03-21 10:57 - 2015-03-21 16:33 - 004915200 _____ () C:\Users\Usuario\AppData\Local\package.nw.new
2013-10-11 19:37 - 2017-10-02 20:45 - 000007610 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2017-04-21 17:40 - 2017-04-21 17:40 - 000041984 _____ () C:\Users\AVIGNON\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkvac_y.dll
2018-12-11 13:39 - 2018-12-11 13:39 - 000290304 _____ (Microsoft Corporation) C:\Users\Usuario\AppData\Local\Temp\CakeTubeSdk.Windows.Service.subinacl.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2013-10-01 11:45

==================== End of FRST.txt ============================

Hola @omargarcia

Mientras analizo los reportes, aqui ya es muy tarde, realiza lo siguiente:

Vuelve a abrir:

%APPDATA%\Mozilla\Firefox\Profiles\

Busca la carpeta del perfil que te pedí tomaras nota, era el número cuatro >>> botón derecho sobre el >>> selecciona copiar.

Vas a tu escritorio y lo pegas. Es por las dudas para tener un backup mas.

Mañana la seguimos…:+1:

Salu2.

Hola @omargarcia:

Antes de continuar con la desinfección tratemos de recuperar tu perfil de Firefox.

Hay diferentes extensiones y al parecer alguna de ellas daño Firefox.

Pudiste Copiar y guardar la carpeta que te indique en tu escritorio? Si la respuesta es si continua con lo siguiente:

1.- Crea un nuevo perfil de Firefox.

Con Firefox cerrado totalmente.

Presiona las teclas Windows + R.

En la ventana del comando Ejecutar escribe:

firefox.exe -P

Nota: Después de la palabra .exe va un espacio.

Presiona “Aceptar”

Se debería abrir la ventana del Administrador de perfiles.

  1. En el Administrador de perfiles, haz clic en Crear perfil…para que te aparezcan las instrucciones.
  2. Pulsa el botón Siguiente e introduce el nombre del perfil. Asígnale a ese perfil un nombre descriptivo; por ejemplo, tu nombre. Este nombre no se publicará en Internet.
  3. Luego presiona “Finalizar”.

Con ello has creado un nuevo perfil limpio, pero aun no tiene tu información. cierra las ventanas que pudiesen quedar abiertas.

2.- Luego :

Recuerda tu perfil con información es:

u48yhiwf.default-1480511552264-1543675597432

Luego sigue estos pasos >>> Copiar archivos entre las carpetas del perfil

Debes seguir los pasos y copiar solo los archivos que se mencionan a partir de >>> Datos importantes y archivos

Cualquier duda o error vuelve que trataremos de solucionarlo.

Debes copiarlos desde el viejo perfil, al nuevo perfil que creaste.

Salu2.

Hola @SanMar,

Por fin…, gracias a ésto último, todo recuperado… Muchas gracias es poco… Saludos…

1 me gusta

Hola @omargarcia:

Que bueno!!!

Ahora deberías eliminar los perfiles antiguos para evitar errores, para ello vuelve a hacer lo siguiente:

Una vez allí realiza los pasos del enlace a partir de Eliminar un perfil

Elimina los perfiles anteriores que habíamos detectado MENOS el que tu creaste y que es el que hoy te funciona. <<< Ese NO.

Luego vuelve a ejecutar FRST como te indique anteriormente y tráenos un reporte fresco con el Addition, para ahora si continuar con la desinfección que aún quedaban cosas en ese equipo.

Salu2.

Addition 1/2

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Usuario (17-12-2018 01:27:25)
Running from E:\MIS DOCUMENTOS\DOWNLOAD\SOFTWARE\FARBAR
Windows 7 Ultimate Service Pack 1 (X64) (2013-09-10 02:35:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2385482525-178760063-3032261430-500 - Administrator - Disabled)
AVIGNON (S-1-5-21-2385482525-178760063-3032261430-1137 - Limited - Enabled) => C:\Users\AVIGNON
Invitado (S-1-5-21-2385482525-178760063-3032261430-501 - Limited - Disabled)
Usuario (S-1-5-21-2385482525-178760063-3032261430-1000 - Administrator - Enabled) => C:\Users\Usuario

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe ActiveShare 1.5 (HKLM-x32\...\{B3C7CA81-27EB-11D4-A59C-00E02C071F5C}) (Version:  - )
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Advanced RAR Repair v1.2 (HKLM-x32\...\Advanced RAR Repair v1.2) (Version:  - )
AIDA64 Extreme Edition v3.20 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.20 - FinalWire Ltd.)
AirDroid 3.3.1.0 (HKLM-x32\...\AirDroid) (Version: 3.3.1.0 - Sand Studio)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Amazon Kindle (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Amazon Kindle) (Version: 1.17.1.44183 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{FD8FD2BD-A82D-C528-EDA0-A6635F47C19C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Anti-reCAPTCHA v4.01 JD (HKLM-x32\...\{74252365-7BB1-437A-8D61-5B0BD1D9AFAA}) (Version: 4.01 - SONY-TEAM)
Any Video Converter 5.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Any Video Converter 5.9.6 (HKLM-x32\...\Any Video Converter) (Version: 5.9.6 - Anvsoft)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk)
Aplicación para detectar Winamp (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Aplicaciones destacadas de Autodesk 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoCAD 2017 - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017  Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - Español (Spanish) (HKLM\...\AutoCAD 2017 - Español (Spanish)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\{5F0F7049-0000-1033-0102-73A6DA3D7FA6}) (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.102 - AVAST Software)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
calibre 64bit (HKLM\...\{A9CFF5B2-9CF6-4903-ACD1-CE9CFDFD6206}) (Version: 3.34.0 - Kovid Goyal)
Capture-A-ScreenShot (HKLM-x32\...\Capture-A-ScreenShot_is1) (Version:  - PopDrops.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
Clip2Net 0.8.2b (HKLM-x32\...\Clip2Net_is1) (Version:  - AU78)
ConvertXtoDVD 3.8.0.193j (HKLM-x32\...\{76C24F39-B161-498F-BD8B-C64789812D13}_is1) (Version: 3.8.0.193j - )
Corel Shell Extension - 64Bit (HKLM\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF011}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF012}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF016}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF013}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF017}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF019}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (HKLM-x32\...\{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (HKLM-x32\...\{D2827848-7D2A-4547-9AD1-C965FB3E6344}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF014}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (HKLM-x32\...\{BF439B41-0252-48DE-8B8B-0430CB26A181}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (HKLM-x32\...\{44A27085-0616-4181-A0C3-81C7ECA17F73}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
coverXP (remove only) (HKLM-x32\...\coverXP) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Datel 2001 V1.12 R2 (HKLM-x32\...\ST6UNST #1) (Version:  - )
Diccion@rios Espasa (HKLM-x32\...\Diccion@rios Espasa) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 64.3.121 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.143.1 - Dropbox, Inc.) Hidden
E.M. PowerPoint Video Converter 3.20 (HKLM-x32\...\E.M. PowerPoint Video Converter_is1) (Version:  - EffectMatrix, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{445E91BC-EC9D-423F-A6CA-80B80C894EF7}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
EPSON L800 Series Printer Uninstall (HKLM\...\EPSON L800 Series) (Version:  - SEIKO EPSON Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.05.00 - SEIKO EPSON CORPORATION)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
Firemin 6.1.0.4963 (HKLM\...\Firemin_is1) (Version: 6.1.0.4963 - Rizonesoft)
FolderSizes 6 (HKLM\...\{C2321D5C-FD93-462C-9908-5CED4E9B07B8}) (Version: 6.1.76 - Key Metric Software) Hidden
FolderSizes 6 (HKLM-x32\...\FolderSizes 6 6.1.76) (Version: 6.1.76 - Key Metric Software)
FormatFactory 3.9.5.2 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.2 - Free Time)
Foxit Advanced PDF Editor 3 (HKLM-x32\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Free AVI MPEG WMV MP4 FLV Video Joiner 8.8.0 (HKLM-x32\...\Free AVI MPEG WMV MP4 FLV Video Joiner_is1) (Version:  - FreeAudioVideoSoftTech, Inc.)
Free Video Flip and Rotate version 2.1.9.822 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grabadora de Audio Gratis V2.3.2 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.3.2 - APOWERSOFT LIMITED)
HP PrecisionScan LTX (HKLM-x32\...\HP PrecisionScan LTX) (Version:  - )
hubiC - x64 (HKLM\...\{0A945801-D93C-46BF-9417-697DCE52E5B4}) (Version: 2.0.2.124 - OVH) Hidden
hubiC (HKLM-x32\...\{6c91e652-071b-4014-9477-f57cacecb32b}) (Version: 2.0.2.124 - OVH)
HydraVision (HKLM-x32\...\{10EDA005-3CCE-56EA-B9FE-FCE959672BB5}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Importación de SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
InkReset version 2.25 (HKLM-x32\...\{1C557D95-74B6-4AC2-9811-46F0441D6646}_is1) (Version: 2.25 - )
Java 7 Update 76 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417076FF}) (Version: 7.0.760 - Oracle)
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Manager (HKLM-x32\...\{38251B9A-C44B-42D9-9A6A-0697986E334A}) (Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 64.0 (x64 es-AR) (HKLM\...\Mozilla Firefox 64.0 (x64 es-AR)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 es-ES) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 es-ES)) (Version: 52.9.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
Nero 7.5.9.0 (HKLM-x32\...\Nero 7_is1) (Version:  - Nero AG)
OLYMPUS ib (HKLM-x32\...\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.1.1404 - OLYMPUS IMAGING CORP.) Hidden
OLYMPUS ib (HKLM-x32\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.1.1404 - OLYMPUS IMAGING CORP.)
Oracle VM VirtualBox 4.3.16 (HKLM\...\{D7FAEA32-7CE3-4D9F-9139-F7B87BCC50AF}) (Version: 4.3.16 - Oracle Corporation)
Páginas Amarillas (HKLM-x32\...\Guía de Teléfonos de Páginas Amarillas_is1) (Version:  - YELL ARGENTINA S.A.)
Paquete de controladores de Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 Create Module (HKLM-x32\...\{3D0D9604-0173-488D-9694-2638C44D7579}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 Edit Module (HKLM-x32\...\{8B0A956F-9BE6-495B-AF80-7B5B42061D79}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (HKLM\...\{72B9DF2C-76FA-40B5-A469-16EAB159CE72}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{BDF7326B-7ED4-4034-B867-F4E88D4E628B}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{03E04B47-9270-4613-8D7E-DA4AD2B259A0}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.4.0 - pdfforge GmbH)
PicosmosTools 1.7.6.0 (HKLM-x32\...\PicosmosTools) (Version: 1.7.6.0 - Free Time)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.) Hidden
Polaris Office Sync (HKLM-x32\...\{1A971E8B-7C02-4155-97F2-23704B513276}) (Version: 2.006.002 - Polaris Office, Inc.) Hidden
Polaris Office Sync (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\InstallShield_{1A971E8B-7C02-4155-97F2-23704B513276}) (Version: 2.006.002 - Polaris Office, Inc.)
qBittorrent 3.3.0 (HKLM-x32\...\qBittorrent) (Version: 3.3.0 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Readon TV Movie Radio Player 7.6.0.0 (HKLM-x32\...\{80074966-5231-428D-9AE7-B7D5D2DC3246}) (Version: 7.6.0 - Readon Technology)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
REAPER (HKLM-x32\...\REAPER) (Version:  - )
RegSeeker (HKLM-x32\...\RegSeeker) (Version: 3.01.3680 - HoverDesk)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.6.5.13 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Nombre de su organización) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Nombre de su organización)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18091.6 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18091.6 - Samsung Electronics Co., Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
Spotify (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Spotify) (Version: 1.0.90.268.ga8a0ceb4 - Spotify AB)
Spotydl 0.9.36.0 (HKLM-x32\...\Spotydl_is1) (Version: 0.9.36.0 - spotydl.com)
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
System Ninja version 3.1.5 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.1.5 - SingularLabs)
TapinRadio Pro (HKLM\...\TapinRadio Pro_is1) (Version: 1.70.2 - Raimersoft)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.44109 - TeamViewer)
Temperature Monitor (HKLM-x32\...\{6642BF47-D82A-447B-90E7-658FA865AFD7}) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
TunnelBear (HKLM-x32\...\{6842EAA3-D175-41D1-9F4A-DF20BA70483A}) (Version: 2.3.29.0 - TunnelBear) Hidden
TunnelBear (HKLM-x32\...\{70b32981-56bc-4340-82c1-6b0dc0d5bc2a}) (Version: 2.3.29.0 - TunnelBear)
Ubuntu (HKLM-x32\...\Wubi) (Version: 9.10ubuntu1-rev160 - Ubuntu)
UltraISO Premium V8.66 (HKLM-x32\...\UltraISO_is1) (Version:  - )
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.4.0.1 - ) <==== ATTENTION
VdhCoApp 1.1.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A278E021-9C9F-11E2-A232-F04DA23A5C58}) (Version: 12.0.563 - Sony)
VIA Administrador de dispositivos de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Video Enhancer 1.9.12 (HKLM-x32\...\Video Enhancer_is1) (Version:  - Infognition Co. Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.7 - VSO Software)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wondershare Dr.Fone for Android(Build 6.2.0.42) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 6.2.0.42 - Wondershare Software Co.,Ltd.)
Wuala (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM-x32\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2385482525-178760063-3032261430-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2385482525-178760063-3032261430-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2385482525-178760063-3032261430-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\es-ES\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ 0POLinkIconDone] -> {4931EE43-90CB-4D46-A50F-474D7C5D97BE} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 1POLinkIconFailed] -> {828F1FF1-021C-4EC0-A4F8-B1BFF6390DD3} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 2POLinkIconIng] -> {8AE3CBEA-8E21-4883-BFD0-925F5513F190} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 3POLinkIconProhibited] -> {DED0F1AF-0505-4FB7-83AA-C2E51FA0721F} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-02] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-02] (AVAST Software)
ShellIconOverlayIdentifiers: [0POLinkIconDone] -> {4931EE43-90CB-4D46-A50F-474D7C5D97BE} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {595A7934-FFB9-4C7D-BDFE-5737B967D8EE} => C:\Windows\System32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [1POLinkIconFailed] -> {828F1FF1-021C-4EC0-A4F8-B1BFF6390DD3} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [2POLinkIconIng] -> {8AE3CBEA-8E21-4883-BFD0-925F5513F190} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [3POLinkIconProhibited] -> {DED0F1AF-0505-4FB7-83AA-C2E51FA0721F} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  -> No File
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [HubicBackupRootOverlayHandler] -> {2DF0C6DB-1E85-4894-9D4F-63CB0EAB17EA} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicPublishedItemOverlayHandler] -> {7C76B697-27DF-4CFF-9909-863905561298} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicSyncItemOverlayHandler] -> {9B497753-D273-4A80-9DE8-72248D7FA595} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicUnsyncItemOverlayHandler] -> {D5454A6E-0904-4BA3-9E4A-240A5080259D} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {595A7934-FFB9-4C7D-BDFE-5737B967D8EE} => C:\Windows\System32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-07] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-02] (AVAST Software)
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2016-03-09] (Foxit Software Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2016-08-05] (pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-05] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-05] (Alexander Roshal)
ContextMenuHandlers1-x32: [{26fe3a74-9007-44b7-bdef-68cdd4dce946}] -> {26fe3a74-9007-44b7-bdef-68cdd4dce946} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-02] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.)
ContextMenuHandlers4: [{26fe3a74-9007-44b7-bdef-68cdd4dce946}] -> {26fe3a74-9007-44b7-bdef-68cdd4dce946} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-12-06] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ContextMenuHandlers5: [{26fe3a74-9007-44b7-bdef-68cdd4dce946}] -> {26fe3a74-9007-44b7-bdef-68cdd4dce946} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-02] (AVAST Software)
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers6: [FSShellExt] -> {56160A70-D083-4856-9998-F565ABC03F86} => C:\Program Files\Key Metric Software\FolderSizes 6\FSShellExt.dll [2013-08-22] (Key Metric Software, LLC.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-05] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-05] (Alexander Roshal) 

Addition 2/2

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {003181B1-06EB-4760-BA70-330CC770A537} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {089097FA-B31B-40CC-A8C6-2CACCF3B4DBC} - System32\Tasks\{D0FB9DCF-84E3-4592-8340-7A41FFBCFDBF} => C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hppsapp.exe [2001-07-26] (Hewlett-Packard)
Task: {233CB579-BE5F-45F7-8AF7-B54AB29B9F89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-08] (Google Inc.)
Task: {300A326C-A1D0-4609-BFCE-1BF1B02BEA9F} - System32\Tasks\{979C15B0-E89E-4C30-9EEE-F078D8C3BB5D} => C:\Windows\system32\pcalua.exe -a D:\IsInstallPending.exe -d D:\
Task: {353F734E-2D9B-4BA0-950E-25DB67064B61} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-21] ()
Task: {39A7FFEF-2C81-435A-BDC3-595926629415} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {41B1B22C-FF61-48E3-870D-FC63A6731077} - System32\Tasks\{52543DC8-CC95-41CC-86F7-2BBCD3841977} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\Desktop\DISCO 3\New Volume\Archivos de programa\CCleaner\uninst.exe" -d C:\Users\Usuario\Desktop -c C:\Users\Usuario\Desktop\CCleaner.exe
Task: {624152D9-A2BE-4C07-B9E1-371A1F472A02} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-21] ()
Task: {79B9A5A2-5B27-4E03-A3E2-8B3031D6C538} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-27] (Dropbox, Inc.)
Task: {7F49A1E1-FB99-43A6-AC1F-C948C9AA07F1} - System32\Tasks\Driver Booster SkipUAC (Usuario) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {8A874E15-7A81-43FC-9F96-83D497BD7E4D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-03-31] (AVAST Software)
Task: {99718312-781A-45A3-8C72-0B9414DFAE46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {A96D78EB-8D65-4A9F-B313-69C38D1CA6F5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-27] (Dropbox, Inc.)
Task: {B1695C9E-8464-4D37-B325-09E1D86D36FB} - System32\Tasks\{C662EC5D-D325-4935-8E44-415AC6C337C3} => C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hppsapp.exe [2001-07-26] (Hewlett-Packard)
Task: {C6009FC5-1AEA-4875-9403-BF89A8787E5A} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2385482525-178760063-3032261430-1000
Task: {CF4065E0-99F0-4F4B-B683-0DE51AFC6E93} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2385482525-178760063-3032261430-1000 => C:\Users\Usuario\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-29] (Mega Limited)
Task: {D4466B31-8D42-45DE-89A4-3AB2B9B19A47} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-12] (Adobe Systems Incorporated)
Task: {D62314E3-7C58-4A1E-91FA-AB6408BADB1C} - System32\Tasks\{6B688EB6-3D5B-480D-93FF-7F62D0694354} => C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hppsapp.exe [2001-07-26] (Hewlett-Packard)
Task: {D8F113DB-5CE7-4E96-BD01-FE5099A31566} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-12-02] (AVAST Software)
Task: {E10CAD41-28A1-46D9-9DB9-BDAE61F57A6A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-08] (Google Inc.)
Task: {EA26A0F2-527D-4E91-821C-984C90CEB6C7} - System32\Tasks\{F0D0B5B5-F732-4862-BB85-81BD010D7D25} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hppsapp.exe"
Task: {F178E87C-D799-4956-AC3A-6159B36A7F90} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-03-31] (AVAST Software)
Task: {F4561B33-1298-4F67-A23A-0F6B04A5814F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-12] (Adobe Systems Incorporated)
Task: {FE6864F6-6906-4B06-911D-7E7CB1418AC5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-11-02] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Usuario\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

==================== Loaded Modules (Whitelisted) ==============

2013-12-06 16:06 - 2013-12-06 16:06 - 000214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2017-10-18 18:51 - 2017-10-18 18:51 - 000598528 _____ () C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll
2014-02-20 22:53 - 2018-09-10 12:38 - 000095168 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2014-11-08 14:13 - 2016-03-09 16:18 - 000025088 _____ () C:\Program Files\SAMSUNG\Samsung Link\JniSys.dll
2014-11-08 14:13 - 2016-03-09 16:18 - 002513920 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_proxy.dll
2014-11-08 14:13 - 2016-03-09 16:18 - 002436096 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_stub.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 000036864 _____ () C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 000144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 000018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 000030720 _____ () C:\Windows\system32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 000908800 _____ () C:\Windows\system32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 000521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000049152 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000016896 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000058880 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000299520 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll
2016-04-25 13:18 - 2016-04-25 13:18 - 000669696 ____N () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 001114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 000707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 000107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 000102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 000077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 005717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 004671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 000028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 000017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 000117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 001033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 000134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 000032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 000055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2013-12-06 15:53 - 2013-12-06 15:53 - 000094208 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraEsp.dll
2017-10-18 18:58 - 2017-10-18 18:58 - 000570368 _____ () C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX32.dll
2018-12-13 01:53 - 2018-12-12 22:08 - 001140552 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-12-13 01:53 - 2018-12-12 22:08 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-12-12 18:23 - 2018-12-12 22:10 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:08 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes36.dll
2018-12-12 18:23 - 2018-12-12 22:08 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000082760 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:08 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom36.dll
2018-12-13 01:53 - 2018-12-12 22:10 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:08 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000092496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt562.sip.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 011820368 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:08 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-12-12 18:23 - 2018-12-12 22:10 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-12-12 18:23 - 2018-12-12 22:10 - 000038240 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-12-13 01:53 - 2018-12-12 22:10 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-12-12 18:23 - 2018-12-12 22:10 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000241488 _____ () C:\Program Files (x86)\Dropbox\Client\windragdrop.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp36-win32.pyd
2018-11-03 09:55 - 2018-11-03 09:55 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-12-16 16:58 - 2018-12-16 16:58 - 005724304 _____ () C:\Program Files\AVAST Software\Avast\defs\18121604\algo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [118]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2385482525-178760063-3032261430-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE trusted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2017-08-25 18:36 - 000450575 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15459 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2385482525-178760063-3032261430-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BackupRemind.lnk => C:\Windows\pss\BackupRemind.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Firemin.lnk => C:\Windows\pss\Firemin.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Polaris Office Sync.lnk => C:\Windows\pss\Polaris Office Sync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla y Selector de OneNote 2010.lnk => C:\Windows\pss\Recorte de pantalla y Selector de OneNote 2010.lnk.Startup
MSCONFIG\startupreg: AdAwareTray => 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => 
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Chromium => "c:\users\usuario\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
MSCONFIG\startupreg: Clip2Net => C:\Program Files (x86)\Clip2Net\clip2net.exe
MSCONFIG\startupreg: CorelDRAW Graphics Suite 11b => 
MSCONFIG\startupreg: Draughts => "C:\Users\Usuario\AppData\Roaming\Checkers\Draughts\Draughts.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EPSON L800 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIG5P.EXE /FU "C:\Windows\TEMP\E_S55FD.tmp" /EF "HKCU"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_CF0D12F859BF15DAB73FDD0B7E1E013D => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => 
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LanguageShortcut => 
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
MSCONFIG\startupreg: Olympus ib => "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
MSCONFIG\startupreg: Polaris Office Sync => C:\Users\Usuario\AppData\Roaming\PolarisOfficeLink\POLinkLauncher.exe
MSCONFIG\startupreg: PowerDVD14Agent => 
MSCONFIG\startupreg: PSafeTray => 
MSCONFIG\startupreg: PSafeWDS => 
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => 
MSCONFIG\startupreg: SDTray => 
MSCONFIG\startupreg: SideSync => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Usuario\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Usuario\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: SSC Service Utility => C:\Program Files (x86)\SSC Service Utility\ssc_serv.exe /s
MSCONFIG\startupreg: StartCCC => 
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TunnelBear => C:\Program Files (x86)\TunnelBear\TBear.Client.exe -autoconnect
MSCONFIG\startupreg: uTorrent => "C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: VX1000 => C:\Windows\vVX1000.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{E722B8F5-AC8A-4D4A-90C8-7D4E4B534F84}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{0904E8C9-8D84-4D79-B57D-7EA2B88BC77C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{81E39A98-9ABA-40DA-AD0B-289E6DA0A93D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C15FBE1A-AAA6-43A5-B2A5-389136F66929}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2FD100E4-0A60-4F1F-B3D2-B90C6E06A6B4}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{7BC413A3-5337-446D-8F6A-22EC547F78E6}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{01D6D7D6-45A4-44F3-AAA2-520A034E139F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9D19973C-EF58-4E96-A4E3-B06F72452CE4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1AA4A925-DB3E-489B-B1E3-021B9B40DD79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9D4D61AD-C584-43E6-ABB4-8CEAFB1C6CB0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{508F35E1-A721-4808-877F-DB8137C425CB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{4F937B47-800A-4D67-BC23-DF35E42E7B93}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2C07B46F-D9C6-4DC9-9106-3BD34DE2527A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{635F1155-8187-4A86-9444-FE08DFF17049}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3716DBD9-185F-4C4B-892E-6AF6A7D44E63}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39D4598A-26DD-41CB-94A2-46F3931C63D0}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D3FA529B-58F6-4335-A3D8-2E4F48EC43A2}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{88CC4BAD-5DF4-42DA-9AE3-383B556560CB}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{E861FB15-8623-4F4D-BA1D-CBF64B6F338E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{5AB421A8-CE57-4352-8946-D7F47D62A9F6}C:\program files (x86)\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{2E0848BB-F52D-4800-BBC5-B143CF4BC840}C:\program files (x86)\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{2104D34B-3CCE-44C9-958D-C49343952F21}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{3FB9A8E4-EDFB-4F9A-9E50-A09EFF42896B}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{35430691-6B12-4A25-A8E7-6035A1F1799A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{59F66543-A68F-4E33-A199-D9DF894036BB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{64BDAE3E-1EFC-45C5-ADD0-D772E3F5F0CA}C:\program files (x86)\reaper\reaper.exe] => (Block) C:\program files (x86)\reaper\reaper.exe
FirewallRules: [UDP Query User{27B0743F-BE5F-44CF-BF40-31B36FD928D2}C:\program files (x86)\reaper\reaper.exe] => (Block) C:\program files (x86)\reaper\reaper.exe
FirewallRules: [TCP Query User{1C54E26C-A3D0-43F1-B706-3CF1571219B3}C:\program files (x86)\reaper\reamote.exe] => (Block) C:\program files (x86)\reaper\reamote.exe
FirewallRules: [UDP Query User{D2783017-5547-4AAE-9E4C-91D2BE67BC3A}C:\program files (x86)\reaper\reamote.exe] => (Block) C:\program files (x86)\reaper\reamote.exe
FirewallRules: [{C837D156-D8D7-4DB4-B453-13AE16C134B7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{9D4CA4CA-1FA5-4A6E-A1F9-977E075B659E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F97A3D26-F29A-488E-BF00-5A2DA6C29CF3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5DD7105D-3EEC-4576-B7F1-1D44EB136F65}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{654BC184-E291-4995-8148-AE40284AC3D2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (12/17/2018 12:41:49 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/16/2018 11:41:50 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/16/2018 10:41:49 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/16/2018 09:41:47 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/16/2018 08:41:49 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/16/2018 08:07:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/16/2018 08:07:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/16/2018 07:41:47 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.


System errors:
=============
Error: (12/16/2018 08:33:18 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/16/2018 08:33:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/16/2018 08:33:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/16/2018 08:33:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/16/2018 08:33:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/16/2018 08:33:12 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/14/2018 01:39:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/14/2018 01:39:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.


Windows Defender:
===================================
Date: 2014-11-24 23:51:11.428
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;regkey:HKCU@S-1-5-18\software\new.net
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2014-11-24 23:41:57.722
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5572;process:pid:5704;process:pid:5932;process:pid:5952;process:pid:6648
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-11-24 23:41:31.280
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5704;process:pid:5932;process:pid:5952;process:pid:6648
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-11-24 23:41:15.445
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5704;process:pid:5932;process:pid:6648
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-11-24 23:40:25.116
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5704;process:pid:5932
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-07-11 20:14:47.420
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-07-11 20:02:18.445
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-05-30 15:21:14.220
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-03-25 15:54:45.907
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

CodeIntegrity:
===================================

Date: 2014-12-21 12:16:34.648
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Users\Usuario\AppData\Local\Temp\EverestDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-12-21 12:16:34.438
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Users\Usuario\AppData\Local\Temp\EverestDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-12-21 12:16:29.572
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-12-21 12:16:29.360
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

Processor: AMD A6-3500 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 44%
Total physical RAM: 4073.55 MB
Available physical RAM: 2269.32 MB
Total Virtual: 8145.25 MB
Available Virtual: 5284.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.74 GB) (Free:133.74 GB) NTFS
Drive e: (Nuevo vol) (Fixed) (Total:455.42 GB) (Free:179.34 GB) NTFS
Drive f: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
Drive h: (ANALIA AGUSTINA CAMILA) (Fixed) (Total:237.91 GB) (Free:83.79 GB) NTFS
Drive i: (Nuevo vol) (Fixed) (Total:227.75 GB) (Free:186.81 GB) NTFS
Drive j: (Nuevo vol) (Fixed) (Total:1863.01 GB) (Free:1485.25 GB) NTFS

\\?\Volume{bc87ece0-1996-11e3-a98f-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.35 GB) (Free:0.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=356 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=475.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D7D2BF09)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=227.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 0C699BCF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola:

Has ejecutado la herramienta desde un lugar incorrecto.

FRST debe ser descargada y ejecutada desde TU ESCRITORIO.

Corta ese ejecutable que tienes en E: lo pegas en tu escritorio y lo ejecutas como administrador.

Nota Importante:

Cuando pegas los reportes la palabra [code] debe estar sola en la primera linea y en la ultima por ejemplo:

[code] 
texto

Salu2.

Addition 1 de 2

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Usuario (17-12-2018 02:46:07)
Running from C:\Users\Usuario\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-09-10 02:35:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2385482525-178760063-3032261430-500 - Administrator - Disabled)
AVIGNON (S-1-5-21-2385482525-178760063-3032261430-1137 - Limited - Enabled) => C:\Users\AVIGNON
Invitado (S-1-5-21-2385482525-178760063-3032261430-501 - Limited - Disabled)
Usuario (S-1-5-21-2385482525-178760063-3032261430-1000 - Administrator - Enabled) => C:\Users\Usuario

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe ActiveShare 1.5 (HKLM-x32\...\{B3C7CA81-27EB-11D4-A59C-00E02C071F5C}) (Version:  - )
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Advanced RAR Repair v1.2 (HKLM-x32\...\Advanced RAR Repair v1.2) (Version:  - )
AIDA64 Extreme Edition v3.20 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.20 - FinalWire Ltd.)
AirDroid 3.3.1.0 (HKLM-x32\...\AirDroid) (Version: 3.3.1.0 - Sand Studio)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Amazon Kindle (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Amazon Kindle) (Version: 1.17.1.44183 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{FD8FD2BD-A82D-C528-EDA0-A6635F47C19C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Anti-reCAPTCHA v4.01 JD (HKLM-x32\...\{74252365-7BB1-437A-8D61-5B0BD1D9AFAA}) (Version: 4.01 - SONY-TEAM)
Any Video Converter 5.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Any Video Converter 5.9.6 (HKLM-x32\...\Any Video Converter) (Version: 5.9.6 - Anvsoft)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk)
Aplicación para detectar Winamp (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Aplicaciones destacadas de Autodesk 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoCAD 2017 - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017  Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - Español (Spanish) (HKLM\...\AutoCAD 2017 - Español (Spanish)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\{5F0F7049-0000-1033-0102-73A6DA3D7FA6}) (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.102 - AVAST Software)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
calibre 64bit (HKLM\...\{A9CFF5B2-9CF6-4903-ACD1-CE9CFDFD6206}) (Version: 3.34.0 - Kovid Goyal)
Capture-A-ScreenShot (HKLM-x32\...\Capture-A-ScreenShot_is1) (Version:  - PopDrops.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
Clip2Net 0.8.2b (HKLM-x32\...\Clip2Net_is1) (Version:  - AU78)
ConvertXtoDVD 3.8.0.193j (HKLM-x32\...\{76C24F39-B161-498F-BD8B-C64789812D13}_is1) (Version: 3.8.0.193j - )
Corel Shell Extension - 64Bit (HKLM\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF011}) (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF012}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF016}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF013}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF017}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF019}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (HKLM-x32\...\{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (HKLM-x32\...\{D2827848-7D2A-4547-9AD1-C965FB3E6344}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (HKLM-x32\...\{7F05E704-30A6-421A-97A7-8EEB1C7FF014}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (HKLM-x32\...\{BF439B41-0252-48DE-8B8B-0430CB26A181}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (HKLM-x32\...\{44A27085-0616-4181-A0C3-81C7ECA17F73}) (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM-x32\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
coverXP (remove only) (HKLM-x32\...\coverXP) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Datel 2001 V1.12 R2 (HKLM-x32\...\ST6UNST #1) (Version:  - )
Diccion@rios Espasa (HKLM-x32\...\Diccion@rios Espasa) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 64.3.121 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.143.1 - Dropbox, Inc.) Hidden
E.M. PowerPoint Video Converter 3.20 (HKLM-x32\...\E.M. PowerPoint Video Converter_is1) (Version:  - EffectMatrix, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{445E91BC-EC9D-423F-A6CA-80B80C894EF7}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
EPSON L800 Series Printer Uninstall (HKLM\...\EPSON L800 Series) (Version:  - SEIKO EPSON Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.05.00 - SEIKO EPSON CORPORATION)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
Firemin 6.1.0.4963 (HKLM\...\Firemin_is1) (Version: 6.1.0.4963 - Rizonesoft)
FolderSizes 6 (HKLM\...\{C2321D5C-FD93-462C-9908-5CED4E9B07B8}) (Version: 6.1.76 - Key Metric Software) Hidden
FolderSizes 6 (HKLM-x32\...\FolderSizes 6 6.1.76) (Version: 6.1.76 - Key Metric Software)
FormatFactory 3.9.5.2 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.2 - Free Time)
Foxit Advanced PDF Editor 3 (HKLM-x32\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
Free AVI MPEG WMV MP4 FLV Video Joiner 8.8.0 (HKLM-x32\...\Free AVI MPEG WMV MP4 FLV Video Joiner_is1) (Version:  - FreeAudioVideoSoftTech, Inc.)
Free Video Flip and Rotate version 2.1.9.822 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grabadora de Audio Gratis V2.3.2 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.3.2 - APOWERSOFT LIMITED)
HP PrecisionScan LTX (HKLM-x32\...\HP PrecisionScan LTX) (Version:  - )
hubiC - x64 (HKLM\...\{0A945801-D93C-46BF-9417-697DCE52E5B4}) (Version: 2.0.2.124 - OVH) Hidden
hubiC (HKLM-x32\...\{6c91e652-071b-4014-9477-f57cacecb32b}) (Version: 2.0.2.124 - OVH)
HydraVision (HKLM-x32\...\{10EDA005-3CCE-56EA-B9FE-FCE959672BB5}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Importación de SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
InkReset version 2.25 (HKLM-x32\...\{1C557D95-74B6-4AC2-9811-46F0441D6646}_is1) (Version: 2.25 - )
Java 7 Update 76 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417076FF}) (Version: 7.0.760 - Oracle)
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Manager (HKLM-x32\...\{38251B9A-C44B-42D9-9A6A-0697986E334A}) (Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 64.0 (x64 es-AR) (HKLM\...\Mozilla Firefox 64.0 (x64 es-AR)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 es-ES) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 es-ES)) (Version: 52.9.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
Nero 7.5.9.0 (HKLM-x32\...\Nero 7_is1) (Version:  - Nero AG)
OLYMPUS ib (HKLM-x32\...\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.1.1404 - OLYMPUS IMAGING CORP.) Hidden
OLYMPUS ib (HKLM-x32\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.1.1404 - OLYMPUS IMAGING CORP.)
Oracle VM VirtualBox 4.3.16 (HKLM\...\{D7FAEA32-7CE3-4D9F-9139-F7B87BCC50AF}) (Version: 4.3.16 - Oracle Corporation)
Páginas Amarillas (HKLM-x32\...\Guía de Teléfonos de Páginas Amarillas_is1) (Version:  - YELL ARGENTINA S.A.)
Paquete de controladores de Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 Create Module (HKLM-x32\...\{3D0D9604-0173-488D-9694-2638C44D7579}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 Edit Module (HKLM-x32\...\{8B0A956F-9BE6-495B-AF80-7B5B42061D79}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (HKLM\...\{72B9DF2C-76FA-40B5-A469-16EAB159CE72}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{BDF7326B-7ED4-4034-B867-F4E88D4E628B}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{03E04B47-9270-4613-8D7E-DA4AD2B259A0}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.4.0 - pdfforge GmbH)
PicosmosTools 1.7.6.0 (HKLM-x32\...\PicosmosTools) (Version: 1.7.6.0 - Free Time)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.) Hidden
Polaris Office Sync (HKLM-x32\...\{1A971E8B-7C02-4155-97F2-23704B513276}) (Version: 2.006.002 - Polaris Office, Inc.) Hidden
Polaris Office Sync (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\InstallShield_{1A971E8B-7C02-4155-97F2-23704B513276}) (Version: 2.006.002 - Polaris Office, Inc.)
qBittorrent 3.3.0 (HKLM-x32\...\qBittorrent) (Version: 3.3.0 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Readon TV Movie Radio Player 7.6.0.0 (HKLM-x32\...\{80074966-5231-428D-9AE7-B7D5D2DC3246}) (Version: 7.6.0 - Readon Technology)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
REAPER (HKLM-x32\...\REAPER) (Version:  - )
RegSeeker (HKLM-x32\...\RegSeeker) (Version: 3.01.3680 - HoverDesk)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.6.5.13 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Nombre de su organización) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Nombre de su organización)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18091.6 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18091.6 - Samsung Electronics Co., Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
Spotify (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Spotify) (Version: 1.0.90.268.ga8a0ceb4 - Spotify AB)
Spotydl 0.9.36.0 (HKLM-x32\...\Spotydl_is1) (Version: 0.9.36.0 - spotydl.com)
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
System Ninja version 3.1.5 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.1.5 - SingularLabs)
TapinRadio Pro (HKLM\...\TapinRadio Pro_is1) (Version: 1.70.2 - Raimersoft)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.44109 - TeamViewer)
Temperature Monitor (HKLM-x32\...\{6642BF47-D82A-447B-90E7-658FA865AFD7}) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
TunnelBear (HKLM-x32\...\{6842EAA3-D175-41D1-9F4A-DF20BA70483A}) (Version: 2.3.29.0 - TunnelBear) Hidden
TunnelBear (HKLM-x32\...\{70b32981-56bc-4340-82c1-6b0dc0d5bc2a}) (Version: 2.3.29.0 - TunnelBear)
Ubuntu (HKLM-x32\...\Wubi) (Version: 9.10ubuntu1-rev160 - Ubuntu)
UltraISO Premium V8.66 (HKLM-x32\...\UltraISO_is1) (Version:  - )
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.4.0.1 - ) <==== ATTENTION
VdhCoApp 1.1.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A278E021-9C9F-11E2-A232-F04DA23A5C58}) (Version: 12.0.563 - Sony)
VIA Administrador de dispositivos de plataforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Video Enhancer 1.9.12 (HKLM-x32\...\Video Enhancer_is1) (Version:  - Infognition Co. Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.7 - VSO Software)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wondershare Dr.Fone for Android(Build 6.2.0.42) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 6.2.0.42 - Wondershare Software Co.,Ltd.)
Wuala (HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)
Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Wuala OverlayIcons (HKLM-x32\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2385482525-178760063-3032261430-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2385482525-178760063-3032261430-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2385482525-178760063-3032261430-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\es-ES\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ 0POLinkIconDone] -> {4931EE43-90CB-4D46-A50F-474D7C5D97BE} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 1POLinkIconFailed] -> {828F1FF1-021C-4EC0-A4F8-B1BFF6390DD3} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 2POLinkIconIng] -> {8AE3CBEA-8E21-4883-BFD0-925F5513F190} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 3POLinkIconProhibited] -> {DED0F1AF-0505-4FB7-83AA-C2E51FA0721F} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-02] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-02] (AVAST Software)
ShellIconOverlayIdentifiers: [0POLinkIconDone] -> {4931EE43-90CB-4D46-A50F-474D7C5D97BE} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Wuala OverlayIcons\OverlayIcon.dll [2012-05-02] (LaCie AG)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {595A7934-FFB9-4C7D-BDFE-5737B967D8EE} => C:\Windows\System32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [1POLinkIconFailed] -> {828F1FF1-021C-4EC0-A4F8-B1BFF6390DD3} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [2POLinkIconIng] -> {8AE3CBEA-8E21-4883-BFD0-925F5513F190} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [3POLinkIconProhibited] -> {DED0F1AF-0505-4FB7-83AA-C2E51FA0721F} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  -> No File
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers: [HubicBackupRootOverlayHandler] -> {2DF0C6DB-1E85-4894-9D4F-63CB0EAB17EA} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicPublishedItemOverlayHandler] -> {7C76B697-27DF-4CFF-9909-863905561298} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicSyncItemOverlayHandler] -> {9B497753-D273-4A80-9DE8-72248D7FA595} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HubicUnsyncItemOverlayHandler] -> {D5454A6E-0904-4BA3-9E4A-240A5080259D} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {595A7934-FFB9-4C7D-BDFE-5737B967D8EE} => C:\Windows\System32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-07] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-02] (AVAST Software)
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2016-03-09] (Foxit Software Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2016-08-05] (pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-05] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-05] (Alexander Roshal)
ContextMenuHandlers1-x32: [{26fe3a74-9007-44b7-bdef-68cdd4dce946}] -> {26fe3a74-9007-44b7-bdef-68cdd4dce946} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-02] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.)
ContextMenuHandlers4: [{26fe3a74-9007-44b7-bdef-68cdd4dce946}] -> {26fe3a74-9007-44b7-bdef-68cdd4dce946} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-12-06] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-12] (Dropbox, Inc.)
ContextMenuHandlers5: [{26fe3a74-9007-44b7-bdef-68cdd4dce946}] -> {26fe3a74-9007-44b7-bdef-68cdd4dce946} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-02] (AVAST Software)
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers6: [FSShellExt] -> {56160A70-D083-4856-9998-F565ABC03F86} => C:\Program Files\Key Metric Software\FolderSizes 6\FSShellExt.dll [2013-08-22] (Key Metric Software, LLC.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-05] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-05] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {003181B1-06EB-4760-BA70-330CC770A537} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {089097FA-B31B-40CC-A8C6-2CACCF3B4DBC} - System32\Tasks\{D0FB9DCF-84E3-4592-8340-7A41FFBCFDBF} => C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hppsapp.exe [2001-07-26] (Hewlett-Packard)
Task: {233CB579-BE5F-45F7-8AF7-B54AB29B9F89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-08] (Google Inc.)
Task: {300A326C-A1D0-4609-BFCE-1BF1B02BEA9F} - System32\Tasks\{979C15B0-E89E-4C30-9EEE-F078D8C3BB5D} => C:\Windows\system32\pcalua.exe -a D:\IsInstallPending.exe -d D:\
Task: {353F734E-2D9B-4BA0-950E-25DB67064B61} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-21] ()
Task: {39A7FFEF-2C81-435A-BDC3-595926629415} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {41B1B22C-FF61-48E3-870D-FC63A6731077} - System32\Tasks\{52543DC8-CC95-41CC-86F7-2BBCD3841977} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\Desktop\DISCO 3\New Volume\Archivos de programa\CCleaner\uninst.exe" -d C:\Users\Usuario\Desktop -c C:\Users\Usuario\Desktop\CCleaner.exe
Task: {624152D9-A2BE-4C07-B9E1-371A1F472A02} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-21] ()
Task: {79B9A5A2-5B27-4E03-A3E2-8B3031D6C538} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-27] (Dropbox, Inc.)
Task: {7F49A1E1-FB99-43A6-AC1F-C948C9AA07F1} - System32\Tasks\Driver Booster SkipUAC (Usuario) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {8A874E15-7A81-43FC-9F96-83D497BD7E4D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-03-31] (AVAST Software)
Task: {99718312-781A-45A3-8C72-0B9414DFAE46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {A96D78EB-8D65-4A9F-B313-69C38D1CA6F5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-07-27] (Dropbox, Inc.)
Task: {B1695C9E-8464-4D37-B325-09E1D86D36FB} - System32\Tasks\{C662EC5D-D325-4935-8E44-415AC6C337C3} => C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hppsapp.exe [2001-07-26] (Hewlett-Packard)
Task: {C6009FC5-1AEA-4875-9403-BF89A8787E5A} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2385482525-178760063-3032261430-1000
Task: {CF4065E0-99F0-4F4B-B683-0DE51AFC6E93} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2385482525-178760063-3032261430-1000 => C:\Users\Usuario\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-29] (Mega Limited)
Task: {D4466B31-8D42-45DE-89A4-3AB2B9B19A47} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-12] (Adobe Systems Incorporated)
Task: {D62314E3-7C58-4A1E-91FA-AB6408BADB1C} - System32\Tasks\{6B688EB6-3D5B-480D-93FF-7F62D0694354} => C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hppsapp.exe [2001-07-26] (Hewlett-Packard)
Task: {D8F113DB-5CE7-4E96-BD01-FE5099A31566} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-12-02] (AVAST Software)
Task: {E10CAD41-28A1-46D9-9DB9-BDAE61F57A6A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-08] (Google Inc.)
Task: {EA26A0F2-527D-4E91-821C-984C90CEB6C7} - System32\Tasks\{F0D0B5B5-F732-4862-BB85-81BD010D7D25} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hppsapp.exe"
Task: {F178E87C-D799-4956-AC3A-6159B36A7F90} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-03-31] (AVAST Software)
Task: {F4561B33-1298-4F67-A23A-0F6B04A5814F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-12] (Adobe Systems Incorporated)
Task: {FE6864F6-6906-4B06-911D-7E7CB1418AC5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-11-02] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Addition 2 de 2


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Usuario\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

==================== Loaded Modules (Whitelisted) ==============

2013-12-06 16:06 - 2013-12-06 16:06 - 000214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-02-20 22:53 - 2018-09-10 12:38 - 000095168 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2014-11-08 14:13 - 2016-03-09 16:18 - 000025088 _____ () C:\Program Files\SAMSUNG\Samsung Link\JniSys.dll
2014-11-08 14:13 - 2016-03-09 16:18 - 002513920 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_proxy.dll
2014-11-08 14:13 - 2016-03-09 16:18 - 002436096 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_stub.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 000036864 _____ () C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 000144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 000018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 000030720 _____ () C:\Windows\system32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 000908800 _____ () C:\Windows\system32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 000521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000049152 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000016896 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000058880 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 000299520 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll
2016-04-25 13:18 - 2016-04-25 13:18 - 000669696 ____N () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2017-10-18 18:51 - 2017-10-18 18:51 - 000598528 _____ () C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 001114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 000707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 000107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 000102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 000077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 005717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 004671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 000028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 000017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 000117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 001033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 000134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 000013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 000032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 000055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 000046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 000044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2013-12-06 15:53 - 2013-12-06 15:53 - 000094208 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraEsp.dll
2017-10-18 18:58 - 2017-10-18 18:58 - 000570368 _____ () C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX32.dll
2018-12-13 01:53 - 2018-12-12 22:08 - 001140552 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-12-13 01:53 - 2018-12-12 22:08 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-12-12 18:23 - 2018-12-12 22:10 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:08 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes36.dll
2018-12-12 18:23 - 2018-12-12 22:08 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000082760 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:08 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom36.dll
2018-12-13 01:53 - 2018-12-12 22:10 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:08 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000092496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt562.sip.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp36-win32.pyd
2018-12-13 01:52 - 2018-12-12 22:09 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:08 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 011820368 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:08 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-12-12 18:23 - 2018-12-12 22:10 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-12-12 18:23 - 2018-12-12 22:10 - 000038240 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-12-13 01:53 - 2018-12-12 22:10 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-12-12 18:23 - 2018-12-12 22:10 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000241488 _____ () C:\Program Files (x86)\Dropbox\Client\windragdrop.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:10 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp36-win32.pyd
2018-12-12 18:23 - 2018-12-12 22:11 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp36-win32.pyd
2018-12-13 01:53 - 2018-12-12 22:10 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp36-win32.pyd
2018-11-03 09:55 - 2018-11-03 09:55 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-12-02 20:36 - 2018-12-02 20:36 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-12-16 16:58 - 2018-12-16 16:58 - 005724304 _____ () C:\Program Files\AVAST Software\Avast\defs\18121604\algo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [118]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2385482525-178760063-3032261430-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

IE trusted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2017-08-25 18:36 - 000450575 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15459 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2385482525-178760063-3032261430-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BackupRemind.lnk => C:\Windows\pss\BackupRemind.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Firemin.lnk => C:\Windows\pss\Firemin.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Polaris Office Sync.lnk => C:\Windows\pss\Polaris Office Sync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla y Selector de OneNote 2010.lnk => C:\Windows\pss\Recorte de pantalla y Selector de OneNote 2010.lnk.Startup
MSCONFIG\startupreg: AdAwareTray => 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => 
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Chromium => "c:\users\usuario\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
MSCONFIG\startupreg: Clip2Net => C:\Program Files (x86)\Clip2Net\clip2net.exe
MSCONFIG\startupreg: CorelDRAW Graphics Suite 11b => 
MSCONFIG\startupreg: Draughts => "C:\Users\Usuario\AppData\Roaming\Checkers\Draughts\Draughts.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EPSON L800 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIG5P.EXE /FU "C:\Windows\TEMP\E_S55FD.tmp" /EF "HKCU"
MSCONFIG\startupreg: GoogleChromeAutoLaunch_CF0D12F859BF15DAB73FDD0B7E1E013D => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => 
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LanguageShortcut => 
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
MSCONFIG\startupreg: Olympus ib => "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
MSCONFIG\startupreg: Polaris Office Sync => C:\Users\Usuario\AppData\Roaming\PolarisOfficeLink\POLinkLauncher.exe
MSCONFIG\startupreg: PowerDVD14Agent => 
MSCONFIG\startupreg: PSafeTray => 
MSCONFIG\startupreg: PSafeWDS => 
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => 
MSCONFIG\startupreg: SDTray => 
MSCONFIG\startupreg: SideSync => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Usuario\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Usuario\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: SSC Service Utility => C:\Program Files (x86)\SSC Service Utility\ssc_serv.exe /s
MSCONFIG\startupreg: StartCCC => 
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TunnelBear => C:\Program Files (x86)\TunnelBear\TBear.Client.exe -autoconnect
MSCONFIG\startupreg: uTorrent => "C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: VX1000 => C:\Windows\vVX1000.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{E722B8F5-AC8A-4D4A-90C8-7D4E4B534F84}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{0904E8C9-8D84-4D79-B57D-7EA2B88BC77C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{81E39A98-9ABA-40DA-AD0B-289E6DA0A93D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C15FBE1A-AAA6-43A5-B2A5-389136F66929}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2FD100E4-0A60-4F1F-B3D2-B90C6E06A6B4}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{7BC413A3-5337-446D-8F6A-22EC547F78E6}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{01D6D7D6-45A4-44F3-AAA2-520A034E139F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9D19973C-EF58-4E96-A4E3-B06F72452CE4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1AA4A925-DB3E-489B-B1E3-021B9B40DD79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9D4D61AD-C584-43E6-ABB4-8CEAFB1C6CB0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{508F35E1-A721-4808-877F-DB8137C425CB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{4F937B47-800A-4D67-BC23-DF35E42E7B93}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2C07B46F-D9C6-4DC9-9106-3BD34DE2527A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{635F1155-8187-4A86-9444-FE08DFF17049}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3716DBD9-185F-4C4B-892E-6AF6A7D44E63}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39D4598A-26DD-41CB-94A2-46F3931C63D0}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D3FA529B-58F6-4335-A3D8-2E4F48EC43A2}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{88CC4BAD-5DF4-42DA-9AE3-383B556560CB}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{E861FB15-8623-4F4D-BA1D-CBF64B6F338E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{5AB421A8-CE57-4352-8946-D7F47D62A9F6}C:\program files (x86)\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{2E0848BB-F52D-4800-BBC5-B143CF4BC840}C:\program files (x86)\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{2104D34B-3CCE-44C9-958D-C49343952F21}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{3FB9A8E4-EDFB-4F9A-9E50-A09EFF42896B}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{35430691-6B12-4A25-A8E7-6035A1F1799A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{59F66543-A68F-4E33-A199-D9DF894036BB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{64BDAE3E-1EFC-45C5-ADD0-D772E3F5F0CA}C:\program files (x86)\reaper\reaper.exe] => (Block) C:\program files (x86)\reaper\reaper.exe
FirewallRules: [UDP Query User{27B0743F-BE5F-44CF-BF40-31B36FD928D2}C:\program files (x86)\reaper\reaper.exe] => (Block) C:\program files (x86)\reaper\reaper.exe
FirewallRules: [TCP Query User{1C54E26C-A3D0-43F1-B706-3CF1571219B3}C:\program files (x86)\reaper\reamote.exe] => (Block) C:\program files (x86)\reaper\reamote.exe
FirewallRules: [UDP Query User{D2783017-5547-4AAE-9E4C-91D2BE67BC3A}C:\program files (x86)\reaper\reamote.exe] => (Block) C:\program files (x86)\reaper\reamote.exe
FirewallRules: [{C837D156-D8D7-4DB4-B453-13AE16C134B7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{9D4CA4CA-1FA5-4A6E-A1F9-977E075B659E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F97A3D26-F29A-488E-BF00-5A2DA6C29CF3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5DD7105D-3EEC-4576-B7F1-1D44EB136F65}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{654BC184-E291-4995-8148-AE40284AC3D2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (12/17/2018 02:41:54 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/17/2018 01:41:49 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/17/2018 01:35:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/17/2018 01:35:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/17/2018 12:41:49 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/16/2018 11:41:50 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/16/2018 10:41:49 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (12/16/2018 09:41:47 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.


System errors:
=============
Error: (12/16/2018 08:33:18 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/16/2018 08:33:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/16/2018 08:33:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/16/2018 08:33:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/16/2018 08:33:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/16/2018 08:33:12 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/14/2018 01:39:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.

Error: (12/14/2018 01:39:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 80.


Windows Defender:
===================================
Date: 2014-11-24 23:51:11.428
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;regkey:HKCU@S-1-5-18\software\new.net
Tipo de detección:Concreto
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2014-11-24 23:41:57.722
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5572;process:pid:5704;process:pid:5932;process:pid:5952;process:pid:6648
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-11-24 23:41:31.280
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5704;process:pid:5932;process:pid:5952;process:pid:6648
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-11-24 23:41:15.445
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5704;process:pid:5932;process:pid:6648
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-11-24 23:40:25.116
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win32/NewDotNet&threatid=9108
Nombre:Adware:Win32/NewDotNet
Id.:9108
Gravedad:Alta
Categoría:Adware
Ruta de acceso encontrada:file:C:\Program Files (x86)\NewDotNet\newdotnet6_38.dll;file:C:\Program Files (x86)\ProMp3Recorder\NNGLZA638.EXE;file:C:\Windows\NDNuninstall6_38.exe;process:pid:2976;process:pid:3128;process:pid:4128;process:pid:5304;process:pid:5704;process:pid:5932
Tipo de detección:Concreto
Origen de detección:Protección en tiempo real
Estado:Desconocido
Usuario:\
Nombre de proceso:

Date: 2014-07-11 20:14:47.420
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-07-11 20:02:18.445
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-05-30 15:21:14.220
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-03-25 15:54:45.907
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

CodeIntegrity:
===================================

Date: 2014-12-21 12:16:34.648
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Users\Usuario\AppData\Local\Temp\EverestDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-12-21 12:16:34.438
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Users\Usuario\AppData\Local\Temp\EverestDriver.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-12-21 12:16:29.572
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-12-21 12:16:29.360
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

Processor: AMD A6-3500 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 56%
Total physical RAM: 4073.55 MB
Available physical RAM: 1785.2 MB
Total Virtual: 8145.25 MB
Available Virtual: 4962.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.74 GB) (Free:133.73 GB) NTFS
Drive e: (Nuevo vol) (Fixed) (Total:455.42 GB) (Free:179.34 GB) NTFS
Drive f: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
Drive h: (ANALIA AGUSTINA CAMILA) (Fixed) (Total:237.91 GB) (Free:83.79 GB) NTFS
Drive i: (Nuevo vol) (Fixed) (Total:227.75 GB) (Free:186.81 GB) NTFS
Drive j: (Nuevo vol) (Fixed) (Total:1863.01 GB) (Free:1485.25 GB) NTFS

\\?\Volume{bc87ece0-1996-11e3-a98f-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.35 GB) (Free:0.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=356 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=475.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D7D2BF09)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=227.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 0C699BCF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola @omargarcia

Falta que pegues el reporte de FRST, tiene que estar guardado en tu escritorio sin el no puedo darte los pasos para continuar.

Salu2.

Hols @Sandra, pensé habí que pegar el addition unicamente. Va el archivo FRST.txt, seguramente en dos trozos, por la cantidad de caracteres.

FRST.txt 1 de 2

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by Usuario (administrator) on USUARIO-PC (17-12-2018 02:44:46)
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario & AVIGNON)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Arcai.com) C:\Program Files (x86)\netcut\services\aips.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Seiko Epson Corporation) C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Seiko Epson Corporation) C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe.154471542227801
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-02] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4050752 2018-12-12] (Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [uTorrent] => C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe [1738936 2018-11-12] (BitTorrent Inc.)
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261698665850923&GUID=33110175-EE41-4A83-820A-57AC444D4C1B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261698665850923&GUID=33110175-EE41-4A83-820A-57AC444D4C1B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> DefaultScopeBefore {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2385482525-178760063-3032261430-1000 -> DefaultScopeBefore {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-18] (Oracle Corporation)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-02-18] (Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-02-18] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: vg7yakiq.omar 14_12_2018
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\vg7yakiq.omar 14_12_2018 [2018-12-17]
FF Session Restore: Mozilla\Firefox\Profiles\vg7yakiq.omar 14_12_2018 -> is enabled.
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-11-09] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-12] ()
FF Plugin: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-02-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-12] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-12] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR Session Restore: ChromeDefaultData -> is enabled.
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-12-16] <==== ATTENTION
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-02]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2018-12-02]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-29]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-29]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-24]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-24]
CHR Extension: (Tampermonkey) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-05-29]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-29]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-24]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-01]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2017-09-26]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <no Path/update_url>
CHR HKU\S-1-5-21-2385482525-178760063-3032261430-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-12-02] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-02] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-27] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-27] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-12-12] (Dropbox, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-08-05] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (© pdfforge GmbH.)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
S2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [41344 2016-12-16] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-02-17] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [File not signed]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe [115856 2016-07-28] (Wondershare)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-12-02] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-12-02] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-12-02] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-12-02] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-12-02] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-12-02] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-12-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-12-02] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-12-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-12-02] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-12-02] (AVAST Software)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 dbx; C:\Windows\System32\DRIVERS\dbx.sys [45640 2017-07-06] (Dropbox, Inc.)
R3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.)
S3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] ()
R3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-09-09] (Oracle Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 NPF; system32\drivers\NPF.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-17 02:44 - 2018-12-17 02:45 - 000025616 _____ C:\Users\Usuario\Desktop\FRST.txt
2018-12-17 02:44 - 2018-12-13 01:39 - 002417152 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2018-12-13 07:44 - 2018-12-16 22:34 - 000000000 ____D C:\Users\Usuario\Desktop\2018-12-13 Perfil Firefox
2018-12-13 01:53 - 2018-12-13 01:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-12-13 01:40 - 2018-12-17 02:44 - 000000000 ____D C:\FRST
2018-12-13 00:54 - 2018-12-13 00:54 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\uTorrent
2018-12-12 22:08 - 2018-12-12 22:08 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-12-12 22:08 - 2018-12-12 22:08 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-12-12 22:08 - 2018-12-12 22:08 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-12-12 22:08 - 2018-12-12 22:08 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-12-12 18:38 - 2018-12-12 19:03 - 000000000 ____D C:\Users\Usuario\Desktop\FORO SPYWARE
2018-12-12 06:36 - 2018-12-05 23:39 - 003227648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-12-12 06:36 - 2018-11-28 19:02 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-12-12 06:36 - 2018-11-28 19:02 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-12-12 06:36 - 2018-11-28 19:02 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-12-12 06:36 - 2018-11-28 19:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-12-12 06:36 - 2018-11-28 19:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-12-12 06:36 - 2018-11-28 18:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-12-12 06:36 - 2018-11-28 18:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-12-12 06:36 - 2018-11-28 18:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-12-12 06:36 - 2018-11-28 18:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-12-12 06:36 - 2018-11-28 18:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-12-12 06:36 - 2018-11-15 16:46 - 000397088 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-12-12 06:36 - 2018-11-15 15:55 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-12-12 06:36 - 2018-11-15 00:00 - 025735680 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-12-12 06:36 - 2018-11-14 23:34 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-12-12 06:36 - 2018-11-14 22:51 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-12-12 06:36 - 2018-11-14 22:50 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-12-12 06:36 - 2018-11-13 01:54 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-12-12 06:36 - 2018-11-13 01:54 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-12-12 06:36 - 2018-11-13 01:42 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-12-12 06:36 - 2018-11-13 01:41 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-12-12 06:36 - 2018-11-13 01:40 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-12-12 06:36 - 2018-11-13 01:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-12-12 06:36 - 2018-11-13 01:39 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-12-12 06:36 - 2018-11-13 01:35 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-12-12 06:36 - 2018-11-13 01:33 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-12-12 06:36 - 2018-11-13 01:32 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-12-12 06:36 - 2018-11-13 01:30 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-12-12 06:36 - 2018-11-13 01:28 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-12-12 06:36 - 2018-11-13 01:28 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-12-12 06:36 - 2018-11-13 01:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-12-12 06:36 - 2018-11-13 01:28 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-12-12 06:36 - 2018-11-13 01:26 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-12-12 06:36 - 2018-11-13 01:21 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-12-12 06:36 - 2018-11-13 01:18 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-12-12 06:36 - 2018-11-13 01:13 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-12-12 06:36 - 2018-11-13 01:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-12-12 06:36 - 2018-11-13 01:13 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-12-12 06:36 - 2018-11-13 01:12 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-12-12 06:36 - 2018-11-13 01:11 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-12-12 06:36 - 2018-11-13 01:11 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-12-12 06:36 - 2018-11-13 01:10 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-12-12 06:36 - 2018-11-13 01:10 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-12-12 06:36 - 2018-11-13 01:07 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-12-12 06:36 - 2018-11-13 01:07 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-12-12 06:36 - 2018-11-13 01:06 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-12-12 06:36 - 2018-11-13 01:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-12-12 06:36 - 2018-11-13 01:05 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-12-12 06:36 - 2018-11-13 01:05 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-12-12 06:36 - 2018-11-13 01:04 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-12-12 06:36 - 2018-11-13 01:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-12-12 06:36 - 2018-11-13 01:03 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-12-12 06:36 - 2018-11-13 01:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-12-12 06:36 - 2018-11-13 00:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-12-12 06:36 - 2018-11-13 00:53 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-12-12 06:36 - 2018-11-13 00:52 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-12-12 06:36 - 2018-11-13 00:51 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-12-12 06:36 - 2018-11-13 00:51 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-12-12 06:36 - 2018-11-13 00:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-12-12 06:36 - 2018-11-13 00:50 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-12-12 06:36 - 2018-11-13 00:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-12-12 06:36 - 2018-11-13 00:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-12-12 06:36 - 2018-11-13 00:49 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-12-12 06:36 - 2018-11-13 00:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-12-12 06:36 - 2018-11-13 00:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-12-12 06:36 - 2018-11-13 00:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-12-12 06:36 - 2018-11-13 00:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-12-12 06:36 - 2018-11-13 00:42 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-12-12 06:36 - 2018-11-13 00:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-12-12 06:36 - 2018-11-13 00:38 - 013681152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-12-12 06:36 - 2018-11-13 00:38 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-12-12 06:36 - 2018-11-13 00:37 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-12-12 06:36 - 2018-11-13 00:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-12-12 06:36 - 2018-11-13 00:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-12-12 06:36 - 2018-11-13 00:27 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-12-12 06:36 - 2018-11-13 00:18 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-12-12 06:36 - 2018-11-13 00:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-12-12 06:36 - 2018-11-13 00:15 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-12-12 06:36 - 2018-11-13 00:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-12-12 06:36 - 2018-11-11 14:19 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-12-12 06:36 - 2018-11-11 14:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-12-12 06:36 - 2018-11-11 14:01 - 005551848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-12-12 06:36 - 2018-11-11 14:01 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-12-12 06:36 - 2018-11-11 14:01 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-12-12 06:36 - 2018-11-11 14:01 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-12-12 06:36 - 2018-11-11 14:01 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-12-12 06:36 - 2018-11-11 14:00 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-12-12 06:36 - 2018-11-11 13:58 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:49 - 004054760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-12-12 06:36 - 2018-11-11 13:49 - 003960040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-12-12 06:36 - 2018-11-11 13:47 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-12-12 06:36 - 2018-11-11 13:45 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-12-12 06:36 - 2018-11-11 13:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-12-12 06:36 - 2018-11-11 13:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-12-12 06:36 - 2018-11-11 13:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-12-12 06:36 - 2018-11-11 13:20 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-12-12 06:36 - 2018-11-11 13:20 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-12-12 06:36 - 2018-11-11 13:19 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-12-12 06:36 - 2018-11-11 13:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-12-12 06:36 - 2018-11-11 13:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-12-12 06:36 - 2018-11-11 13:16 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-12-12 06:36 - 2018-11-11 13:16 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-12-12 06:36 - 2018-11-11 13:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-12-12 06:36 - 2018-11-11 13:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-12-12 06:36 - 2018-11-11 13:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-12-12 06:36 - 2018-11-11 13:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-12-12 06:36 - 2018-11-11 13:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-12-12 06:36 - 2018-11-11 13:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-12-12 06:36 - 2018-11-11 13:15 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-12-12 06:36 - 2018-11-11 13:15 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-12-12 06:36 - 2018-11-11 13:15 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-12-12 06:36 - 2018-11-11 13:15 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-12-12 06:36 - 2018-11-11 13:14 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-12-12 06:36 - 2018-11-11 13:13 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:13 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:13 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-12-12 06:36 - 2018-11-11 13:13 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-12-12 06:36 - 2018-11-08 13:58 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-12-12 06:36 - 2018-11-08 13:58 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-12-12 06:36 - 2018-11-08 13:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-12-12 06:36 - 2018-11-08 13:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-12-12 06:36 - 2018-11-08 13:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-12-12 06:36 - 2018-11-08 13:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-12-12 06:36 - 2018-11-08 13:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-12-12 06:36 - 2018-11-08 13:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-12-12 06:36 - 2018-11-06 01:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-12-12 06:36 - 2018-11-06 01:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-12-12 06:36 - 2018-10-06 13:03 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-12-12 06:36 - 2018-10-06 12:59 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-12-12 06:36 - 2018-10-06 12:59 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-12-12 06:36 - 2018-10-06 12:58 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-12-12 06:36 - 2018-10-06 12:58 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-12-12 06:36 - 2018-10-06 12:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-12-12 06:36 - 2018-10-06 12:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-12-12 06:36 - 2018-10-06 12:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-12-12 06:36 - 2018-10-06 12:44 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-12-12 06:36 - 2018-10-06 12:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-12-12 06:36 - 2018-10-06 12:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-12-12 06:36 - 2018-10-06 12:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-12-11 13:39 - 2018-12-12 19:59 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2018-12-11 13:39 - 2018-12-11 13:39 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\McAfee Safe Connect
2018-12-11 13:39 - 2018-12-11 13:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\McAfee_Inc
2018-12-07 21:40 - 2018-12-07 21:40 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2018-12-07 21:39 - 2018-12-07 21:39 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-07 21:39 - 2018-12-07 21:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2018-12-07 21:39 - 2018-12-07 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-07 21:39 - 2018-12-07 21:39 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-07 21:39 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-12-05 10:52 - 1999-12-31 21:00 - 000003863 _____ C:\Users\Usuario\Desktop\bookmarks.html
2018-12-03 21:08 - 2018-12-03 21:32 - 4188686904 _____ C:\Users\Usuario\Documents\Thunderbird 52.9.1 (es-ES) - 2018-12-03.pcv
2018-12-03 20:57 - 2018-12-03 20:59 - 1293448339 _____ C:\Users\Usuario\Documents\Firefox  - 2018-12-03.pcv
2018-12-02 22:18 - 2018-07-31 00:00 - 000123813 _____ C:\Users\Usuario\Desktop\bookmarks-2018-08-02_619_1+2qGdiJVIrvFKJMct35GQ==.jsonlz4
2018-12-02 20:36 - 2018-12-02 20:36 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-12-01 11:46 - 2018-12-01 11:46 - 000000000 ____D C:\Users\Usuario\Desktop\Datos viejos de Firefox
2018-11-21 08:55 - 2018-11-21 08:55 - 000074580 _____ C:\Users\Usuario\Desktop\COTO COMUNIAD - Impresion Tarjeta Provisoria.pdf

Parte de archivo FRST.txt 2 de 2


==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-17 02:43 - 2016-11-16 17:03 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2018-12-17 01:48 - 2016-07-27 12:30 - 000000994 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-12-17 01:25 - 2015-01-06 11:43 - 000027970 _____ C:\Users\Usuario\Desktop\Cuentas y claves.xlsx
2018-12-17 00:48 - 2016-07-27 12:30 - 000000990 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-12-16 23:54 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\ModemLogs
2018-12-16 23:54 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2018-12-16 20:42 - 2009-07-14 02:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-12-16 05:41 - 2014-09-19 09:40 - 000000000 ____D C:\Program Files\MyDefrag v4.3.1
2018-12-15 21:12 - 2013-09-09 13:13 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-12-13 23:38 - 2009-07-14 01:45 - 000017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-13 23:38 - 2009-07-14 01:45 - 000017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-13 12:37 - 2018-03-31 10:36 - 000000000 ____D C:\Users\Usuario\AppData\Local\AVAST Software
2018-12-13 01:54 - 2013-10-07 02:02 - 000000000 ___RD C:\Users\Usuario\Dropbox
2018-12-13 01:53 - 2016-07-27 12:30 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-12-13 00:53 - 2014-05-01 10:44 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
2018-12-13 00:53 - 2013-09-10 00:09 - 000000204 _____ C:\Windows\Tasks\AutoKMS.job
2018-12-13 00:53 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-13 00:44 - 2018-03-28 12:37 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-12-13 00:43 - 2017-08-15 12:25 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-12-13 00:05 - 2016-10-20 17:50 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-12-12 20:42 - 2009-07-14 06:31 - 000751318 _____ C:\Windows\system32\perfh00A.dat
2018-12-12 20:42 - 2009-07-14 06:31 - 000160360 _____ C:\Windows\system32\perfc00A.dat
2018-12-12 20:42 - 2009-07-14 02:13 - 001687128 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-12 20:38 - 2009-07-14 01:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-12-12 20:34 - 2018-09-12 03:30 - 000495256 _____ C:\Windows\system32\FNTCACHE.DAT
2018-12-12 20:27 - 2013-09-10 00:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-12 20:13 - 2013-09-12 18:52 - 001660778 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-12-12 20:11 - 2013-09-09 14:17 - 000000000 ____D C:\Windows\system32\MRT
2018-12-12 20:05 - 2013-09-09 14:17 - 137260640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-12-12 20:05 - 2009-07-13 23:34 - 000000600 _____ C:\Windows\win.ini
2018-12-12 19:55 - 2018-03-14 01:50 - 000004500 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-12 19:55 - 2014-10-16 09:56 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe
2018-12-12 19:55 - 2013-09-30 00:02 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-12-12 19:55 - 2013-09-09 13:13 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-12 19:55 - 2013-09-09 13:13 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-12 19:55 - 2013-09-09 13:13 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-12 13:49 - 2014-02-27 22:05 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vlc
2018-12-12 13:37 - 2013-09-15 16:45 - 000002724 ___SH C:\ProgramData\KGyGaAvL.sys
2018-12-11 13:33 - 2013-09-30 00:02 - 000000000 ____D C:\ProgramData\McAfee
2018-12-11 13:07 - 2017-04-24 20:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-12-10 23:47 - 2014-05-01 10:57 - 000000000 ____D C:\Users\Usuario\Desktop\UTORRENT DESCARGAS
2018-12-10 22:06 - 2017-06-20 12:51 - 000000000 ____D C:\Users\Usuario\Desktop\ACCESOS DIRECTOS
2018-12-09 19:39 - 2013-10-17 12:13 - 000000000 ____D C:\Windows\Minidump
2018-12-09 17:09 - 2016-11-25 13:15 - 000000000 ____D C:\Program Files (x86)\Prucdomzukopy
2018-12-09 17:09 - 2016-07-05 13:50 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Free AVI MPEG WMV MP4 FLV Video Joiner
2018-12-09 16:48 - 2014-02-28 20:59 - 000002213 _____ C:\Users\AVIGNON\Desktop\Google Chrome.lnk
2018-12-09 16:48 - 2013-09-09 15:15 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-07 21:39 - 2013-10-06 14:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-04 11:59 - 2016-09-19 17:27 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2018-12-02 20:36 - 2018-11-03 09:56 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-12-02 20:36 - 2018-01-10 00:36 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-12-02 20:36 - 2017-08-15 12:25 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-12-02 20:36 - 2017-08-15 12:25 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-12-02 20:36 - 2017-08-15 12:25 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-12-02 20:36 - 2017-08-15 12:25 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-12-02 20:36 - 2014-05-14 00:53 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-12-02 20:36 - 2013-12-25 12:16 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-12-02 20:36 - 2013-09-10 00:11 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-12-02 20:36 - 2013-09-10 00:11 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-12-02 20:36 - 2013-09-10 00:11 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-12-02 20:36 - 2013-09-10 00:11 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-12-02 20:36 - 2013-09-09 14:11 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-12-02 20:36 - 2013-09-09 14:11 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-12-02 00:30 - 2014-05-19 16:08 - 000000000 ____D C:\Program Files (x86)\System Ninja
2018-11-23 14:31 - 2018-07-21 20:20 - 000002083 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2018-11-22 18:43 - 2018-03-31 10:38 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-21 19:22 - 2018-03-19 19:06 - 000000000 ____D C:\Users\Usuario\Documents\REAPER Media
2018-11-21 18:31 - 2009-07-14 02:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-21 18:07 - 2009-07-14 02:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2018-11-21 17:09 - 2018-03-19 07:43 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\REAPER

==================== Files in the root of some directories =======

2018-11-15 20:27 - 2018-11-15 20:27 - 006451712 _____ (MANDA AUDIO) C:\Users\Usuario\MT-PowerDrumKit.dll
2014-05-06 08:57 - 2014-05-06 08:57 - 000005265 _____ () C:\Users\Usuario\AppData\Roaming\callbanner.png
2014-05-21 20:34 - 2016-07-04 20:48 - 000099384 _____ () C:\Users\Usuario\AppData\Roaming\inst.exe
2017-05-15 23:22 - 2017-05-15 23:22 - 000000022 _____ () C:\Users\Usuario\AppData\Roaming\langInstall.exe
2014-05-21 20:34 - 2016-07-04 20:48 - 000007859 _____ () C:\Users\Usuario\AppData\Roaming\pcouffin.cat
2014-05-21 20:34 - 2016-07-04 20:48 - 000001167 _____ () C:\Users\Usuario\AppData\Roaming\pcouffin.inf
2014-05-21 20:35 - 2016-07-04 20:48 - 000000033 _____ () C:\Users\Usuario\AppData\Roaming\pcouffin.log
2014-05-21 20:34 - 2016-07-04 20:48 - 000082816 _____ (VSO Software) C:\Users\Usuario\AppData\Roaming\pcouffin.sys
2014-05-21 20:36 - 2018-09-27 12:21 - 000001044 _____ () C:\Users\Usuario\AppData\Roaming\vso_ts_preview.xml
2014-01-05 22:19 - 2016-04-07 16:34 - 000007168 _____ () C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-03 17:37 - 2014-11-03 17:58 - 000000058 _____ () C:\Users\Usuario\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-11-03 00:31 - 2014-11-03 00:31 - 000004096 ____H () C:\Users\Usuario\AppData\Local\keyfile3.drm
2015-03-21 10:57 - 2015-03-21 16:33 - 004915200 _____ () C:\Users\Usuario\AppData\Local\package.nw.new
2013-10-11 19:37 - 2017-10-02 20:45 - 000007610 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2017-04-21 17:40 - 2017-04-21 17:40 - 000041984 _____ () C:\Users\AVIGNON\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkvac_y.dll
2018-12-11 13:39 - 2018-12-11 13:39 - 000290304 _____ (Microsoft Corporation) C:\Users\Usuario\AppData\Local\Temp\CakeTubeSdk.Windows.Service.subinacl.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2013-10-01 11:45

==================== End of FRST.txt ============================

Hola @omargarcia

1.- Desinstala con Revo Uninstaller en su Modo Avanzado:

  • xp-zed
  • Datel
  • hubiC
  • UmmyVideoDownloader
  • RegSeeker

Manual de Revo Uninstaller.

2.– Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…


3.- Inicie su ordenador en >>> Modo Seguro

Luego vaya a::

Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Policies\Explorer: [] 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261698665850923&GUID=33110175-EE41-4A83-820A-57AC444D4C1B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261698665850923&GUID=33110175-EE41-4A83-820A-57AC444D4C1B
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> DefaultScopeBefore {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2385482525-178760063-3032261430-1000 -> DefaultScopeBefore {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-18] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-02-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-02-18] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF Plugin: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-12-16] <==== ATTENTION
CHR HKU\S-1-5-21-2385482525-178760063-3032261430-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <no Path/update_url>
S2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [X]
S3 NPF; system32\drivers\NPF.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2018-12-11 13:39 - 2018-12-12 19:59 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2018-12-11 13:39 - 2018-12-11 13:39 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\McAfee Safe Connect
2018-12-11 13:39 - 2018-12-11 13:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\McAfee_Inc
2018-12-05 10:52 - 1999-12-31 21:00 - 000003863 _____ C:\Users\Usuario\Desktop\bookmarks.html
2018-12-02 22:18 - 2018-07-31 00:00 - 000123813 _____ C:\Users\Usuario\Desktop\bookmarks-2018-08-02_619_1+2qGdiJVIrvFKJMct35GQ==.jsonlz4
2018-12-11 13:33 - 2013-09-30 00:02 - 000000000 ____D C:\ProgramData\McAfee
2018-12-09 17:09 - 2016-11-25 13:15 - 000000000 ____D C:\Program Files (x86)\Prucdomzukopy
2014-05-06 08:57 - 2014-05-06 08:57 - 000005265 _____ () C:\Users\Usuario\AppData\Roaming\callbanner.png
2014-05-21 20:34 - 2016-07-04 20:48 - 000099384 _____ () C:\Users\Usuario\AppData\Roaming\inst.exe
2017-05-15 23:22 - 2017-05-15 23:22 - 000000022 _____ () C:\Users\Usuario\AppData\Roaming\langInstall.exe
2017-04-21 17:40 - 2017-04-21 17:40 - 000041984 _____ () C:\Users\AVIGNON\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkvac_y.dll
2018-12-11 13:39 - 2018-12-11 13:39 - 000290304 _____ (Microsoft Corporation) C:\Users\Usuario\AppData\Local\Temp\CakeTubeSdk.Windows.Service.subinacl.exe
Datel 2001 V1.12 R2 (HKLM-x32\...\ST6UNST #1) (Version:  - )
hubiC - x64 (HKLM\...\{0A945801-D93C-46BF-9417-697DCE52E5B4}) (Version: 2.0.2.124 - OVH) Hidden
hubiC (HKLM-x32\...\{6c91e652-071b-4014-9477-f57cacecb32b}) (Version: 2.0.2.124 - OVH)
Java 7 Update 76 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417076FF}) (Version: 7.0.760 - Oracle)
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
RegSeeker (HKLM-x32\...\RegSeeker) (Version: 3.01.3680 - HoverDesk)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.4.0.1 - ) <==== ATTENTION
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  -> No File
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
Task: {300A326C-A1D0-4609-BFCE-1BF1B02BEA9F} - System32\Tasks\{979C15B0-E89E-4C30-9EEE-F078D8C3BB5D} => C:\Windows\system32\pcalua.exe -a D:\IsInstallPending.exe -d D:\
Task: {41B1B22C-FF61-48E3-870D-FC63A6731077} - System32\Tasks\{52543DC8-CC95-41CC-86F7-2BBCD3841977} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\Desktop\DISCO 3\New Volume\Archivos de programa\CCleaner\uninst.exe" -d C:\Users\Usuario\Desktop -c C:\Users\Usuario\Desktop\CCleaner.exe
Task: {EA26A0F2-527D-4E91-821C-984C90CEB6C7} - System32\Tasks\{F0D0B5B5-F732-4862-BB85-81BD010D7D25} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hppsapp.exe"
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [118]
FirewallRules: [TCP Query User{81E39A98-9ABA-40DA-AD0B-289E6DA0A93D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C15FBE1A-AAA6-43A5-B2A5-389136F66929}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe


CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

4.- Luego de reiniciar actualizas Java a su ultima versión >>> Java Versión 8 Update 191

Nos comentas.

Salu2.

Último informe, falta actualizar JAVA

Fix result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Usuario (18-12-2018 18:13:34) Run:1
Running from C:\Users\Usuario\Desktop\FRST
Loaded Profiles: Usuario (Available Profiles: Usuario & AVIGNON)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\...\Policies\Explorer: [] 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261698665850923&GUID=33110175-EE41-4A83-820A-57AC444D4C1B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131261698665850923&GUID=33110175-EE41-4A83-820A-57AC444D4C1B
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> DefaultScopeBefore {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2385482525-178760063-3032261430-1000 -> DefaultScopeBefore {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-18] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-02-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-02-18] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF Plugin: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.76.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2018-12-16] <==== ATTENTION
CHR HKU\S-1-5-21-2385482525-178760063-3032261430-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - <no Path/update_url>
S2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [X]
S3 NPF; system32\drivers\NPF.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2018-12-11 13:39 - 2018-12-12 19:59 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2018-12-11 13:39 - 2018-12-11 13:39 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\McAfee Safe Connect
2018-12-11 13:39 - 2018-12-11 13:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\McAfee_Inc
2018-12-05 10:52 - 1999-12-31 21:00 - 000003863 _____ C:\Users\Usuario\Desktop\bookmarks.html
2018-12-02 22:18 - 2018-07-31 00:00 - 000123813 _____ C:\Users\Usuario\Desktop\bookmarks-2018-08-02_619_1+2qGdiJVIrvFKJMct35GQ==.jsonlz4
2018-12-11 13:33 - 2013-09-30 00:02 - 000000000 ____D C:\ProgramData\McAfee
2018-12-09 17:09 - 2016-11-25 13:15 - 000000000 ____D C:\Program Files (x86)\Prucdomzukopy
2014-05-06 08:57 - 2014-05-06 08:57 - 000005265 _____ () C:\Users\Usuario\AppData\Roaming\callbanner.png
2014-05-21 20:34 - 2016-07-04 20:48 - 000099384 _____ () C:\Users\Usuario\AppData\Roaming\inst.exe
2017-05-15 23:22 - 2017-05-15 23:22 - 000000022 _____ () C:\Users\Usuario\AppData\Roaming\langInstall.exe
2017-04-21 17:40 - 2017-04-21 17:40 - 000041984 _____ () C:\Users\AVIGNON\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkvac_y.dll
2018-12-11 13:39 - 2018-12-11 13:39 - 000290304 _____ (Microsoft Corporation) C:\Users\Usuario\AppData\Local\Temp\CakeTubeSdk.Windows.Service.subinacl.exe
Datel 2001 V1.12 R2 (HKLM-x32\...\ST6UNST #1) (Version:  - )
hubiC - x64 (HKLM\...\{0A945801-D93C-46BF-9417-697DCE52E5B4}) (Version: 2.0.2.124 - OVH) Hidden
hubiC (HKLM-x32\...\{6c91e652-071b-4014-9477-f57cacecb32b}) (Version: 2.0.2.124 - OVH)
Java 7 Update 76 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417076FF}) (Version: 7.0.760 - Oracle)
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
RegSeeker (HKLM-x32\...\RegSeeker) (Version: 3.01.3680 - HoverDesk)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.4.0.1 - ) <==== ATTENTION
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  -> No File
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
Task: {300A326C-A1D0-4609-BFCE-1BF1B02BEA9F} - System32\Tasks\{979C15B0-E89E-4C30-9EEE-F078D8C3BB5D} => C:\Windows\system32\pcalua.exe -a D:\IsInstallPending.exe -d D:\
Task: {41B1B22C-FF61-48E3-870D-FC63A6731077} - System32\Tasks\{52543DC8-CC95-41CC-86F7-2BBCD3841977} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\Desktop\DISCO 3\New Volume\Archivos de programa\CCleaner\uninst.exe" -d C:\Users\Usuario\Desktop -c C:\Users\Usuario\Desktop\CCleaner.exe
Task: {EA26A0F2-527D-4E91-821C-984C90CEB6C7} - System32\Tasks\{F0D0B5B5-F732-4862-BB85-81BD010D7D25} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hppsapp.exe"
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [118]
FirewallRules: [TCP Query User{81E39A98-9ABA-40DA-AD0B-289E6DA0A93D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C15FBE1A-AAA6-43A5-B2A5-389136F66929}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe


CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-2385482525-178760063-3032261430-1000\Software\Microsoft\Windows\CurrentVersion\Run\\McAfeeSafeConnect" => removed successfully
"HKU\S-1-5-21-2385482525-178760063-3032261430-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-2385482525-178760063-3032261430-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.76.2 => removed successfully
C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll => moved successfully
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.76.2 => removed successfully
C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.76.2 => removed successfully
C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.76.2 => removed successfully
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
HKU\S-1-5-21-2385482525-178760063-3032261430-1000\SOFTWARE\Google\Chrome\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek => removed successfully
HKLM\System\CurrentControlSet\Services\Hddb_Service => removed successfully
Hddb_Service => service removed successfully
HKLM\System\CurrentControlSet\Services\NPF => removed successfully
NPF => service removed successfully
HKLM\System\CurrentControlSet\Services\Synth3dVsc => removed successfully
Synth3dVsc => service removed successfully
HKLM\System\CurrentControlSet\Services\tsusbhub => removed successfully
tsusbhub => service removed successfully
HKLM\System\CurrentControlSet\Services\VBoxAswDrv => removed successfully
VBoxAswDrv => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
C:\Program Files (x86)\McAfee Safe Connect => moved successfully
C:\Users\Usuario\AppData\Roaming\McAfee Safe Connect => moved successfully
C:\Users\Usuario\AppData\Local\McAfee_Inc => moved successfully
C:\Users\Usuario\Desktop\bookmarks.html => moved successfully
C:\Users\Usuario\Desktop\bookmarks-2018-08-02_619_1+2qGdiJVIrvFKJMct35GQ==.jsonlz4 => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\Program Files (x86)\Prucdomzukopy => moved successfully
C:\Users\Usuario\AppData\Roaming\callbanner.png => moved successfully
C:\Users\Usuario\AppData\Roaming\inst.exe => moved successfully
C:\Users\Usuario\AppData\Roaming\langInstall.exe => moved successfully
C:\Users\AVIGNON\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkvac_y.dll => moved successfully
C:\Users\Usuario\AppData\Local\Temp\CakeTubeSdk.Windows.Service.subinacl.exe => moved successfully
Datel 2001 V1.12 R2 (HKLM-x32\...\ST6UNST #1) (Version:  - ) => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A945801-D93C-46BF-9417-697DCE52E5B4}\\SystemComponent" => not found
hubiC (HKLM-x32\...\{6c91e652-071b-4014-9477-f57cacecb32b}) (Version: 2.0.2.124 - OVH) => Error: No automatic fix found for this entry.
Java 7 Update 76 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417076FF}) (Version: 7.0.760 - Oracle) => Error: No automatic fix found for this entry.
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle) => Error: No automatic fix found for this entry.
RegSeeker (HKLM-x32\...\RegSeeker) (Version: 3.01.3680 - HoverDesk) => Error: No automatic fix found for this entry.
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.4.0.1 - ) <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock => removed successfully
HKLM\Software\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Baidu_Scan => removed successfully
HKLM\Software\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Baidu_Scan => removed successfully
HKLM\Software\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan => removed successfully
HKLM\Software\Classes\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{300A326C-A1D0-4609-BFCE-1BF1B02BEA9F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{300A326C-A1D0-4609-BFCE-1BF1B02BEA9F}" => removed successfully
C:\Windows\System32\Tasks\{979C15B0-E89E-4C30-9EEE-F078D8C3BB5D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{979C15B0-E89E-4C30-9EEE-F078D8C3BB5D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41B1B22C-FF61-48E3-870D-FC63A6731077}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41B1B22C-FF61-48E3-870D-FC63A6731077}" => removed successfully
C:\Windows\System32\Tasks\{52543DC8-CC95-41CC-86F7-2BBCD3841977} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{52543DC8-CC95-41CC-86F7-2BBCD3841977}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA26A0F2-527D-4E91-821C-984C90CEB6C7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA26A0F2-527D-4E91-821C-984C90CEB6C7}" => removed successfully
C:\Windows\System32\Tasks\{F0D0B5B5-F732-4862-BB85-81BD010D7D25} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F0D0B5B5-F732-4862-BB85-81BD010D7D25}" => removed successfully
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{81E39A98-9ABA-40DA-AD0B-289E6DA0A93D}C:\program files\java\jre7\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C15FBE1A-AAA6-43A5-B2A5-389136F66929}C:\program files\java\jre7\bin\javaw.exe" => removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 2 mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2385482525-178760063-3032261430-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2385482525-178760063-3032261430-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35789470 B
Java, Flash, Steam htmlcache => 1239 B
Windows/system/drivers => 33981364 B
Edge => 0 B
Chrome => 7350085 B
Firefox => 633651056 B
Opera => 102400 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 16802 B
LocalService => 16384 B
NetworkService => 0 B
Usuario => 32130208 B
AVIGNON => 400373 B

RecycleBin => 575021737 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-12-2018 18:17:10)

C:\Windows\System32\Drivers\etc\hosts => Is moved successfully
Hosts restored successfully.

==== End of Fixlog 18:17:19 ====

Hola @omargarcia:

Perfecto, comenta como sientes el equipo…:thinking:

Salu2.

@SanMar,

ante todo, muchas gracias por toda la tarea que desarrollaron tú, Facundo y el resto del equipo. Éstas cosas no hay modo de agradecerlas, como dice la publicidad “tienen valor, no tienen precio”

El equipo, aparentemente funciona normal, he recuperado TODOS los marcadores, cosa que me preocupaba sobremanera.

¿Se puede estimar cual habrá sido la causa de ésta situación…?

Nuevamente, muchas gracias.

1 me gusta

Hola @omargarcia:

En mi opinión tenias muchas infecciones en el navegador y muchas extensiones maliciosas.:-1:

Para ir terminando eliminar las herramientas utilizadas:

1.- Ejecutas nuevamente >> [size=2]Delfix[/size], desde tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca solamente las casillas Remove disinfection tools y Purgue System Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), cierra la herramienta y pegarlo en tu próxima respuesta.

Este paso ademas de eliminar las herramientas utilizadas y sus cuarentenas, eliminara los puntos de restauración antiguos que puedan estar infectados.

2.- Crea un Punto de Restauración Manual.

Nos comentas si ya podemos dar por resuelto el tema.

Salu2.

1 me gusta