Infectado por mail.ru

Hola @Daniela.

Estoy en el mismo caso que Galeon. Tengo el ordenador infectado con Adware.MailRu.BatBitRst desde hace unos días (ayer o antes de ayer, no estoy seguro). He pasado Malwarebytes y siempre me quedan unos restos. De momento, los efectos no son tan catastróficos como los que cuenta Galeon: no me deja abrir Chrome y se me han instalado dos extensiones en Chrome que no consigo eliminar. Al final he optado por desinstalar Chrome desde CCleaner, pero las extensiones siguen ahí. He seguido todo este hilo y he estado haciendo algunas de las cosas que habéis ido poniendo, pero no he conseguido ninguna solución. ¿Podrías ayudarme? Muchas gracias de antemano.

Un saludo,

Daniel

Hola @Daniel_P bienvenido al foro

Te voy a separar tu problema a un tema nuevo para llevar personalizado tu tema.

Pon los reportes de los programas que hayas utilizado para revisarlos.

Un saludo

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 17/7/19
Hora del análisis: 18:09
Archivo de registro: 31e3a5e1-a8ad-11e9-a1d2-002454122b72.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11600
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: Daniel_P\u00c3\u00a9rez\Daniel P\u00c3\u00a9rez

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 197521
Amenazas detectadas: 13
Amenazas en cuarentena: 10
Tiempo transcurrido: 5 min, 27 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 13
PUP.Optional.MailRu, C:\USERS\DANIEL PéREZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [255], [454830],1.0.11600
PUP.Optional.MailRu, C:\USERS\DANIEL PéREZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [255], [454830],1.0.11600
Adware.MailRu.BatBitRst, C:\USERS\DANIEL PéREZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [337], [481467],1.0.11600
Adware.MailRu.BatBitRst, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [337], [-1],0.0.0
Adware.MailRu.BatBitRst, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [337], [-1],0.0.0
Adware.MailRu.BatBitRst, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [337], [-1],0.0.0
Adware.MailRu.BatBitRst, C:\PROGRAMDATA\APPLICATION DATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [337], [-1],0.0.0
Adware.MailRu.BatBitRst, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [337], [-1],0.0.0
Adware.MailRu.BatBitRst, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR0.DAT, Se eliminará al reiniciar, [337], [-1],0.0.0
Adware.MailRu.BatBitRst, C:\DOCUMENTS AND SETTINGS\ALL USERS\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [337], [-1],0.0.0
Adware.MailRu.BatBitRst, C:\PROGRAMDATA\MICROSOFT\NETWORK\DOWNLOADER\QMGR1.DAT, Se eliminará al reiniciar, [337], [-1],0.0.0
PUP.Optional.MailRu, C:\USERS\DANIEL PéREZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [255], [454830],1.0.11600
PUP.Optional.MailRu, C:\USERS\DANIEL PéREZ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Error durante la eliminación, [255], [454830],1.0.11600

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-07-15.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    07-17-2019
# Duration: 00:00:01
# OS:       Windows 7 Home Premium
# Cleaned:  0
# Failed:   2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Not Deleted   ?????????? ????????
Not Deleted   ???????? ???????? ? ????? ?? Mail.Ru

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1689 octets] - [17/07/2019 17:15:40]
AdwCleaner[C00].txt - [1725 octets] - [17/07/2019 17:16:43]
AdwCleaner[S01].txt - [1464 octets] - [17/07/2019 17:22:43]
AdwCleaner[C01].txt - [1612 octets] - [17/07/2019 17:23:03]
AdwCleaner[S02].txt - [1586 octets] - [17/07/2019 17:36:31]
AdwCleaner[S03].txt - [1647 octets] - [17/07/2019 17:44:02]
AdwCleaner[C03].txt - [1795 octets] - [17/07/2019 17:44:14]
AdwCleaner[S04].txt - [1769 octets] - [17/07/2019 18:16:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-07-15.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-17-2019
# Duration: 00:00:19
# OS:       Windows 7 Home Premium
# Scanned:  27411
# Detected: 2


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Mail.Ru            ?????????? ????????
PUP.Optional.Mail.Ru            ???????? ???????? ? ????? ?? Mail.Ru

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1689 octets] - [17/07/2019 17:15:40]
AdwCleaner[C00].txt - [1725 octets] - [17/07/2019 17:16:43]
AdwCleaner[S01].txt - [1464 octets] - [17/07/2019 17:22:43]
AdwCleaner[C01].txt - [1612 octets] - [17/07/2019 17:23:03]
AdwCleaner[S02].txt - [1586 octets] - [17/07/2019 17:36:31]
AdwCleaner[S03].txt - [1647 octets] - [17/07/2019 17:44:02]
AdwCleaner[C03].txt - [1795 octets] - [17/07/2019 17:44:14]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########

Gracias, @Daniela. Te he pasado el log del Malwarebytes y los dos logs del adwcleaner.

Un saludo,

Daniel

Hola

En el reporte de Malwarebytes hay dos que no se han eliminado por un error, y en AdwCleaner lo que detectó tampoco ha sido eliminado, le diste después del escaneo a Limpiar?

Un saludo

Sí, pero AdwCleaner no los borra.

De hecho, uno de los logs del AdwCleaner es del Scan y el otro del Clean, después de haber hecho la limpieza.

Hola

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-07-2019 01
Ran by Daniel Pérez (administrator) on DANIEL_PÉREZ (SAMSUNG ELECTRONICS CO., LTD. R520/R522/R620) (17-07-2019 19:55:41)
Running from C:\Users\Daniel Pérez\Desktop
Loaded Profiles: Daniel Pérez (Available Profiles: Daniel Pérez)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\System32\Rezip.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Corel Corporation -> Mindjet) C:\Program Files\Mindjet\MindManager 18\MmReminderService.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Photodex Corporation -> ) C:\Program Files\Photodex\ProShowProducer\scsiaccess.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) [File not signed] C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-01] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7744032 2009-09-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-15] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink -> CyberLink Corp.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AdobeCS4ServiceManager] => C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740888 2013-04-24] (Sony Corporation -> Sony Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [MMReminderService] => C:\Program Files\Mindjet\MindManager 18\MMReminderService.exe [120008 2017-12-21] (Corel Corporation -> Mindjet)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [VIDC.LAGS] => C:\windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\windows\system32\x264vfw.dll [3613696 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\windows\system32\xvidvfw.dll [180224 2009-06-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\windows\system32\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB}] -> C:\Program Files\Mindjet\MindManager 18\sys\MmInternetExplorerActiveSetup.vbs [2016-02-25] () [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1493DAD3-A907-4D3F-B011-8D88A126E820} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [342016 2009-08-01] (SAMSUNG Electronics co., LTD.) [File not signed]
Task: {1C632F72-12F8-483B-92C6-FE19350280A0} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [562176 2009-09-21] (Samsung Electronics. Co. Ltd.) [File not signed]
Task: {2DA7F283-D48F-482D-9B75-EDDC32FB5273} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [834560 2009-09-12] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {3033BA49-FA11-4373-BF13-B97226D3ECE1} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2016-08-01] () [File not signed]
Task: {336A6B9A-83FB-4C4A-8799-D3FD66B01B2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {3C43F1DA-9B66-4AF6-9061-90041BCD65A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {46B8DD58-9D66-4E34-813D-4FA67C2D3A9C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [282800 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {558CB583-4F98-4629-9803-CBA10756AE6B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [282800 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D5B184F-40A1-4D0A-AD22-8089179F8801} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [716800 2009-08-23] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {6E9F8C2F-CC68-4683-A583-46AE5D5F5E1E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6851288 2016-07-13] (Piriform Ltd -> Piriform Ltd)
Task: {8D6FBEF3-F527-4D2D-91E0-958C11CDC8F4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {A0E752A4-208A-4920-8E6F-F61393E1434D} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files\National Instruments\Shared\Update Service\NIUpdateService.exe
Task: {A3DA7842-BE5C-468A-A444-D8C17ABE0C73} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [345824 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA125122-3288-429E-B8D7-080D6B891CEC} - System32\Tasks\MindManagerV18 Notifications Check {S-1-5-21-604524677-2708395862-3557633927-1000} => rundll32.exe "C:\Program Files\Mindjet\MindManager 18\MmProductNotifications.dll",[email protected]
Task: {AE32CA0C-3A88-4700-8CC1-3EF5C43776C0} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2242048 2009-08-06] (SEC) [File not signed]
Task: {B393BF18-39D1-4242-9042-2F7D2F9F79CB} - System32\Tasks\AdobeGCInvoker-1.0-Daniel_Pérez-Daniel Pérez => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C120FB33-E0D5-421A-B349-3DF06B106CCE} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [93184 2009-09-07] (SAMSUNG Electronics) [File not signed]
Task: {E99DF494-528C-47AA-B0A3-E7926DB46D79} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F72A0E51-1A17-46A5-8C23-C61D72D35B56} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [300912 2010-04-20] (Samsung Electronics CO., LTD. -> )
Task: {F7BBDD59-1369-4621-9A3A-3AE129919B16} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\system32\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-07-01] (Adobe Inc. -> Adobe)
Task: {FFA2EB2B-0757-4CF3-9E50-EF2E6F6CD66E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1051864 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.231.6.7 46.6.113.34
Tcpip\..\Interfaces\{085B1A10-FF20-4EDE-B024-CABC28A502D3}: [DhcpNameServer] 212.231.6.7 46.6.113.34
Tcpip\..\Interfaces\{E58BB2ED-5D4F-48B8-BDEF-07796768A5B4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{EDA5422D-6BA7-4D24-8051-7F8FA8A3FBAA}: [DhcpNameServer] 212.231.6.7 46.6.113.34

Internet Explorer:
==================
HKU\S-1-5-21-604524677-2708395862-3557633927-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.es/
HKU\S-1-5-21-604524677-2708395862-3557633927-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> No File
BHO: Windows Live Aplicación auxiliar de inicio de sesión -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-07-13] (McAfee, LLC -> McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_211-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00211-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_211-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_211-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 2k7ela1d.default
FF ProfilePath: C:\Users\Daniel Pérez\AppData\Roaming\Mozilla\Firefox\Profiles\2k7ela1d.default [2019-07-17]
FF Homepage: Mozilla\Firefox\Profiles\2k7ela1d.default -> hxxps://www.google.es/
FF Extension: (Copy Link Text) - C:\Users\Daniel Pérez\AppData\Roaming\Mozilla\Firefox\Profiles\2k7ela1d.default\Extensions\[email protected] [2016-08-26] [Legacy]
FF Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\Daniel Pérez\AppData\Roaming\Mozilla\Firefox\Profiles\2k7ela1d.default\Extensions\[email protected] [2016-11-10] [Legacy]
FF Extension: (MyJDownloader Browser Extension) - C:\Users\Daniel Pérez\AppData\Roaming\Mozilla\Firefox\Profiles\2k7ela1d.default\Extensions\[email protected] [2018-12-07] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (FlashGot) - C:\Users\Daniel Pérez\AppData\Roaming\Mozilla\Firefox\Profiles\2k7ela1d.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-12-01] [Legacy]
FF Extension: (NoScript) - C:\Users\Daniel Pérez\AppData\Roaming\Mozilla\Firefox\Profiles\2k7ela1d.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-03-26] [Legacy]
FF Extension: (Web of Trust) - C:\Users\Daniel Pérez\AppData\Roaming\Mozilla\Firefox\Profiles\2k7ela1d.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-07-17]
FF Extension: (Video DownloadHelper) - C:\Users\Daniel Pérez\AppData\Roaming\Mozilla\Firefox\Profiles\2k7ela1d.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Daniel Pérez\AppData\Roaming\Mozilla\Firefox\Profiles\2k7ela1d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24] [Legacy]
FF Extension: (DownThemAll!) - C:\Users\Daniel Pérez\AppData\Roaming\Mozilla\Firefox\Profiles\2k7ela1d.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-30] [Legacy]
FF Extension: (Adblocker for Youtube™) - C:\Program Files\Mozilla Firefox\browser\features\{E55C9A17-39B3-4F0A-9546-2E85FE620BE8}.xpi [2019-07-16] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-07-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll [2016-09-04] ( ) [File not signed]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811570"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B3C6A8B7A-CDE0-46F1-9FBB-292C21A38327%7D&gp=811570
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default [2019-07-17]
CHR Extension: (Presentaciones) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Documentos) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-19]
CHR Extension: (Video Downloader professional) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\bacakpdjpomjaelpkpkabmedhkoongbi [2019-06-10]
CHR Extension: (YouTube) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-15]
CHR Extension: (Video Downloader professional) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-12]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-08]
CHR Extension: (Hojas de cálculo) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Audio Downloader Prime) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\flainkeonkoanoijnkojmiiihnfdhipd [2019-04-28]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-07-08]
CHR Extension: (Copy Link Address) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdejdkdjdoabfihpcjmgjebcpfbhepmh [2017-12-07]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2019-07-08]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43624 2012-08-14] (ArcSoft, Inc. -> ArcSoft, Inc.)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-28] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [172032 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-07-02] (Mixbyte Inc -> Freemake)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [680024 2019-07-13] (McAfee, LLC -> McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation -> Sony Corporation)
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
R2 ScsiAccess; C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [186760 2016-09-04] (Photodex Corporation -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 HuaweiHiSuiteService.exe; "C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe" -/service [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AgereSoftModem; C:\windows\System32\DRIVERS\AGRSM.sys [1161760 2009-07-22] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
R3 athr; C:\windows\System32\DRIVERS\athr.sys [2228224 2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\windows\System32\drivers\AtihdW73.sys [87568 2016-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 atikmdag; C:\windows\System32\DRIVERS\atikmdag.sys [5173760 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 dg_ssudbus; C:\windows\System32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 Hardlock; C:\windows\system32\drivers\hardlock.sys [676864 2004-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [173512 2019-07-17] (Malwarebytes Corporation -> Malwarebytes)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 RTL8167; C:\windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-14] (Microsoft Windows -> Realtek Corporation )
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2009-05-28] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
S3 ssudmdm; C:\windows\System32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 VMC326; C:\windows\System32\Drivers\VMC326.sys [237696 2009-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ALSysIO; \??\C:\Users\DANIEL~1\AppData\Local\Temp\ALSysIO.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-17 19:55 - 2019-07-17 19:56 - 000028585 _____ C:\Users\Daniel Pérez\Desktop\FRST.txt
2019-07-17 19:54 - 2019-07-17 19:54 - 001446912 _____ (Farbar) C:\Users\Daniel Pérez\Desktop\FRST.exe
2019-07-17 18:19 - 2019-07-17 18:19 - 000001917 _____ C:\Users\Daniel Pérez\Desktop\AdwCleaner[C04].txt
2019-07-17 18:19 - 2019-07-17 18:19 - 000001769 _____ C:\Users\Daniel Pérez\Desktop\AdwCleaner[S04].txt
2019-07-17 18:06 - 2019-07-17 18:06 - 000000142 _____ C:\Users\Daniel Pérez\Desktop\problema.url
2019-07-17 17:41 - 2019-07-17 17:41 - 000001154 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-07-17 17:41 - 2019-07-17 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-07-17 17:41 - 2019-07-17 17:41 - 000000000 ____D C:\Program Files\VS Revo Group
2019-07-17 17:31 - 2019-07-17 19:55 - 000000000 ____D C:\FRST
2019-07-17 17:15 - 2019-07-17 17:16 - 000000000 ____D C:\AdwCleaner
2019-07-17 17:06 - 2019-07-17 17:06 - 007025360 _____ (Malwarebytes) C:\Users\Daniel Pérez\Desktop\adwcleaner_7.3.exe
2019-07-17 17:03 - 2019-07-17 17:03 - 000000166 _____ C:\Users\Daniel Pérez\Desktop\Forospyware.url
2019-07-17 17:01 - 2019-07-17 17:01 - 000173512 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2019-07-17 17:01 - 2019-07-17 17:01 - 000001987 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-17 17:01 - 2019-07-17 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-17 17:01 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae.sys
2019-07-17 16:06 - 2019-07-17 18:16 - 000003506 _____ C:\Users\Daniel Pérez\Desktop\mwb.txt
2019-07-16 18:49 - 2019-07-16 18:55 - 000000000 ____D C:\Users\Daniel Pérez\AppData\Roaming\Snetchball
2019-07-16 18:49 - 2019-07-16 18:49 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-07-07 11:50 - 2019-07-07 11:55 - 000000000 ____D C:\Program Files\Freemake
2019-07-07 11:45 - 2019-07-07 11:45 - 000000000 ____D C:\Users\Daniel Pérez\AppData\Roaming\Anvsoft
2019-07-07 11:44 - 2019-07-07 11:44 - 000000000 ____D C:\Program Files\McAfee
2019-07-06 11:06 - 2019-07-14 13:05 - 000000000 ____D C:\Users\Daniel Pérez\Desktop\Ballenas
2019-06-23 19:14 - 2019-06-16 19:54 - 000348976 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-06-23 19:14 - 2019-06-14 18:07 - 020276224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-06-23 19:14 - 2019-06-14 17:55 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-06-23 19:14 - 2019-06-14 17:55 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-06-23 19:14 - 2019-06-14 17:46 - 000499200 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-06-23 19:14 - 2019-06-14 17:45 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-06-23 19:14 - 2019-06-14 17:45 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-06-23 19:14 - 2019-06-14 17:45 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-06-23 19:14 - 2019-06-14 17:44 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-06-23 19:14 - 2019-06-14 17:43 - 002297344 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-06-23 19:14 - 2019-06-14 17:40 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-06-23 19:14 - 2019-06-14 17:40 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-06-23 19:14 - 2019-06-14 17:38 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-06-23 19:14 - 2019-06-14 17:37 - 000663040 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-06-23 19:14 - 2019-06-14 17:37 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-06-23 19:14 - 2019-06-14 17:37 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-06-23 19:14 - 2019-06-14 17:37 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-06-23 19:14 - 2019-06-14 17:33 - 000668160 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-06-23 19:14 - 2019-06-14 17:31 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-06-23 19:14 - 2019-06-14 17:27 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-06-23 19:14 - 2019-06-14 17:27 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-06-23 19:14 - 2019-06-14 17:26 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-06-23 19:14 - 2019-06-14 17:25 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-06-23 19:14 - 2019-06-14 17:24 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-06-23 19:14 - 2019-06-14 17:23 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-06-23 19:14 - 2019-06-14 17:22 - 004492800 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-06-23 19:14 - 2019-06-14 17:22 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-06-23 19:14 - 2019-06-14 17:19 - 013706240 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-06-23 19:14 - 2019-06-14 17:17 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-06-23 19:14 - 2019-06-14 17:16 - 000696320 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-06-23 19:14 - 2019-06-14 17:16 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-06-23 19:14 - 2019-06-14 17:15 - 002060288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-06-23 19:14 - 2019-06-14 17:15 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-06-23 19:14 - 2019-06-14 17:02 - 004386304 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-06-23 19:14 - 2019-06-14 16:59 - 001323008 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-06-23 19:14 - 2019-06-14 16:57 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-06-23 19:14 - 2019-06-11 06:52 - 000135400 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-06-23 19:14 - 2019-06-11 06:50 - 000593920 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2019-06-23 19:14 - 2019-06-11 04:59 - 002703360 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2019-06-23 19:14 - 2019-06-11 04:59 - 001460224 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-06-23 19:14 - 2019-06-11 04:59 - 000617984 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2019-06-23 19:14 - 2019-06-11 04:59 - 000535040 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2019-06-23 19:14 - 2019-06-11 04:59 - 000378368 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2019-06-23 19:14 - 2019-06-11 04:59 - 000366080 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2019-06-23 19:14 - 2019-06-11 04:59 - 000257024 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2019-06-23 19:14 - 2019-06-11 04:59 - 000206848 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2019-06-19 16:40 - 2019-06-19 16:40 - 000000045 _____ C:\windows\ddconfig.ini
2019-06-19 13:43 - 2019-06-28 18:10 - 000000000 _RSHD C:\ProgramData\Key-Base
2019-06-19 13:43 - 2019-06-19 13:43 - 000000000 ____D C:\ProgramData\{95D98EBF-3B15-8CA4-B706-46E2245F305F}
2019-06-19 13:42 - 2019-06-19 16:33 - 000000000 ____D C:\Users\Daniel Pérez\AppData\Local\DiskDrill
2019-06-19 13:42 - 2019-06-19 13:42 - 000000000 ____D C:\Users\Daniel Pérez\AppData\Local\CrashRpt
2019-06-19 13:42 - 2019-06-19 13:42 - 000000000 ____D C:\Program Files\CleverFiles
2019-06-19 13:40 - 2019-06-19 13:40 - 000000000 ____D C:\ProgramData\SystemAcCrux

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-17 18:26 - 2009-07-14 06:34 - 000014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-17 18:26 - 2009-07-14 06:34 - 000014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-17 18:23 - 2009-09-28 20:23 - 000747646 _____ C:\windows\system32\perfh00A.dat
2019-07-17 18:23 - 2009-09-28 20:23 - 000159086 _____ C:\windows\system32\perfc00A.dat
2019-07-17 18:23 - 2009-07-26 22:06 - 001676890 _____ C:\windows\system32\PerfStringBackup.INI
2019-07-17 18:23 - 2009-07-14 04:37 - 000000000 ____D C:\windows\inf
2019-07-17 18:18 - 2009-07-14 06:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-07-17 17:01 - 2016-09-13 10:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-17 15:19 - 2017-09-15 15:21 - 000000000 ____D C:\Program Files\Google
2019-07-16 19:09 - 2017-09-10 15:12 - 000000000 ____D C:\windows\Minidump
2019-07-16 19:09 - 2009-07-14 04:37 - 000000000 ____D C:\windows\ModemLogs
2019-07-16 19:06 - 2009-11-02 10:11 - 000000000 ____D C:\Users\Daniel Pérez
2019-07-16 18:55 - 2016-08-25 20:35 - 000000000 ____D C:\Users\Daniel Pérez\AppData\Local\JDownloader v2.0
2019-07-16 18:55 - 2009-09-28 20:08 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-07-16 18:55 - 2009-09-28 03:44 - 000000000 ____D C:\windows\system32\Macromed
2019-07-16 18:55 - 2009-09-28 03:43 - 000000000 ____D C:\windows\VMC326
2019-07-16 18:55 - 2009-07-14 04:37 - 000000000 ___HD C:\windows\system32\GroupPolicy
2019-07-16 18:55 - 2009-07-14 04:37 - 000000000 ____D C:\windows\system32\Dism
2019-07-16 18:55 - 2009-07-14 04:37 - 000000000 ____D C:\windows\registration
2019-07-16 18:55 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-16 18:39 - 2009-11-02 10:12 - 000000000 ____D C:\Users\Daniel Pérez\AppData\Local\Adobe
2019-07-11 17:59 - 2018-01-15 20:33 - 000000000 ____D C:\Users\Daniel Pérez\.gimp-2.8
2019-07-10 18:57 - 2009-07-14 04:04 - 000000510 _____ C:\windows\win.ini
2019-07-10 18:56 - 2016-08-25 20:22 - 000000000 ____D C:\windows\system32\MRT
2019-07-10 18:48 - 2016-08-25 20:22 - 133475400 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-07-09 22:04 - 2016-08-25 19:51 - 000606264 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2019-07-09 15:48 - 2016-09-21 19:17 - 000842296 _____ (Adobe) C:\windows\system32\FlashPlayerApp.exe
2019-07-09 15:48 - 2016-09-21 19:17 - 000175160 _____ (Adobe) C:\windows\system32\FlashPlayerCPLApp.cpl
2019-07-07 11:53 - 2017-05-09 15:41 - 000000000 ____D C:\Users\Daniel Pérez\AppData\Local\FreemakeVideoConverter
2019-07-07 11:53 - 2017-05-09 15:40 - 000000000 ____D C:\ProgramData\Freemake
2019-07-07 11:44 - 2009-09-28 03:55 - 000000000 ____D C:\ProgramData\McAfee
2019-07-06 11:17 - 2016-10-10 12:10 - 000000000 ____D C:\Users\Daniel Pérez\AppData\Roaming\Audacity
2019-07-01 10:21 - 2019-06-01 12:24 - 000000000 ____D C:\Users\Daniel Pérez\Desktop\Avenjúcar
2019-06-30 18:40 - 2017-06-06 14:17 - 000000000 ____D C:\Users\Daniel Pérez\.afirma
2019-06-29 12:14 - 2009-09-28 03:35 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2019-06-28 19:36 - 2009-07-14 04:37 - 000000000 ____D C:\windows\rescache
2019-06-28 10:20 - 2017-02-02 19:01 - 000000000 ____D C:\Program Files\Recuva
2019-06-26 14:33 - 2016-09-19 23:18 - 000000000 ____D C:\windows\system32\appraiser
2019-06-20 17:57 - 2016-08-25 21:07 - 000000000 ____D C:\Users\Daniel Pérez\Desktop\Varios

==================== Files in the root of some directories ================

2019-02-06 11:47 - 2019-02-06 11:47 - 000000000 _____ () C:\Users\Daniel Pérez\Informativas_windows_12_01.exe
2017-07-27 13:53 - 2017-07-27 13:53 - 000000151 _____ () C:\Users\Daniel Pérez\AppData\Roaming\dllreg.bat
2018-11-30 19:37 - 2019-05-06 18:01 - 000424448 _____ (Dirección General de la Policía) C:\Users\Daniel Pérez\AppData\Local\DNIeService.exe
2018-01-15 21:47 - 2018-01-15 21:47 - 000000851 _____ () C:\Users\Daniel Pérez\AppData\Local\recently-used.xbel

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-02 10:41
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-07-2019 01
Ran by Daniel Pérez (17-07-2019 19:56:28)
Running from C:\Users\Daniel Pérez\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2009-11-02 08:10:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-604524677-2708395862-3557633927-500 - Administrator - Disabled)
Daniel Pérez (S-1-5-21-604524677-2708395862-3557633927-1000 - Administrator - Enabled) => C:\Users\Daniel Pérez
HomeGroupUser$ (S-1-5-21-604524677-2708395862-3557633927-1005 - Limited - Enabled)
Invitado (S-1-5-21-604524677-2708395862-3557633927-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
Adobe Photoshop CS4 (HKLM\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.1 (HKLM\...\{C1575982-F1CA-46DC-A77D-43FF12F2EFC7}) (Version: 4.1.2 - Adobe)
Adobe Reader 9.1 - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Ant Renamer (HKLM\...\Ant Renamer 2_is1) (Version: 2.12.0 - Ant Software)
AnyPC Client (HKLM\...\{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}) (Version: 1.0.0.12 - Doctorsoft)
AoA DVD Ripper (HKLM\...\AoA DVD Ripper_is1) (Version:  - AoAMedia.Com)
Archivos auxiliares de instalación de Microsoft SQL Server (español) (HKLM\...\{44FEB532-0908-4A87-BC22-32F0960717EC}) (Version: 9.00.3042.00 - Microsoft Corporation)
ArcSoft MediaConverter 8 (HKLM\...\{936FA6E0-8A87-4A03-8004-138AB7A97637}) (Version: 8.0.0.21 - ArcSoft, Inc.)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.1.0805 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{6848704E-C8D4-4F4F-9181-5926D4A11E98}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AutoCAD 2010 - Español (HKLM\...\{5783F2D7-8001-040A-0002-0060B0CE6BBA}) (Version: 18.0.309.0 - Autodesk) Hidden
AutoCAD 2010 - Español (HKLM\...\AutoCAD 2010 - Español) (Version: 18.0.55.0 - Autodesk)
AutoCAD 2010 - Español Version 3 (HKLM\...\AutoCAD 2010 - Español Version 3) (Version: 1 - Autodesk)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.6.3 - Gobierno de España)
BatteryLifeExtender (HKLM\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
calibre (HKLM\...\{C1ABA225-DEC3-4F06-B7E7-7EA785BDC120}) (Version: 3.23.0 - Kovid Goyal)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.4.0.1 - Canon Inc.)
Catálogo v03.60 versión 03.60 (HKLM\...\{2D850945-33DD-411F-9126-673DFD2539D6}_is1) (Version: 03.60 - Instituto Valenciano de la Edificación)
ccc-core-static (HKLM\...\{1664EB8B-057B-0E23-7245-ECE92849FF4C}) (Version: 2009.0901.2227.38495 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
CD Recovery Toolbox Free 2.2 (HKLM\...\CD Recovery Toolbox Free_is1) (Version:  - File Master LLC)
ChargeableUSB (HKLM\...\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}) (Version: 1.0.0.0 - SAMSUNG)
Configurador_FNMT (HKLM\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.6 - FNMT-RCM)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2907 - CyberLink Corp.)
CYPE Ingenieros Versión 2012 (Castellano) (HKLM\...\CYPE Ingenieros Versión 2012 (Castellano)) (Version: Versión 2012 - CYPE Ingenieros)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}) (Version: 4.2.4 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.4 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.2 - Samsung)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Escritor de VSS de Microsoft SQL Server (HKLM\...\{6B8818D3-984D-421C-AB70-07D63AEF3298}) (Version: 9.00.3042.00 - Microsoft Corporation)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
FFmpeg (Windows) for Audacity versión 2.2.2 (HKLM\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Free MP4 to AVI Converter (32-bit) 1.13 (HKLM\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.13 - Jacek Pazera)
Galería fotográfica de Windows Live (HKLM\...\{25F6A201-C40C-4669-936D-473877CFEB4C}) (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
GenBPM Setup versión 1.0 (HKLM\...\{5A33E32A-8F67-499F-923C-A1A7680F56BD}_is1) (Version: 1.0 - AUDIFILM ABI S.L.)
Generador de Pliegos versión 2015 (HKLM\...\{9FBDCEC5-8214-4B59-857E-07A02886E245}}_is1) (Version: 2015 - Instituto Valenciano de la Edificación)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Guía de pavimentos de hormigón versión 01.00 (HKLM\...\{11250984-8935-4013-AC95-803600A9C76F}}_is1) (Version: 01.00 - Instituto Valenciano de la Edificación)
Herramienta de carga de Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
HP Deskjet 1050 J410 series Ayuda (HKLM\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Software básico del dispositivo (HKLM\...\{2ACA52E5-3E02-4053-8927-D2FA37478D71}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Imagenomic Noiseware 4.2 Professional Plug-in (build 4205) (HKLM\...\ImagenomicNoisewareProPlugin) (Version:  - )
Imagenomic Portraiture 2.1 Plug-in (build 2105) (HKLM\...\ImagenomicPortraiturePlugin) (Version:  - )
Imagenomic Portraiture 2.2 Lightroom Plug-in (build 2207) (HKLM\...\ImagenomicPortraitureLightroomPlugin) (Version:  - )
Imagenomic RealGrain 1.1 Plug-in (build 1103) (HKLM\...\ImagenomicRealGrainPlugin) (Version:  - )
Informativas 11.00 (HKLM\...\4292-5894-1006-6413) (Version: 12.00 - AEAT)
Instalable DNIe (HKLM\...\{B4A6EF31-AC22-4BE2-A714-581FC66DBFAF}) (Version: 13.1.0 - Cuerpo Nacional de Policía)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iSkysoft Helper Compact 2.5.2 (HKLM\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
IVA 2016 1.00 (HKLM\...\6663-8884-0599-8584) (Version: 1.00 - AEAT)
Java 8 Update 211 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 12.3.0 (HKLM\...\KLiteCodecPack_is1) (Version: 12.3.0 - KLCP)
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
LADSPA_plugins-win-0.4.15 (HKLM\...\LADSPA_plugins-win_is1) (Version:  - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Libro del Edificio versión 01.00 (HKLM\...\{FCC07948-1681-44D1-89AE-7A8793AA92EE}_is1) (Version: 01.00 - Instituto Valenciano de la Edificación)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.97 - LSI Corporation)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 10.70.3.3 - Marvell)
McAfee WebAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.78 - McAfee, LLC.)
Media Player Utilities 4.45 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.45 -  )
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6361.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 1 (SP1) (HKLM\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C1877F6E-C1C8-486D-A697-86431029690C}) (Version:  - Microsoft)
Microsoft Office Project Professional 2007 (HKLM\...\PRJPRO) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{E8E4ED05-BCC2-483D-B1CD-49657398AA21}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.60724 - Microsoft Corporation)
Mindjet MindManager 2018 (HKLM\...\{3044F556-1F77-4CCA-A2ED-C816F81FB2B0}) (Version: 18.1.155 - Mindjet)
Mozilla Firefox 48.0.2 (x86 es-ES) (HKLM\...\Mozilla Firefox 48.0.2 (x86 es-ES)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
MP4Tools v3.7 (HKLM\...\MP4Tools_is1) (Version:  - Thüring IT-Consulting)
Namuga 1.3M Webcam (HKLM\...\{71A51B59-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de AutoCAD 2010 - Español (HKLM\...\{5783F2D7-8001-040A-1002-0060B0CE6BBA}) (Version: 18.0.55.0 - Autodesk) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x86) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ESN) (Version: 10.0.60724 - Microsoft Corporation)
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photodex Presenter (HKLM\...\Photodex Presenter) (Version:  - Photodex Corporation)
Photomatix Pro version 3.1 (HKLM\...\PhotomatixPro3_is1) (Version: 3.1 - HDRsoft Sarl)
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
PlayMemories Home (HKLM\...\{0657DE52-8F5C-4073-B70C-ED4F3F7FA076}) (Version: 7.0.03.04240 - Sony Corporation)
PowerLine Utility (HKLM\...\{1A5E91E0-20BD-423B-ABD4-7683A30D3C2F}) (Version: 2.0.1431 - TP-LINK)
Presto 8.8 (HKLM\...\{099EA4F2-0BE8-443B-B6EE-2B8FDF035DC0}) (Version:  - )
ProShow Producer (HKLM\...\ProShow Producer) (Version:  - Photodex Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM\...\{F2BC3383-F000-410C-A038-3846ADBE8D90}) (Version: 1.01.0088 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.3 - Samsung)
Samsung Support Center (HKLM\...\{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}) (Version: 1.0.1 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Sentinel Protection Installer 7.5.0 (HKLM\...\{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}) (Version: 7.5.0 - SafeNet, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
SyncBackFree (HKLM\...\SyncBackFree_is1) (Version: 7.6.28.0 - 2BrightSparks)
TP-Link PLC Utility (HKLM\...\{A79B7C66-DC26-417A-8BB5-B48721B45623}) (Version: 2.2.3149.12 - TP-Link) Hidden
TP-Link PLC Utility (HKLM\...\InstallShield_{A79B7C66-DC26-417A-8BB5-B48721B45623}) (Version: 2.2.3149.12 - TP-Link)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Winamp (HKLM\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard  (12/15/2016 1.0.2.5) (HKLM\...\3A8235ACF0CF89B7EACE136B69B0B68ADC94D283) (Version: 12/15/2016 1.0.2.5 - Dirección General de la Policía)
Windows Live Asistente para el inicio de sesión (HKLM\...\{7593234B-2AEB-4FC9-B02D-C9B30D86084C}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{6813A122-4BBF-4408-8C87-07176246B992}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{697DE5F4-0D13-4608-9728-7539F704E51C}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{70A294B3-FE6F-4af9-9395-CFC58FC07C30}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{DFAB83E9-EBA6-4425-928B-B15A57F39469}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{E27473C6-A63D-4b85-95FC-C7DE20306C0D}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
ShellIconOverlayIdentifiers: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2010-04-19] (Autodesk, Inc -> Autodesk) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {B5FA2AE6-7A94-4382-8EA9-58C725AAB854} => C:\Windows\System32\ISCM32.dll [2015-02-27] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2009-09-01] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-604524677-2708395862-3557633927-1000: [VIDEOTRANS] -> {C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} => C:\Program Files\Media Player Utilities 4.45\AMVConverter\AmvTransform.dll [2007-06-16] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2009-09-28 03:37 - 2009-09-28 03:37 - 000007168 _____ ( ) [File not signed] C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2012-09-23 21:44 - 2012-09-23 21:44 - 000010240 _____ () [File not signed] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\locale\es_es\acrotray.esp
2009-02-12 07:32 - 2009-02-12 07:32 - 000016384 ____R () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2007-06-16 17:18 - 2007-06-16 17:18 - 000032768 _____ () [File not signed] C:\Program Files\Media Player Utilities 4.45\AMVConverter\AmvTransform.dll
2009-09-28 03:51 - 2006-08-12 05:48 - 000049152 _____ () [File not signed] C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000270336 _____ () [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2017-05-09 15:29 - 2015-02-27 14:38 - 000214528 _____ () [File not signed] C:\Windows\System32\ISCM32.dll
2009-09-28 03:42 - 2009-03-05 11:54 - 000311296 _____ () [File not signed] C:\windows\SYSTEM32\Rezip.exe
2012-09-23 21:44 - 2012-09-23 21:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim.esp
2009-07-30 14:15 - 2009-07-30 14:15 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3498.37533__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3498.37610__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3498.37554__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3498.37612__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3498.37534__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3498.37615__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3531.38575__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3498.37558__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3498.37535__90ba9c70f846762e\AEM.Server.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3531.38478__90ba9c70f846762e\AEM.Server.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3498.37553__90ba9c70f846762e\APM.Foundation.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000019456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3531.38565__90ba9c70f846762e\CCC.Implementation.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3498.37552__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000393216 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3498.37578__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3531.38533__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3498.37577__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3498.37572__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000307200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3531.38506__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3498.37557__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3531.38551__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3498.37583__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000573440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3531.38502__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3531.38505__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3498.37575__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 001691648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3531.38598__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3531.38530__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3531.38530__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3498.37580__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3531.38490__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3498.37555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000196608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3531.38501__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000204800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3531.38501__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000798720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3531.38526__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000090112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3531.38525__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3498.37579__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000409600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3531.38546__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000118784 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3531.38570__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3531.38569__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3498.37602__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000331776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3531.38537__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3531.38537__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3531.38538__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3498.37603__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000491520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3531.38570__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3498.37547__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3531.38490__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3498.37585__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3498.37574__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3531.38495__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3498.37526__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3498.37549__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3498.37536__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3531.38478__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3498.37546__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3498.37544__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3531.38480__90ba9c70f846762e\CLI.Component.SkinFactory.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000552960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3531.38559__90ba9c70f846762e\CLI.Component.Systemtray.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3498.37548__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3498.37540__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3498.37522__90ba9c70f846762e\CLI.Foundation.Private.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3498.37674__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3498.37518__90ba9c70f846762e\CLI.Foundation.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3498.37571__90ba9c70f846762e\DEM.Graphics.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3498.37547__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3531.38563__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3498.37528__90ba9c70f846762e\LOG.Foundation.Private.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3498.37515__90ba9c70f846762e\LOG.Foundation.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3498.37551__90ba9c70f846762e\MOM.Foundation.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3531.38565__90ba9c70f846762e\MOM.Implementation.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3498.37517__90ba9c70f846762e\NEWAEM.Foundation.dll
2009-07-30 14:15 - 2009-07-30 14:15 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2009-07-30 14:15 - 2009-07-30 14:15 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2009-07-30 14:15 - 2009-07-30 14:15 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2009-07-30 14:15 - 2009-07-30 14:15 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2009-07-30 14:15 - 2009-07-30 14:15 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2009-07-30 14:15 - 2009-07-30 14:15 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2009-07-30 14:15 - 2009-07-30 14:15 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3531.38477__90ba9c70f846762e\APM.Server.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000360448 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3531.38520__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3531.38524__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000315392 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3531.38532__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000032768 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3531.38531__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000036864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3531.38524__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 001011712 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3531.38595__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000040960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3498.37538__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 001212416 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3531.38486__90ba9c70f846762e\CLI.Component.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000057344 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3531.38479__90ba9c70f846762e\CLI.Component.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000405504 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3531.38495__90ba9c70f846762e\CLI.Component.Wizard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000651264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3531.38593__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3498.37531__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000045056 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3531.38571__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000364544 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3531.38481__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000135168 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3498.37541__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2009-07-30 14:15 - 2009-07-30 14:15 - 000065536 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2009-09-28 03:37 - 2009-09-28 03:37 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2009-09-28 03:37 - 2009-09-28 03:37 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2010-04-19 07:41 - 2010-04-19 07:41 - 000131296 _____ (Autodesk, Inc -> Autodesk) [File not signed] C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 000227328 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\ccme_asym.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 000379904 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\ccme_base.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 000208384 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\ccme_base_non_fips.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 000564736 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\ccme_ecc.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 000834560 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\ccme_ecc_accel_fips.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 000471552 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\ccme_ecdrbg.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 000291328 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\cryptocme.dll
2009-09-28 03:51 - 2009-09-12 14:26 - 000834560 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
2009-09-28 03:51 - 2009-08-23 06:47 - 000716800 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
2009-09-07 12:42 - 2009-09-07 12:42 - 000093184 _____ (SAMSUNG Electronics) [File not signed] C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-604524677-2708395862-3557633927-1000\Software\Classes\.scr: AutoCADScriptFile => C:\windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-604524677-2708395862-3557633927-1000\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-604524677-2708395862-3557633927-1000\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-604524677-2708395862-3557633927-1000\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-604524677-2708395862-3557633927-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 000000824 _____ C:\windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Calibre2\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-604524677-2708395862-3557633927-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel Pérez\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.231.6.7 - 46.6.113.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: MMReminderService => C:\Program Files\Mindjet\MindManager 19\MMReminderService.exe
==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2162B2CB-CFF1-4498-9B0B-814CFF113279}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C7EE3D89-7D28-4D22-9031-EFAB7EDA0877}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0488EA45-9905-4E25-A56C-D7F2841D5F43}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BFEF0D4C-35C4-406F-AF3E-8C399CD6181A}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{351B43A5-EE03-4CE8-9AB8-D7AC9B62B998}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5CDE77C-2421-424C-A3A3-898FA997D9F3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF5685AE-F6A0-4ABD-80C7-3046BE84067F}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{79F85720-CC72-4A23-BE0E-13B0A4ACFA78}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{CCF22008-E604-4DF3-B2F2-9EE16E314FF0}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{73EC6DDA-3FD6-4631-AD21-7556910DE4A1}C:\cype ingenieros\versión 2012\programas\arquímedes..exe] => (Allow) C:\cype ingenieros\versión 2012\programas\arquímedes..exe () [File not signed]
FirewallRules: [UDP Query User{018E1F34-7432-48E5-A35C-1272CB2C9498}C:\cype ingenieros\versión 2012\programas\arquímedes..exe] => (Allow) C:\cype ingenieros\versión 2012\programas\arquímedes..exe () [File not signed]
FirewallRules: [{59C37998-CA94-4562-B26A-DB8F4FFC831F}] => (Allow) LPort=5353
FirewallRules: [{34DEF333-98C1-4A08-AEEA-2CFE8D6141B5}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{DA4E4F68-E09B-458E-847C-8FEE59687F5E}] => (Allow) C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{9DFE90FB-482D-466C-98DA-5F82A4F183E2}C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe] => (Allow) C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe () [File not signed]
FirewallRules: [UDP Query User{4162860C-198A-4D58-AC8B-83CF136AF1B6}C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe] => (Allow) C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe () [File not signed]
FirewallRules: [TCP Query User{9049C1E9-3C35-41D5-BF41-B2F7C527C6B5}C:\apl\ive\pliego15\pliego.exe] => (Allow) C:\apl\ive\pliego15\pliego.exe (IVE) [File not signed]
FirewallRules: [UDP Query User{CA9DF1F9-AABD-4422-91D2-17C19E06C9D8}C:\apl\ive\pliego15\pliego.exe] => (Allow) C:\apl\ive\pliego15\pliego.exe (IVE) [File not signed]
FirewallRules: [TCP Query User{D5B55676-AC4A-4C2D-8B9C-8F223E633083}C:\apl\ive\le\libroedif.exe] => (Allow) C:\apl\ive\le\libroedif.exe () [File not signed]
FirewallRules: [UDP Query User{6B834C36-B94E-4FD1-8D06-51643BD6AEAB}C:\apl\ive\le\libroedif.exe] => (Allow) C:\apl\ive\le\libroedif.exe () [File not signed]
FirewallRules: [{C3ED813F-BDD1-466B-9FAF-9FCD49E5FF91}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{C76C0B04-5624-4213-9818-98BD8F44317E}E:\powerline utility\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan.exe No File
FirewallRules: [UDP Query User{9F1497D4-D2E1-48CC-8B1B-C3D5EB6D8146}E:\powerline utility\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan.exe No File
FirewallRules: [TCP Query User{A151FA2C-22B8-451C-B03B-FE865769EFA6}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{2060BF0E-7D22-4DEA-96AE-91680605501D}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{E0E25CD0-D2C9-4D71-8714-ED8E85BE6874}C:\apl\ive\pavimento_hormig\pavim_hormig.exe] => (Allow) C:\apl\ive\pavimento_hormig\pavim_hormig.exe () [File not signed]
FirewallRules: [UDP Query User{61D2331A-339C-4339-9832-A19D065E3E62}C:\apl\ive\pavimento_hormig\pavim_hormig.exe] => (Allow) C:\apl\ive\pavimento_hormig\pavim_hormig.exe () [File not signed]
FirewallRules: [TCP Query User{8A3D7F0F-1EDA-431A-85B4-75412348574C}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9B299D2E-87C9-4A5B-8595-B0E091905975}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{22A4E079-3360-4E55-9295-420320879499}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]
FirewallRules: [UDP Query User{6274BED8-EFDD-4CC4-A51A-7A406C05E953}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]
FirewallRules: [TCP Query User{3454ADA5-67BC-48EE-BE40-33F0A1F5EBE0}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Block) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]
FirewallRules: [UDP Query User{D1F0EA83-9196-472B-A7F8-4A527C951D79}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Block) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]

==================== Restore Points =========================

04-07-2019 19:36:07 Windows Update
08-07-2019 21:16:10 Windows Update
10-07-2019 18:46:06 Windows Update
15-07-2019 17:18:20 Windows Update
16-07-2019 18:52:32 Operación de restauración
16-07-2019 19:13:20 Removed Disk Drill 2.0.0.339
16-07-2019 19:24:21 Windows Update
16-07-2019 19:25:32 Windows Update

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2019 06:18:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FreemakeUtilsService.exe, versión: 1.0.0.0, marca de tiempo: 0x5d1b3782
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24475, marca de tiempo: 0x5cdd7feb
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000845d
Id. del proceso con errores: 0xae0
Hora de inicio de la aplicación con errores: 0x01d53cbb3a0f7b4b
Ruta de acceso de la aplicación con errores: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Ruta de acceso del módulo con errores: C:\windows\system32\KERNELBASE.dll
Id. del informe: 8222e454-a8ae-11e9-931b-002454122b72

Error: (07/17/2019 06:18:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: FreemakeUtilsService.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en FreemakeUtilsService.Program.Main(System.String[])

Error: (07/17/2019 05:45:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FreemakeUtilsService.exe, versión: 1.0.0.0, marca de tiempo: 0x5d1b3782
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24475, marca de tiempo: 0x5cdd7feb
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000845d
Id. del proceso con errores: 0x914
Hora de inicio de la aplicación con errores: 0x01d53cb694756f62
Ruta de acceso de la aplicación con errores: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Ruta de acceso del módulo con errores: C:\windows\system32\KERNELBASE.dll
Id. del informe: de404dd0-a8a9-11e9-91b4-002454122b72

Error: (07/17/2019 05:44:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: FreemakeUtilsService.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en FreemakeUtilsService.Program.Main(System.String[])

Error: (07/17/2019 05:24:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FreemakeUtilsService.exe, versión: 1.0.0.0, marca de tiempo: 0x5d1b3782
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24475, marca de tiempo: 0x5cdd7feb
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000845d
Id. del proceso con errores: 0xa7c
Hora de inicio de la aplicación con errores: 0x01d53cb3a7b40a2c
Ruta de acceso de la aplicación con errores: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Ruta de acceso del módulo con errores: C:\windows\system32\KERNELBASE.dll
Id. del informe: eeafd91d-a8a6-11e9-aacd-002454122b72

Error: (07/17/2019 05:23:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: FreemakeUtilsService.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en FreemakeUtilsService.Program.Main(System.String[])

Error: (07/17/2019 05:17:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FreemakeUtilsService.exe, versión: 1.0.0.0, marca de tiempo: 0x5d1b3782
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24475, marca de tiempo: 0x5cdd7feb
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000845d
Id. del proceso con errores: 0xb58
Hora de inicio de la aplicación con errores: 0x01d53cb2c1b12064
Ruta de acceso de la aplicación con errores: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Ruta de acceso del módulo con errores: C:\windows\system32\KERNELBASE.dll
Id. del informe: 08b020b7-a8a6-11e9-90dd-002454122b72

Error: (07/17/2019 05:17:33 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: FreemakeUtilsService.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en FreemakeUtilsService.Program.Main(System.String[])


System errors:
=============
Error: (07/17/2019 06:18:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Escritor VSS de SQL Server se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (07/17/2019 06:18:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HuaweiHiSuiteService.exe no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (07/17/2019 06:18:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Freemake Improver no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (07/17/2019 06:18:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Freemake Improver.

Error: (07/17/2019 06:17:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio McAfee WebAdvisor terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1 milisegundos: Reiniciar el servicio.

Error: (07/17/2019 06:17:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (07/17/2019 06:17:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Rezip se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (07/17/2019 06:17:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio ScsiAccess se terminó de manera inesperada. Esto ha sucedido 1 veces.


==================== Memory info =========================== 

BIOS: Phoenix Technologies Ltd. 05LL.M025.20090916.Jay 09/16/2009
Motherboard: SAMSUNG ELECTRONICS CO., LTD. R520/R522/R620
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Percentage of memory in use: 75%
Total physical RAM: 3036.61 MB
Available physical RAM: 755.8 MB
Total Virtual: 6069.5 MB
Available Virtual: 3664.95 MB

==================== Drives ================================

Drive c: (SISTEMA) (Fixed) (Total:230.33 GB) (Free:95.97 GB) NTFS
Drive d: (DOCUMENTOS) (Fixed) (Total:228.33 GB) (Free:21.86 GB) NTFS

\\?\Volume{dd706283-6ace-11e6-abea-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 07971743)
Partition 1: (Not Active) - (Size=7 GB) - (Type=12)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=230.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=228.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola

Si tienes Chrome en el móvil o cualquier otro dispositivo con el mismo perfil que tenías en el equipo, revisa que no esté sincronizado antes de realizar lo siguiente.

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-01] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [] => [X]
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [VIDC.LAGS] => C:\windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\windows\system32\x264vfw.dll [3613696 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\windows\system32\xvidvfw.dll [180224 2009-06-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\windows\system32\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB}] -> C:\Program Files\Mindjet\MindManager 18\sys\MmInternetExplorerActiveSetup.vbs [2016-02-25] () [File not signed]
Task: {1493DAD3-A907-4D3F-B011-8D88A126E820} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [342016 2009-08-01] (SAMSUNG Electronics co., LTD.) [File not signed]
Task: {1C632F72-12F8-483B-92C6-FE19350280A0} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [562176 2009-09-21] (Samsung Electronics. Co. Ltd.) [File not signed]
Task: {2DA7F283-D48F-482D-9B75-EDDC32FB5273} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [834560 2009-09-12] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {3033BA49-FA11-4373-BF13-B97226D3ECE1} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2016-08-01] () [File not signed]
Task: {336A6B9A-83FB-4C4A-8799-D3FD66B01B2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {3C43F1DA-9B66-4AF6-9061-90041BCD65A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {6D5B184F-40A1-4D0A-AD22-8089179F8801} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [716800 2009-08-23] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {AE32CA0C-3A88-4700-8CC1-3EF5C43776C0} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2242048 2009-08-06] (SEC) [File not signed]
Task: {C120FB33-E0D5-421A-B349-3DF06B106CCE} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [93184 2009-09-07] (SAMSUNG Electronics) [File not signed]
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> Adobe Acrobat Create 
FF Extension: (Adblocker for Youtube™) - C:\Program Files\Mozilla Firefox\browser\features\{E55C9A17-39B3-4F0A-9546-2E85FE620BE8}.xpi [2019-07-16] [Legacy] [not signed]
FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll [2016-09-04] ( ) [File not signed]
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811570"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B3C6A8B7A-CDE0-46F1-9FBB-292C21A38327%7D&gp=811570
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default [2019-07-17]
CHR Extension: (Presentaciones) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Documentos) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-19]
CHR Extension: (Video Downloader professional) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\bacakpdjpomjaelpkpkabmedhkoongbi [2019-06-10]
CHR Extension: (YouTube) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-15]
CHR Extension: (Video Downloader professional) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-12]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-08]
CHR Extension: (Hojas de cálculo) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Audio Downloader Prime) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\flainkeonkoanoijnkojmiiihnfdhipd [2019-04-28]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-07-08]
CHR Extension: (Copy Link Address) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdejdkdjdoabfihpcjmgjebcpfbhepmh [2017-12-07]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2019-07-08]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel Pérez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
S3 ALSysIO; \??\C:\Users\DANIEL~1\AppData\Local\Temp\ALSysIO.sys [X] <==== ATTENTION
2019-07-16 18:49 - 2019-07-16 18:55 - 000000000 ____D C:\Users\Daniel Pérez\AppData\Roaming\Snetchball
2019-07-16 18:49 - 2019-07-16 18:49 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-06-19 13:43 - 2019-06-19 13:43 - 000000000 ____D C:\ProgramData\{95D98EBF-3B15-8CA4-B706-46E2245F305F}
2019-06-19 13:40 - 2019-06-19 13:40 - 000000000 ____D C:\ProgramData\SystemAcCrux
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{6813A122-4BBF-4408-8C87-07176246B992}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{697DE5F4-0D13-4608-9728-7539F704E51C}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{70A294B3-FE6F-4af9-9395-CFC58FC07C30}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{DFAB83E9-EBA6-4425-928B-B15A57F39469}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{E27473C6-A63D-4b85-95FC-C7DE20306C0D}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
ShellIconOverlayIdentifiers: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2010-04-19] (Autodesk, Inc -> Autodesk) [File not signed]
ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {B5FA2AE6-7A94-4382-8EA9-58C725AAB854} => C:\Windows\System32\ISCM32.dll [2015-02-27] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2009-09-01] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers1_S-1-5-21-604524677-2708395862-3557633927-1000: [VIDEOTRANS] -> {C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} => C:\Program Files\Media Player Utilities 4.45\AMVConverter\AmvTransform.dll [2007-06-16] () [File not signed]
FirewallRules: [TCP Query User{73EC6DDA-3FD6-4631-AD21-7556910DE4A1}C:\cype ingenieros\versión 2012\programas\arquímedes..exe] => (Allow) C:\cype ingenieros\versión 2012\programas\arquímedes..exe () [File not signed]
FirewallRules: [UDP Query User{018E1F34-7432-48E5-A35C-1272CB2C9498}C:\cype ingenieros\versión 2012\programas\arquímedes..exe] => (Allow) C:\cype ingenieros\versión 2012\programas\arquímedes..exe () [File not signed]
FirewallRules: [TCP Query User{9DFE90FB-482D-466C-98DA-5F82A4F183E2}C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe] => (Allow) C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe () [File not signed]
FirewallRules: [UDP Query User{4162860C-198A-4D58-AC8B-83CF136AF1B6}C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe] => (Allow) C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe () [File not signed]
FirewallRules: [TCP Query User{9049C1E9-3C35-41D5-BF41-B2F7C527C6B5}C:\apl\ive\pliego15\pliego.exe] => (Allow) C:\apl\ive\pliego15\pliego.exe (IVE) [File not signed]
FirewallRules: [UDP Query User{CA9DF1F9-AABD-4422-91D2-17C19E06C9D8}C:\apl\ive\pliego15\pliego.exe] => (Allow) C:\apl\ive\pliego15\pliego.exe (IVE) [File not signed]
FirewallRules: [TCP Query User{D5B55676-AC4A-4C2D-8B9C-8F223E633083}C:\apl\ive\le\libroedif.exe] => (Allow) C:\apl\ive\le\libroedif.exe () [File not signed]
FirewallRules: [UDP Query User{6B834C36-B94E-4FD1-8D06-51643BD6AEAB}C:\apl\ive\le\libroedif.exe] => (Allow) C:\apl\ive\le\libroedif.exe () [File not signed]
FirewallRules: [TCP Query User{C76C0B04-5624-4213-9818-98BD8F44317E}E:\powerline utility\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan.exe No File
FirewallRules: [UDP Query User{9F1497D4-D2E1-48CC-8B1B-C3D5EB6D8146}E:\powerline utility\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan.exe No File
FirewallRules: [TCP Query User{E0E25CD0-D2C9-4D71-8714-ED8E85BE6874}C:\apl\ive\pavimento_hormig\pavim_hormig.exe] => (Allow) C:\apl\ive\pavimento_hormig\pavim_hormig.exe () [File not signed]
FirewallRules: [UDP Query User{61D2331A-339C-4339-9832-A19D065E3E62}C:\apl\ive\pavimento_hormig\pavim_hormig.exe] => (Allow) C:\apl\ive\pavimento_hormig\pavim_hormig.exe () [File not signed]
FirewallRules: [TCP Query User{22A4E079-3360-4E55-9295-420320879499}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]
FirewallRules: [UDP Query User{6274BED8-EFDD-4CC4-A51A-7A406C05E953}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]
FirewallRules: [TCP Query User{3454ADA5-67BC-48EE-BE40-33F0A1F5EBE0}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Block) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]
FirewallRules: [UDP Query User{D1F0EA83-9196-472B-A7F8-4A527C951D79}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Block) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Después de reiniciar, ejecuta malwarebytes para ver si ya no detecta nada. Instalas Chrome y vuelves a pasar Malwarebytes.

Nos comentas como fue todo.

Un saludo

Un mensaje ha sido unido a un tema existente: Infectado por Malware Adware.MailRu.BatBitRst

Hola @Daniela.

No he podido escribir antes porque como soy nuevo en el foro tenía que esperar 24 horas, jeje.

He hecho todo lo que me has dicho y parece que ha funcionado. Han pasado ya 8 horas desde que lo hice y no tengo nada. El Malwarebytes no detecta nada. El AdwCleaner tampoco detecta nada. En el CCleaner me aparecían dos extensiones de mail.ru en Chrome (a pesar de estar desinstalado), que no podía eliminar y ya no están.

Volví a instalar Chrome y me aparecían en la barra de marcadores los dos accesos “tóxicos” de mail.ru, pero los pude eliminar sin problema.

He pasado varias veces el Malwarebytes y el AdwCleaner y va todo bien. También he hecho una limpieza de registro con el CCleaner y todo correcto.

Muchísimas gracias por todo :smiling_face_with_three_hearts:

Por cierto, te pego el Fixlog.txt.

Un saludo,

Daniel

1 me gusta
Fix result of Farbar Recovery Scan Tool (x86) Version: 15-07-2019 01
Ran by Daniel Pérez (18-07-2019 12:36:28) Run:1
Running from C:\Users\Daniel Pérez\Desktop
Loaded Profiles: Daniel Pérez (Available Profiles: Daniel Pérez)
Boot Mode: Safe Mode (minimal)

==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-01] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [] => [X]
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [VIDC.LAGS] => C:\windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\windows\system32\x264vfw.dll [3613696 2016-05-08] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\windows\system32\xvidvfw.dll [180224 2009-06-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\windows\system32\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB}] -> C:\Program Files\Mindjet\MindManager 18\sys\MmInternetExplorerActiveSetup.vbs [2016-02-25] () [File not signed]
Task: {1493DAD3-A907-4D3F-B011-8D88A126E820} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [342016 2009-08-01] (SAMSUNG Electronics co., LTD.) [File not signed]
Task: {1C632F72-12F8-483B-92C6-FE19350280A0} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [562176 2009-09-21] (Samsung Electronics. Co. Ltd.) [File not signed]
Task: {2DA7F283-D48F-482D-9B75-EDDC32FB5273} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [834560 2009-09-12] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {3033BA49-FA11-4373-BF13-B97226D3ECE1} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2016-08-01] () [File not signed]
Task: {336A6B9A-83FB-4C4A-8799-D3FD66B01B2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {3C43F1DA-9B66-4AF6-9061-90041BCD65A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {6D5B184F-40A1-4D0A-AD22-8089179F8801} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [716800 2009-08-23] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {AE32CA0C-3A88-4700-8CC1-3EF5C43776C0} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2242048 2009-08-06] (SEC) [File not signed]
Task: {C120FB33-E0D5-421A-B349-3DF06B106CCE} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [93184 2009-09-07] (SAMSUNG Electronics) [File not signed]
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> Adobe Acrobat Create 
FF Extension: (Adblocker for Youtube�) - C:\Program Files\Mozilla Firefox\browser\features\{E55C9A17-39B3-4F0A-9546-2E85FE620BE8}.xpi [2019-07-16] [Legacy] [not signed]
FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll [2016-09-04] ( ) [File not signed]
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxps://mail.ru/cnt/10445?gp=811570"
CHR DefaultSearchURL: Default -> hxxps://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B3C6A8B7A-CDE0-46F1-9FBB-292C21A38327%7D&gp=811570
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxps://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default [2019-07-17]
CHR Extension: (Presentaciones) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Documentos) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-19]
CHR Extension: (Video Downloader professional) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\bacakpdjpomjaelpkpkabmedhkoongbi [2019-06-10]
CHR Extension: (YouTube) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-15]
CHR Extension: (Video Downloader professional) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-12]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-08]
CHR Extension: (Hojas de c�lculo) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Audio Downloader Prime) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\flainkeonkoanoijnkojmiiihnfdhipd [2019-04-28]
CHR Extension: (Documentos de Google sin conexi�n) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-07-08]
CHR Extension: (Copy Link Address) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdejdkdjdoabfihpcjmgjebcpfbhepmh [2017-12-07]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2019-07-08]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
S3 ALSysIO; \??\C:\Users\DANIEL~1\AppData\Local\Temp\ALSysIO.sys [X] <==== ATTENTION
2019-07-16 18:49 - 2019-07-16 18:55 - 000000000 ____D C:\Users\Daniel P�rez\AppData\Roaming\Snetchball
2019-07-16 18:49 - 2019-07-16 18:49 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-06-19 13:43 - 2019-06-19 13:43 - 000000000 ____D C:\ProgramData\{95D98EBF-3B15-8CA4-B706-46E2245F305F}
2019-06-19 13:40 - 2019-06-19 13:40 - 000000000 ____D C:\ProgramData\SystemAcCrux
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{6813A122-4BBF-4408-8C87-07176246B992}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{697DE5F4-0D13-4608-9728-7539F704E51C}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{70A294B3-FE6F-4af9-9395-CFC58FC07C30}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{DFAB83E9-EBA6-4425-928B-B15A57F39469}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{E27473C6-A63D-4b85-95FC-C7DE20306C0D}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
CustomCLSID: HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D}\InprocServer32 -> C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\AutoCAD\2010\32\AcrobatAcadIC.dbx (Adobe Systems Incorporated) [File not signed]
ShellIconOverlayIdentifiers: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2010-04-19] (Autodesk, Inc -> Autodesk) [File not signed]
ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {B5FA2AE6-7A94-4382-8EA9-58C725AAB854} => C:\Windows\System32\ISCM32.dll [2015-02-27] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2009-09-01] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers1_S-1-5-21-604524677-2708395862-3557633927-1000: [VIDEOTRANS] -> {C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} => C:\Program Files\Media Player Utilities 4.45\AMVConverter\AmvTransform.dll [2007-06-16] () [File not signed]
FirewallRules: [TCP Query User{73EC6DDA-3FD6-4631-AD21-7556910DE4A1}C:\cype ingenieros\versi�n 2012\programas\arqu�medes..exe] => (Allow) C:\cype ingenieros\versi�n 2012\programas\arqu�medes..exe () [File not signed]
FirewallRules: [UDP Query User{018E1F34-7432-48E5-A35C-1272CB2C9498}C:\cype ingenieros\versi�n 2012\programas\arqu�medes..exe] => (Allow) C:\cype ingenieros\versi�n 2012\programas\arqu�medes..exe () [File not signed]
FirewallRules: [TCP Query User{9DFE90FB-482D-466C-98DA-5F82A4F183E2}C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe] => (Allow) C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe () [File not signed]
FirewallRules: [UDP Query User{4162860C-198A-4D58-AC8B-83CF136AF1B6}C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe] => (Allow) C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe () [File not signed]
FirewallRules: [TCP Query User{9049C1E9-3C35-41D5-BF41-B2F7C527C6B5}C:\apl\ive\pliego15\pliego.exe] => (Allow) C:\apl\ive\pliego15\pliego.exe (IVE) [File not signed]
FirewallRules: [UDP Query User{CA9DF1F9-AABD-4422-91D2-17C19E06C9D8}C:\apl\ive\pliego15\pliego.exe] => (Allow) C:\apl\ive\pliego15\pliego.exe (IVE) [File not signed]
FirewallRules: [TCP Query User{D5B55676-AC4A-4C2D-8B9C-8F223E633083}C:\apl\ive\le\libroedif.exe] => (Allow) C:\apl\ive\le\libroedif.exe () [File not signed]
FirewallRules: [UDP Query User{6B834C36-B94E-4FD1-8D06-51643BD6AEAB}C:\apl\ive\le\libroedif.exe] => (Allow) C:\apl\ive\le\libroedif.exe () [File not signed]
FirewallRules: [TCP Query User{C76C0B04-5624-4213-9818-98BD8F44317E}E:\powerline utility\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan.exe No File
FirewallRules: [UDP Query User{9F1497D4-D2E1-48CC-8B1B-C3D5EB6D8146}E:\powerline utility\powerline scan.exe] => (Allow) E:\powerline utility\powerline scan.exe No File
FirewallRules: [TCP Query User{E0E25CD0-D2C9-4D71-8714-ED8E85BE6874}C:\apl\ive\pavimento_hormig\pavim_hormig.exe] => (Allow) C:\apl\ive\pavimento_hormig\pavim_hormig.exe () [File not signed]
FirewallRules: [UDP Query User{61D2331A-339C-4339-9832-A19D065E3E62}C:\apl\ive\pavimento_hormig\pavim_hormig.exe] => (Allow) C:\apl\ive\pavimento_hormig\pavim_hormig.exe () [File not signed]
FirewallRules: [TCP Query User{22A4E079-3360-4E55-9295-420320879499}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]
FirewallRules: [UDP Query User{6274BED8-EFDD-4CC4-A51A-7A406C05E953}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]
FirewallRules: [TCP Query User{3454ADA5-67BC-48EE-BE40-33F0A1F5EBE0}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Block) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]
FirewallRules: [UDP Query User{D1F0EA83-9196-472B-A7F8-4A527C951D79}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Block) C:\program files\tp-link\tp-link plc utility\tpplc.exe (TP-Link TECHNOLOGIES CO., LTD.) [File not signed]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC" => removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully.
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.LAGS" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.X264" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.XVID" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FFDS" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\msacm.ac3acm" => removed successfully.
HKLM\Software\Microsoft\Active Setup\Installed Components\{90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1493DAD3-A907-4D3F-B011-8D88A126E820}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1493DAD3-A907-4D3F-B011-8D88A126E820}" => removed successfully.
C:\Windows\System32\Tasks\EasyBatteryManager => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasyBatteryManager" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C632F72-12F8-483B-92C6-FE19350280A0}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C632F72-12F8-483B-92C6-FE19350280A0}" => removed successfully.
C:\Windows\System32\Tasks\BatteryLifeExtender => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BatteryLifeExtender" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2DA7F283-D48F-482D-9B75-EDDC32FB5273}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DA7F283-D48F-482D-9B75-EDDC32FB5273}" => removed successfully.
C:\Windows\System32\Tasks\EasyDisplayMgr => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasyDisplayMgr" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3033BA49-FA11-4373-BF13-B97226D3ECE1}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3033BA49-FA11-4373-BF13-B97226D3ECE1}" => removed successfully.
C:\Windows\System32\Tasks\klcp_update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{336A6B9A-83FB-4C4A-8799-D3FD66B01B2B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{336A6B9A-83FB-4C4A-8799-D3FD66B01B2B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C43F1DA-9B66-4AF6-9061-90041BCD65A0}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C43F1DA-9B66-4AF6-9061-90041BCD65A0}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6D5B184F-40A1-4D0A-AD22-8089179F8801}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D5B184F-40A1-4D0A-AD22-8089179F8801}" => removed successfully.
C:\Windows\System32\Tasks\EasySpeedUpManager => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasySpeedUpManager" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE32CA0C-3A88-4700-8CC1-3EF5C43776C0}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE32CA0C-3A88-4700-8CC1-3EF5C43776C0}" => removed successfully.
C:\Windows\System32\Tasks\advSRS4 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\advSRS4" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C120FB33-E0D5-421A-B349-3DF06B106CCE}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C120FB33-E0D5-421A-B349-3DF06B106CCE}" => removed successfully.
C:\Windows\System32\Tasks\SamsungSupportCenter => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SamsungSupportCenter" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => removed successfully.
HKLM\Software\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => not found
"HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => removed successfully.
HKLM\Software\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => removed successfully.
HKLM\Software\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FE6A929-59D1-4763-91AD-29B61CFFB35B} => removed successfully.
HKLM\Software\Classes\CLSID\{6FE6A929-59D1-4763-91AD-29B61CFFB35B} => removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removed successfully.
"HKLM\Software\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removed successfully.
"HKU\S-1-5-21-604524677-2708395862-3557633927-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> Adobe Acrobat Create" => not found
"HKLM\Software\Classes\CLSID\Toolbar: HKU\S-1-5-21-604524677-2708395862-3557633927-1000 -> Adobe Acrobat Create" => not found
C:\Program Files\Mozilla Firefox\browser\features\{E55C9A17-39B3-4F0A-9546-2E85FE620BE8}.xpi => moved successfully
HKLM\Software\MozillaPlugins\@photodex.com/PhotodexPresenter => removed successfully.
"Chrome HomePage" => removed successfully.
"Chrome StartupUrls" => removed successfully.
"Chrome DefaultSearchURL" => removed successfully.
"Chrome DefaultSearchKeyword" => removed successfully.
"Chrome DefaultSuggestURL" => removed successfully.
"C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default" => not found
CHR Extension: (Presentaciones) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16] => Error: No automatic fix found for this entry.
CHR Extension: (Documentos) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16] => Error: No automatic fix found for this entry.
CHR Extension: (Google Drive) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-19] => Error: No automatic fix found for this entry.
CHR Extension: (Video Downloader professional) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\bacakpdjpomjaelpkpkabmedhkoongbi [2019-06-10] => Error: No automatic fix found for this entry.
CHR Extension: (YouTube) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-15] => Error: No automatic fix found for this entry.
CHR Extension: (Video Downloader professional) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-12] => Error: No automatic fix found for this entry.
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-08] => Error: No automatic fix found for this entry.
CHR Extension: (Hojas de c�lculo) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16] => Error: No automatic fix found for this entry.
CHR Extension: (Audio Downloader Prime) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\flainkeonkoanoijnkojmiiihnfdhipd [2019-04-28] => Error: No automatic fix found for this entry.
CHR Extension: (Documentos de Google sin conexi�n) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17] => Error: No automatic fix found for this entry.
CHR Extension: (AdBlock) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-07-08] => Error: No automatic fix found for this entry.
CHR Extension: (Copy Link Address) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdejdkdjdoabfihpcjmgjebcpfbhepmh [2017-12-07] => Error: No automatic fix found for this entry.
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2019-07-08] => Error: No automatic fix found for this entry.
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] => Error: No automatic fix found for this entry.
CHR Extension: (Gmail) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Daniel P�rez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully.
C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully.
HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully.
ALSysIO => service removed successfully.
"C:\Users\Daniel P�rez\AppData\Roaming\Snetchball" => not found
C:\ProgramData\Mail.Ru => moved successfully
C:\ProgramData\{95D98EBF-3B15-8CA4-B706-46E2245F305F} => moved successfully
C:\ProgramData\SystemAcCrux => moved successfully
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{2B663ECE-5770-491c-A474-F98603C40681} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{2B93DB32-8D98-4438-93B5-5C2CC3441999} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{6813A122-4BBF-4408-8C87-07176246B992} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{697DE5F4-0D13-4608-9728-7539F704E51C} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{70A294B3-FE6F-4af9-9395-CFC58FC07C30} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{74562BED-63D6-4234-A386-937DB6FA38AE} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{7C90F737-950A-49eb-B6C1-EE1744C75E97} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{868D9612-74A1-405b-9758-369138103193} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{BB9F1D04-94AB-40b7-ABAE-33D2637F6340} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{CC3BE603-926A-40ae-9570-4258474F0364} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{DD0B2199-F2FD-41eb-B744-B06B100B9A43} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{DFAB83E9-EBA6-4425-928B-B15A57F39469} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{E27473C6-A63D-4b85-95FC-C7DE20306C0D} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{F5756047-E218-465a-AC4C-FD04238C4896} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{F9748CB6-1CCB-4557-905E-8D42C83AAEB6} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000_Classes\CLSID\{FC072C1A-25CB-49e7-8F79-F2A8B8C3289D} => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Identificador de icono superpuesto para firmas digitales de AutoCAD => removed successfully.
HKLM\Software\Classes\CLSID\{36A21736-36C2-4C11-8ACB-D4136F2B57BD} => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AcShellExtension.AcContextMenuHandler => removed successfully.
HKLM\Software\Classes\CLSID\{2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\iSkysoftVideoConverterFileOpreation => removed successfully.
HKLM\Software\Classes\CLSID\{B5FA2AE6-7A94-4382-8EA9-58C725AAB854} => removed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully.
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000\Software\Classes\*\ShellEx\ContextMenuHandlers\VIDEOTRANS => removed successfully.
HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Classes\CLSID\{C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{73EC6DDA-3FD6-4631-AD21-7556910DE4A1}C:\cype ingenieros\versi�n 2012\programas\arqu�medes..exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{018E1F34-7432-48E5-A35C-1272CB2C9498}C:\cype ingenieros\versi�n 2012\programas\arqu�medes..exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9DFE90FB-482D-466C-98DA-5F82A4F183E2}C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4162860C-198A-4D58-AC8B-83CF136AF1B6}C:\apl\ive\catalogo_03_60\catalogo_v03_60.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9049C1E9-3C35-41D5-BF41-B2F7C527C6B5}C:\apl\ive\pliego15\pliego.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CA9DF1F9-AABD-4422-91D2-17C19E06C9D8}C:\apl\ive\pliego15\pliego.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D5B55676-AC4A-4C2D-8B9C-8F223E633083}C:\apl\ive\le\libroedif.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6B834C36-B94E-4FD1-8D06-51643BD6AEAB}C:\apl\ive\le\libroedif.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C76C0B04-5624-4213-9818-98BD8F44317E}E:\powerline utility\powerline scan.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F1497D4-D2E1-48CC-8B1B-C3D5EB6D8146}E:\powerline utility\powerline scan.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E0E25CD0-D2C9-4D71-8714-ED8E85BE6874}C:\apl\ive\pavimento_hormig\pavim_hormig.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{61D2331A-339C-4339-9832-A19D065E3E62}C:\apl\ive\pavimento_hormig\pavim_hormig.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{22A4E079-3360-4E55-9295-420320879499}C:\program files\tp-link\tp-link plc utility\tpplc.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6274BED8-EFDD-4CC4-A51A-7A406C05E953}C:\program files\tp-link\tp-link plc utility\tpplc.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3454ADA5-67BC-48EE-BE40-33F0A1F5EBE0}C:\program files\tp-link\tp-link plc utility\tpplc.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D1F0EA83-9196-472B-A7F8-4A527C951D79}C:\program files\tp-link\tp-link plc utility\tpplc.exe" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-604524677-2708395862-3557633927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12938731 B
Java, Flash, Steam htmlcache => 1213 B
Windows/system/drivers => 3375123 B
Edge => 0 B
Chrome => 11999849 B
Firefox => 14223409 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83725 B
LocalService => 132244 B
NetworkService => 2789110 B
Daniel Pérez => 13181144 B

RecycleBin => 29126 B
EmptyTemp: => 56.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:37:05 ====
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/7/19
Hora del análisis: 12:39
Archivo de registro: 578d9ecc-a948-11e9-a990-002454122b72.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11612
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 196762
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 8 min, 15 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola

No te preocupes, si lo hubiera sabido te hubiera comentado que con dar una vuelta por el foro y leer 3 o 4 temas, ya hubieras podido responder, pero bueno … lo importante es que se haya resuelto el problema que tenías en tu equipo :grinning:

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte :handshake:

Nos alegramos que se te haya resuelto :+1: Damos el tema por solucionado.

Solucionado

Un saludo