Mi Pc no lee ni reconoce el disco duro externo

Permiso @JavierHF

Yo tengo un disco externo y me hace algo similar.

Cuando lo conectas Windows reproduce el sonido que algun dispositivo ha sido conectado?

Hola. No, Sólo el pitido que emite desde dentro el disco duro al conectarlo al ordenador y la luz de encendido del disco duro, pero en el ordenador no sale ningún aviso ni ninguna notificacion de que se haya conectado. Pero me gustaría alguna forma de poder ver las carpetas que tengo dentro del disco duro, aunque no pueda manipularlos o algo, o intentar recuperar el contenido.

Pregunta @Anixel tienes nociones básicas de Windows? Esperemos que si porque ya no me acuerdo los procedimientos en Win7… Pero entra al administrador de discos desde tu pc, si no, es algo asi. Inicio>Mi PC>Administrar equipo>Administración de discos. te tiene que salir una imagen como esta:

Como vez al seleccionar el disco duro externo si lo reconoce mi PC, si en tu caso hace lo mismo vas a tener una infección en tu pc que no te permite acceder a el disco duro externo o dispositivo o en su caso el disco duro externo tiene un virus.

Nota Ya probaste otros dispositivos USB y si los reconoce y los lee sin problema?

Hola. Gracias por responder. Me temo que va a ser lo segundo que has dicho, que tenga un virus, porque en el administrador de discos no me aparece tampoco, sólo el del equipo. Pero al darle al administrador de discos me aparece un recuadro que dice:


Mi disco duro es un Maxtor de 1tb asi que le doy al MBR pero me sale un cuadro diciendo que “No se puede realizar la solicitud por un error del dispositivo E/S”

Hola @Anixel.

Lo mas normal es que tengas un problema de daño físico o de fallo en la partición lógica del sistema de archivos del disco. :pensive:

Podemos indicarte pasos para buscar infecciones en tu equipo para descartar que NO sean éstas las responsables, pero es bastante raro que SOLO tengas problemas con un disco y con otros, como ya indicaste desde un inicio, NO tengas problemas similares. :thinking:

Que desde el TV/SMART o TV normal SI puedas acceder a la información/ficheros(vídeos,películas, imágenes o audios) sin problemas es bastante habitual, ya que ese tipo de aparatos NO usan windows como sistema operativo, suelen usar alguna distribución de LInux recortada o diseñada específicamente para ser reproductores multimedia y suelen ser menos restrictivos ante los fallos o problemas de los dispositivos que se conecten.

Dinos si quieres que te demos pasos de revisión de tu equipo y poder ir avanzando en el problema en caso de poder llegar a tener acceso al dispositivo.

Saludos.

Hola.

Muchas gracias por la ayuda y por el tiempo dedicado. Me gustaría que me diérais indicaciones para descartar que no sea del equipo el problema. Seguramente sea lo que has dicho al principio, pero quiero descartar antes si es un problema del equipo o no. Me gustaría poder ver los archivos que tengo en el disco duro, a través de un programa o algo aunque no pueda recuperarlos o manipularlos, para saber lo que tengo, ya con eso me quedaría mas tranquila.

Por cierto, cuando conecté el disco duro directamente en el usb del ordenador, al cabo de un rato, el pitio que emitía dejó de oírse.

Gracias.

Hola.

Durante los procesos que vayamos realizando, a partir de este momento, mantén conectado a tu equipo el disco externo directamente con su cable a un puerto USB, NO lo conectes atraves de ninugu HUB o multiplicador de puertos USB.

Y ahora para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.

Hola.

Acabo de hacer todo lo que has puesto, te dejo los informes:

-Informe de Malwarebytes:


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 6/2/19
Hora del análisis: 16:35
Archivo de registro: d1489a9e-2a24-11e9-8c49-74d43510c101.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.538
Versión del paquete de actualización: 1.0.9074
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: WIN-JKCQ8P2BBLH\Administrador

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 314294
Amenazas detectadas: 3
Amenazas en cuarentena: 3
Tiempo transcurrido: 6 min, 33 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
Trojan.Fileless.MTGen, HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|^F3AFBB9F, En cuarentena, [6664], [262349],1.0.9074

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 2
Trojan.Fileless.MTGen, C:\PROGRAMDATA\F3AFBB9F\F3AFBB9F.EXE, En cuarentena, [6664], [262349],1.0.9074
Trojan.Fileless.MTGen, C:\PROGRAMDATA\F3AFBB9F\F3AFBB9FTEST.AU3, En cuarentena, [6664], [262349],1.0.9074

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

-Informe de AdwCleaner:


# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-25.2 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-06-2019
# Duration: 00:00:24
# OS:       Windows 7 Home Premium
# Cleaned:  395
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\SOFTWARE\087bf8472bc5252a846ad867fcad4e70
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF053008-8841-4D34-A1A6-FFA79C9E20F2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FEDC8B78-EC6-43F1-99F-B18424E8A53}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FECA00DC-24D-4A8B-BE2B-FAA86123D253}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE4E6038-325C-42DE-86D7-10EEBCFBB73}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE18D06E-EB7-4CBF-A0C7-4DD1754B93FA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE05B96D-107D-4B13-BBAC-A87C78517DA8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDC0341C-7C1C-490D-9ECC-7D45DD58D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBE1E9D1-8AEE-4E04-8173-B14D6FCB3DB6}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBCAF00C-BC31-45EC-A42A-BCE159D27E18}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAFA255B-F8AF-43B6-879A-67B82F1EAC5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9E69D0B-E41D-498E-91E-7249763F69A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9B9F510-E76D-455F-9173-AB5BA97D54D5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8C231BD-23A3-42E1-8EC7-F36510115514}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7CE009B-B865-4EB3-9E3C-BE209E58B755}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F78D589C-AEE6-4739-98CB-1235554A44}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5DAF76-8A0-4D87-A53E-72AECE2FE62E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4BB8834-4F51-4528-AEFE-E2C21C06774}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F49021D9-A7BC-43DB-9EDB-ED4514AD85A9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F38D6CAF-C727-4681-98B8-4BBF1E90F6DA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F355631E-29A5-4942-8B9-6EB21B882F71}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F32EE05-6A7A-452E-A190-725CD676F095}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2F1F948-3D3B-4688-9EE4-B44B1748C92}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2DAC956-902F-4AC1-B9A5-B68CED60A4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F288628F-B73B-45EC-AFE8-C9AA1715CA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1DF4FF3-DD7C-4BF8-97CE-757C4B3BEA40}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1405C9B-5A9E-440B-89EF-6484F42DE3C9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE7CB5AC-A037-4141-B0C6-8C4022F0317D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE5FAA80-453D-4592-8AEE-936136D9CBA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECF07AE6-193-4B0F-9C69-2EF6D5E7C98C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECCF6693-9D66-4B6E-AD9F-D6B9945B62C9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC74DE7B-C78-40A8-A810-30378C954ACE}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBEE356-6AEF-426E-91F5-44856BA09A4C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBC898D-B360-40BD-892B-5C6AAF30C0E2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB861E7F-85C2-4A2D-86D3-9D2E37FB093}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB1E50C4-5DF3-4F49-843F-2ABED5CE96AB}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA3CB88D-D89-41A7-99B0-302AF0704CE4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7F910EF-AD81-4882-9A5A-D7D8CA44CA46}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E79E7BB6-3DA2-425B-AC51-4B49F25BEAF}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E777217B-4DA3-4506-AA8C-4A35934FBAF7}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E74FB169-902-4516-B822-9A4CFB41DB72}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6371671-585E-4FA6-B553-4069A8963190}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E618CE1-902F-449A-9121-8F4415775B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5E12FD4-35A4-4629-B495-E94855EFBF9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4A8BE35-6C4A-43D8-8061-3AF676611DC9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E49DB125-3E37-4F39-9BE-C8534F58E180}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E44285C3-2037-4BE8-903E-45AE56EC3B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4057EB5-75C0-4AEF-95D3-DDDCEAEB50E8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3493DAE-A053-4C51-9F6-F6A3B359BF4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1A34EB1-4E2A-4DCA-A6FB-CDE7599721C6}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1503CD9-4E0D-4D7A-89C7-98275AD3C2C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0CAD6DB-F1D4-4679-A386-EE13E27D22C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E07E7501-ADC3-47F2-A7CA-8369CEDD018}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E00450CD-476-4750-8BD4-45C19E337C5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFD8A7E8-E575-4B12-90E3-8AD31D7B7AE}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFCF5C29-DC9-4A2A-B6CC-B7A1A1E1F21}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFB8AC4D-D74D-4DB1-BECB-C0AA17F6C00}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF179CA5-6B1D-46C8-BC5-CA38708DBC43}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEFCA3F9-A513-4C3E-98E2-48AD4AE2223}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEF7DB34-5CCF-433D-98B6-3CA73B48114B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE941A40-C0B0-4D5D-BC5-DC9B4C59DA9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDE8F64-57D6-4E79-A739-B43EF814DD43}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC79C153-BB1C-4909-9AD6-F130E076C368}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC78D19C-CF6A-434F-A9F5-5B50F2C640B5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC54779-225F-432F-864-DDFD691BB5F}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBD7A259-2883-4875-A311-2A489582C35D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB8846E9-3978-4E93-8D7B-31E579C4CC8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB419244-8DA7-45EA-B0CA-E268E9801BCF}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DABB43E0-34A-4E4F-82FD-D539A8E6168}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9DC9808-AC93-4E6B-ABA0-45E2E66DE098}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7F497D8-CCAA-43A5-ABA8-A84F32B6F8E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E83AD9-D793-4B4A-B56F-869A42F9315E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7DF96B2-E8B1-4EAB-8DC8-C83832FBDE}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D78ACDAA-49A9-4DA1-A363-1962CD26892A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D78195B5-759B-477E-9562-BFC59FC1EAA7}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D709D16C-53F-4A0E-85ED-15D2926C9BAA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6E92832-DCEB-4CD5-BE5E-DBAD7339299}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6D32E76-99B-4F20-BF55-9FCFA37CFEC4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D682A1E3-E592-4FB3-914F-2A4114ABBCDE}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D63742C5-449E-45D1-B2D0-A66D28BB239A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4A7F0E6-57E0-4656-AC38-1EB079829C1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D414C3F5-7B56-4DC0-87EA-D9FC41D85D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D359F61E-3F00-44CC-AD45-854C754EB797}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3237DEB-711E-41CA-BE61-315E3C02B45}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D29BC974-CB01-4BA3-9E59-25A07BFB679B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2863E74-5013-46EF-8429-742A1F3D5DA8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D285E4F0-2490-4E4B-88F8-CDBE40A4C484}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D285997E-6E80-49C5-AF2C-EF4F2A165E78}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D16F32FE-B755-4DC5-83D2-4CCAB92EA3B6}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D16C140E-3C68-4DF2-B931-4EA58B44884D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D098F73F-49CF-4609-BEE0-F08C23F1C377}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF06C471-8FDB-4D69-9210-B8E7A0B668A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEEA8FD9-69D3-4488-887C-CDCA21FBE94C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE982F7D-6AE1-477A-BE39-DBA2EE88E32B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDF8F426-A122-4721-8971-D8D3D55AED1E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCD6A22B-5BB9-4C72-BE2C-5F1BCEB7784}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC83156-ECE8-4733-A723-649A57BB4D89}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC45D3AC-F306-456A-9261-E94C16A7152}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBE07803-40E5-47C5-B89B-7FD8B1D234D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBA1D596-AEDF-4070-ACF1-AF909BEAB2E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB872F8D-307D-4F0E-89E4-34E5CD225EA5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB2A9787-4071-4388-9DB-77334954A40}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAB17773-DC7F-46CB-AB3B-AB3DCCC07D31}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA4286C8-D620-4A23-9124-5A978C61CE16}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6FE6C81-A1A8-40C4-8B59-86DD76CC730}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5F69DB9-DFC5-4D08-8FCE-FF8664FF1B6}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5D1ECB-B527-40AD-B887-56647C9541AA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5389FC8-912A-4E2A-AA55-A84D2F9FC36D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C38D8AA6-41BB-41E8-831E-E3ABB531A15}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C32F030F-BCD3-45C2-B080-B911456197AA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C31393B-3638-4CBC-BB6F-7F97DB1D3845}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2B26981-322C-4203-8623-7D90422DB6B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C23134D0-40DC-4285-927-316C29BA3C1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1E91FD-2324-4B99-8F1B-214D278BE51}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0F2BCAB-D0CA-4026-B7CE-B3711DD53E2E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C04717E2-DA86-4CF0-B12F-4EFD91D577D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C00234E3-E5E3-4C19-BA98-7187EA838C78}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFD9E2D9-5DC3-489C-8E52-BE346E3B284}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE1E48BF-8F0A-4712-94B8-3C516E8F4944}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD2693B0-D2FE-4774-8E77-A2FA815597F2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC3B6563-3CB-4C2A-B473-E9E0A813DEAB}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBF7AAFE-F110-494B-B48D-FB57A33648E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BADDD82-9478-4092-9386-44F714F7D18B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA46CBDF-14BD-420B-ABB0-DD2B8EC9390}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B99D8625-DBF4-4D85-89F5-1ACCB365CB9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B943A7F5-774-400C-811A-F6386386DD0}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B870CA2E-C866-47C0-8F74-F8D8EE364159}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B853B34-818A-4423-A42E-82DE922CD3DF}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B693F041-5EA3-423A-9EF-74F8E8728953}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5883B61-D007-4308-A0A5-9D5363DEDE9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5814E2A-C568-4B5D-901-60817681DB2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B35D86BA-6BB4-4DC8-88F2-4E29EEFE6B2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3395C05-34C8-4A5E-B022-37948E69EF45}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3018D67-937C-4DDF-8B27-1CC5E6C244A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B17C3DE7-2D9-47C9-B4F3-20C630646697}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0363FB1-B52C-4887-8A4A-9D5641761DDD}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFEC7E6B-311A-468D-9AB5-CA8F96D523A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF8E6F5-BA8D-4A94-A3F3-4C75E12E77E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD187634-FCC6-4A0A-9214-8D3F3BAE17B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC0DD5C8-5804-4A00-8247-3B330993D91}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC0A0EE-4F58-456D-86E0-7A95DD455068}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB8D93B-437A-4F42-BA7D-93E653C2B422}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB669943-D7DB-411E-8AEA-62AF451F098}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB23D11D-858F-4946-B48D-79FA2B271A63}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A957F7E-4029-48D0-BEC3-831189B0887C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A91F2CE5-914F-4575-838C-FEC5ADB7ABB4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A83F66E-E23E-440F-97A0-DFB48531FFF5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A79CC3A4-7183-45BD-AEB1-9757DF84D8B9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A68E0307-97CA-4064-8DF6-E49521516742}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A682F2EB-C7C6-4FC8-9BC7-5F86147517F2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5EC6B82-F36D-4802-BCB1-CAE69370E691}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5D8F148-3AB4-45B4-A9FE-23DD94603C4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4C5C1F3-9D84-4523-9F10-71CF8DA828}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A405A45F-C186-4FFA-938-4D28512E51D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A39DC3-9D2E-49A1-AD9D-229FDE2E30EB}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A370280C-C27A-4642-AC4B-146CAB34CC26}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A20FB15D-E8E2-442A-AD9B-A4CA9564A44F}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1E4548F-910-459C-92B4-19F7C49A465D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0AE133-E763-417F-B95C-8D68575FC61E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A06F5739-A566-4F33-9774-41BDD0DDCF2C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A061771A-8541-44F0-A46-EC984A31F16F}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A05264F1-B520-4C71-A028-8E72E47C10F1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F7F97D-CB6-4617-BCDB-A4669298C424}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D03C42-726F-45C7-BB12-E19E98284138}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CA3BBA6-BFA3-4679-A9FB-1F5E9B2F7A4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C28BD6-4BD1-4993-BC0-6FA577E1FD7C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B08074B-85BA-4497-9A52-87F5632AF50}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{994E658-C305-4F0D-B25C-637B5BCBCC}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98989747-50C1-41D4-B2B0-8080D0137647}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{987EE9E-6C1C-4D6C-A41C-14CA831BA3}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98096FCE-8E24-45BF-B563-0B9B8717C8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{979C2717-B297-403D-904E-38CC468A342}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97558B0C-5EE0-4CCF-9AA0-575FF2E22BAF}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{964E461-F045-495F-AA81-20CDF0DB7968}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9643D986-B53D-4590-A7DA-7A3BFCAE5961}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9506EF29-4CF0-4F01-BA7B-82BF10F743AC}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94B4F84-5A4A-4AC4-9BFF-D49F4BD2A9B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948C52C6-EF96-4DED-A611-FA8F4CFD614}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948713C6-AD89-4E91-9CE-286AB4CDA63D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{945CBD2A-825D-4392-828C-1AE27696A9CF}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94180A0D-E874-42B8-BE61-CCE3C6FDF7}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93FC4370-E83A-4A6D-811F-776F2621921}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93E61A25-CE71-4416-A737-1995C0AFF28}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{935AA413-D6EE-468D-971E-B7438A19E822}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{918C7323-48AE-43BF-902C-88923DC461}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9176D6B2-519-4312-9B75-727D60AF823B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{912D37F-6817-4954-853D-B58F26B4C613}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9079D161-6E39-4C6E-A091-F9E9CACB261}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{903EE973-52E8-4BBF-83F9-D35560E8CE87}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ECCB78D-DB6E-4E72-80A1-FC31D84A7552}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E93EED3-A9E7-47AB-9BE1-223CF2AA6D5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D87C86F-BA79-4F87-82EC-723FBA7EEE3}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C9E628A-79AC-4F58-B788-61B4F21E5A1A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BD23D16-C4FA-44C3-A2F3-202AEE5B79F0}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B3D92C6-9943-4875-84B7-D3A77B71F13D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A165F7A-66C0-4A87-9328-845E5A3D77E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8954310D-878D-4419-81E5-D9CDD129A1CC}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{892B0692-501D-4824-8FB7-2867046C82}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8831736A-F7E-491A-9916-9B1B5A223B39}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{881DC406-B028-4520-B12-E7666D94EF6}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8817E50D-14DC-458C-953A-DE9A9719B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{875FC634-E9EA-45D8-9974-2AED83ED839F}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{875DF012-768C-4500-8682-F72C3849EC73}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86F8F942-6080-4137-81B-A38280BCEB56}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8414F9FA-1A2D-4CD7-8EA9-A53FBC458C34}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82AB555E-6777-482C-8AB0-B74E4CCC10D9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82A719B8-85B-486D-89B3-7ED8CA671C16}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82A4B6C2-4BA3-474F-A73F-17906E7DF859}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82366352-AB7B-46D6-8B20-EAF52A78AE52}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8222953B-60BE-485D-993B-38796FE37E1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80D5DCF9-77B3-4ECF-BEB1-C254BFFAF2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8095F148-5C94-424B-BFA7-66AF1D66B0CE}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{808931D3-FA97-425E-8C8E-E4CEA18477D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80561C88-94B7-4123-BEB5-E595B868613}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FEA675B-6FE1-4CC2-8973-545536993D4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FBF1B08-4C0-43D8-832A-3F4F46A2C7C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F468C7C-83F3-4E9B-BC32-821949D087DA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F408952-BC9D-4EBB-90AF-43A23281623F}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E5706E9-3D5B-44F5-9A56-C145464F64AA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E04D8D8-85A-4880-B953-E0531EF7C33B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E017E72-7A0-438C-B12E-A26FF61E531}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D4B176-C355-45BA-A0CE-7F1539534D6D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CBD90F1-F4D3-4DD7-B4FA-548A9BDA8921}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C83B27B-7D3B-4FB6-B2E8-6639A4564BA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C12DC04-CDF0-4B9E-91CE-B3E2B272CC1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ACDF9F1-3B33-4AC0-A20-89F4B69B588}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A610A92-16EE-4F28-AB70-5ED785A023F7}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A171354-B82B-4830-98DB-251A92F3A9C8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79F94129-B13-40D2-9F59-86C0628331CC}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79EBE101-1630-4B6A-A198-D9D59737ECA9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{799BB2C6-FFB6-4ED2-8AA7-7577720299}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{799AE112-FABD-4F57-BE66-D4707FB6DF2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{795092EA-3DE9-48F3-91E8-FE4283AE641}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7657121D-D9CC-46DA-BB3A-EEB3C16E4D9D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75C4C615-190-4013-9FE-EEB0CD50C3D1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{741CBD6A-5EBD-4224-A62E-474635E93E3}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73C6A5E0-7D33-450C-AFF0-76397D34474}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7381D90A-11A0-4493-8AAC-B678A0C15762}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{732FCD03-E0BC-41EA-899F-1AD98BDCC851}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7206738D-7598-404E-8414-1E4CBEFEED2E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71634D58-A9D-4C90-9F22-77C9E5EC9BA5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{714B7813-23F5-4A47-AC6E-55A520C3DA1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71144709-E0A-4002-A137-AC8EF6A06566}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70C80DD9-D831-4002-B650-998A93D809B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70373916-CCC-474C-9967-97CCE8D2C12D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F357E7F-A0A7-4BFE-8435-A4B348407647}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E830257-BECA-4DE4-86A4-D191D71FB215}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E64726A-52A2-4F8B-97E8-1D99C93EFB7}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E5AFC1A-315F-4F1A-B298-EDE918DEA3B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D94AD5D-59AA-4059-A525-DF8AC3C44890}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B5A5E65-182F-4C90-91AF-42518C5574F5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B32892E-2BB-4669-B7A9-7ADC23C63615}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6AB06C6E-B099-4AD0-8EA2-B7AC3FC569B7}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69F6FF0-AC41-46E1-9E5C-29B5B534F8E7}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69F0646D-F1B1-47C7-831C-58895F60929}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{698CC643-CEC0-4B0F-9165-E61870C6CAE6}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{694B4E8F-9B88-40EF-9284-C0BCF032847A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{691C1332-6520-4292-82A8-D94F2791B4E3}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68C46651-E6C9-4C2F-9A62-7357D2793FB}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68A2D548-E9FB-4096-B992-F79EA18EAB33}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{686D0001-BD83-4012-8FB3-77D9BA3B16B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67E794B0-CBC5-4789-A75E-EEDEACCEF1FA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{676FA4A1-6D3C-408B-89B9-A7D12244F60}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66163678-7AAB-47D2-B64F-8EF7C27176ED}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64FAB75F-4AD7-4126-A1CE-863AE6AD6D3}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64EDBDC7-A-45F7-B0C1-76E32C586196}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64888E02-5CE5-417A-887D-8BD12E3EF3E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{644CD218-E7D1-41A8-A62F-3EC180F08D18}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63C98A3-A5F0-41F4-8F73-D1837325F795}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6236B259-1CEA-4B74-9EC2-5EE5887366FC}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61572B74-754E-4D63-ACB4-2EE8C65DE974}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EF89C97-6D8E-4B97-8C22-FA7F3ECCF33}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EB1E1B-71F4-4559-A410-10B6D68F9A99}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E91AE2E-6AA-48F4-BAB2-28ABE69E2BED}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E7B9FA-9C2C-4225-B887-A1EC641956BE}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DCF8019-ABD2-44CA-A137-EB6BD8D7D299}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D8312FC-31E2-4746-A4F-31351F31144}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B6C407C-1DB8-4E4B-AFBE-70991EF34D42}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B55D290-DFB7-4A6C-BB15-1D1E26772A9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59E308C-B65C-4B08-99D6-B345B3A8A1B9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59A122B1-C081-4764-9144-CD216979CB5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58FE4187-2C97-44D9-9741-4E694C68AC6}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57D4B3F8-8276-48DF-9140-454017C346C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57A2F69A-F65B-4D21-A0C7-D9E191882515}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56ADE054-35BD-4DCC-966-C977DE2BF9E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56AA4579-63BB-48A9-B780-AB22B6AB442D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{568D5840-291C-49AF-B987-E7B1B1E0644}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5622D74E-E851-46F5-951D-34B6FB38D3C0}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{551B6191-32CC-4AC4-9095-BB55CA3E3916}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53C2D51F-7BA8-49A6-B7B-6B92F5EB24E4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53B6B19D-207-4111-A3E1-23E430A9EAED}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51EB78E2-2FBA-47B5-8616-6F53161B1EF1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5162A8FD-1D72-432E-B4B9-573B85119DA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50B1B7C3-2595-4E99-9865-761BAE62B6CA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{507F63E3-9603-4336-AB53-EBCF5388E7D2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5007D4C6-8C56-450A-97CE-ADE3E97CF5EA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FFFC9D8-93AC-4BC7-808B-F854F49CA369}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F6B1C6C-2249-4CFD-A134-621A27A22C46}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E855A4A-5AEB-4D00-8E8E-D5485D232140}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E7D4C47-83CD-4A07-BBE6-F50DD23EFE4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C2A0B3A-1FD2-42BB-A248-206F9A3E5F4E}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B18074D-972-43C5-89E3-D03942726EE}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49383267-55B6-4DFB-BFF1-2A761ACD247}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4899EFE3-F000-4615-A6C1-F1A25270F29}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47BE9FF4-1CA7-4400-AFB0-E7BB1D89ABCA}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{474427DD-BDA8-4ABE-AADC-8EB83D1C9BF}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46E293DB-F228-4901-B0E8-754CA1B51F1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46BE5891-A2DD-4C02-A838-6FEFE519D94C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46A91D6F-E32-4374-94D2-9D454FC7F16A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44B24859-2DFA-4B65-BF60-E3C2738B5C0}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43AB40A-6175-4B06-B84D-54CC9FE8B7D2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4387B682-B451-46C5-8D13-222E7149BEC}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{437F8BFC-50B8-48F9-AF6D-A33CD92C546}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{431A66ED-2C50-49B3-8EE-17B485FBA23}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42D761D5-6337-471C-A867-581C3348B33F}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42AE1373-5749-4943-B094-905D6639F92A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41CD0BFB-1228-41BC-9430-F88A1152094}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{413CF53E-9F2E-45B7-952E-9F41724B188}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3ED57557-E2BA-4AB7-938C-9BC53BB61A3}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E116976-8F23-4222-BF88-4B17C07BAB4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D6F66DF-9724-44FB-8CF-E23018E3457A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C3E8BE0-79BB-4F6D-9B53-6EB89BD43E65}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B846C8A-5DA6-44AC-8DD2-BCF19297AD21}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AFD4C43-EC76-49FA-AE52-7C114EF6CB89}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38A3941C-D5FD-42B7-86F-29CFE17807C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3845DE0B-7929-4519-B45-4DA1827F3393}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{383B2587-BA68-4D3F-861-CA33AFDC9A49}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37EED3A1-EBF8-443A-871B-143250F9464}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{379F72A1-F975-487C-81C4-9EE2816BA683}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37837B6C-F998-4C21-89BA-F46F9C08491}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36F2B3B6-1765-41AC-A747-4DC467E7A78}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{356F0359-B288-48FD-98E0-33A21A1D66B0}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34E1DF6A-1E15-4783-8C81-A7B8C6685B7}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{346A5871-3D9C-471E-9E37-11EE67358C86}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{340B5B54-DF39-46EE-A41B-BB9C988A8E2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{333F370F-10F1-41E7-9099-AF8C65099D}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{328251E6-866E-4ABB-A237-37A774791B1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{321080A8-220F-42B2-9AC7-AE856627075}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31E313F-6873-46D0-9E4A-27EBF1E53C85}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3160DA0B-6978-4293-8224-C917166FCC87}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30F68324-FC2F-40C2-B1AA-BD5A3E1BF32}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30DE9B66-310E-4F61-985-6F33FA2430C0}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3090A9C7-494F-4654-8B46-C6A1DBB9BC7}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E49020F-5E81-43D6-8810-8890AFBF775}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DEBC717-1E7A-48D6-AC90-6FD58B74BFF}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D7C64E-2B25-4FF5-9140-39856F1B9CE8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D268261-DBD6-4F9A-8DEC-2BC6C385E34}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B7EB52-C563-4FB8-8289-6F9A4AD4E7E5}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B78DB6B-4F13-4C6B-BB1F-813FFD073D8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B6EA106-20F7-4365-81D0-5AE48E2CB86A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B058451-EED-429F-B1E6-A5D1E6FA9E64}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2ABD85-8683-4FE5-A585-2E7EF71C796}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29FB571E-50C3-4CA0-AD27-C3533E4F3695}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{271F9120-B715-4249-8D7B-A4355CA8C45}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{270ABB65-B5C5-4D44-BB11-5586C5F0785}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26278B21-2479-4B2C-BB5B-3A60BEBA1D1A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25023EA7-924B-469F-8A3E-8026D82DED8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24F4D3C3-5BD6-43D9-A716-722B7703D9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23F1756E-BC41-40B2-8262-FD941F7BB44}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23D53AD0-A3B4-4253-A91D-B33A12314079}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22D9A347-C600-4043-8DB1-8025F33CE07F}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22CD93F2-ACB1-4DBE-B88F-E688844B256F}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2239E120-B8E1-4DA3-A4A8-D61B33B6BC1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{217F5573-FB0E-47B0-A51B-486C60BB1DF}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{211F3461-6150-4BBE-922A-1C92C1EA6F9C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{211CD504-1A9-41D9-8D22-D8ABDB8AA060}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2057B5AB-AFB5-4194-89E7-2BCE6F2F5446}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{200B555A-72C7-4013-A7DA-CFDA89DC1DE}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F6F452F-AC19-4533-9F2-FCF30AC736A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F68813C-EA65-4BBF-8C87-ACEB7F180C4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F2B63E-CA99-4137-B632-F13027822F33}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EF3038A-F712-4721-A2E6-A8647CE73AC9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EA2220A-4BE6-4E59-93AC-B7DA7D683BE}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C8330D-AC70-4681-B9C9-49CE3DDBE364}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AD5C4BF-AC97-442F-B9EF-8EA31BE52B8B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ACCF39E-E3-49EE-9C1F-5FB4F1EC1F7}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A4F9731-59E4-47F5-B63C-F8683F668EF8}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19F9770C-22B7-43DD-9B7-52A7586A5CD}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19691927-BEEF-4497-96E0-1E4A4DD376C1}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186E7762-42D-4600-931B-EEAE856681C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17ABEA57-617E-4748-806A-6F8D2C9FC9B}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1553552D-90FF-4DBB-A546-49DE9D2BF9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14916929-E83-4448-80D9-543D6B46A918}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1479E7D3-E196-481C-9585-8B3D7F4DECB}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{139A7DA5-5AFB-4288-83F7-A11A295A42C}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13542561-603A-4E26-ABAB-64D5E2E8E86}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{133304BE-528D-4C74-B0F6-E85F9D3C5E2}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12FA9C96-350B-4CB5-9111-72D87A69F5DE}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12C98B7D-8BA4-4FCB-8057-A09BD5396FDF}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12AA8E47-4B43-47FB-84CD-46AA88599C4}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{123C0882-2612-494A-B2DF-5A53C28C7631}
Deleted       HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [56433 octets] - [06/02/2019 16:47:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

-Informe de JRF:


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64 
Ran by Administrador (Administrator) on 06/02/2019 at 16:58:19,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 88 

Successfully deleted: C:\Windows\hgfs.sys (File) 
Successfully deleted: C:\Windows\prleth.sys (File) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22IML03T (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3H762NOR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4E3X9ED4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\54KGVG4A (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VMXEL00 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8W4C6AE9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BGA6PFL7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C7EDPN1X (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6REZFMG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D76K0AH4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DULFL93D (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F7469490 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GYNQPO3B (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HMW84K03 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOGNSL04 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0ZF8XK2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JOWZ7VRF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LYQ9P5CM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2MK1XLK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ML9LDQ5F (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MNAB52TV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N1GO3PCM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3UVONVI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N9YM2MMU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O7IDO6JF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OBDNCQBX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RE052FU0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKI3QY6M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO0NFEGR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UMBFNENM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UV12DHJS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKTXWSPE (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WL1IEE12 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XT10Z8CC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZCFF8PG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y8DL6VTT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZSDX41M6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZWA6JNV8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Administrador\AppData\Roaming\appdataFr3.bin (File) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\22IML03T (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3H762NOR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4E3X9ED4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\54KGVG4A (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VMXEL00 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8W4C6AE9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BGA6PFL7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C7EDPN1X (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6REZFMG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D76K0AH4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DULFL93D (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F7469490 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GYNQPO3B (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HMW84K03 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOGNSL04 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0ZF8XK2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JOWZ7VRF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LYQ9P5CM (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2MK1XLK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ML9LDQ5F (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MNAB52TV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N1GO3PCM (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N3UVONVI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N9YM2MMU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O7IDO6JF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OBDNCQBX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RE052FU0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKI3QY6M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SO0NFEGR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UMBFNENM (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UV12DHJS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKTXWSPE (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WL1IEE12 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XT10Z8CC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZCFF8PG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y8DL6VTT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZSDX41M6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZWA6JNV8 (Temporary Internet Files Folder) 



Registry: 3 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/02/2019 at 17:03:24,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-Informe de FRST + Addition.txt:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 4.02.2019
Ran by Administrador (administrator) on WIN-JKCQ8P2BBLH (06-02-2019 17:05:45)
Running from C:\Users\Administrador\Favorites\Desktop
Loaded Profiles: UpdatusUser & Administrador (Available Profiles: UpdatusUser & Ana & Administrador)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe
(Realtek) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-19] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2015-01-29] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4090176 2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> )
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [uTorrent] => C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe [1908920 2019-01-12] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f<*>] => C:\ProgramData\f3afbb9f\f3afbb9f.exe C:\ProgramData\f3afbb9f\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f2<*>] => C:\ProgramData\reZRknDNm\f3afbb9f.exe C:\ProgramData\reZRknDNm\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\MountPoints2: {3eec23e1-bd6b-11e3-a73f-74d43510c101} - E:\LGAutoRun.exe
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-05-04]
ShortcutTarget: IMVU.lnk -> C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * ꖤ瞌sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B83596F6-2098-4BA3-8F86-6DB52AE408BA}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2528625941-651579818-236654835-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2528625941-651579818-236654835-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2528625941-651579818-236654835-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2528625941-651579818-236654835-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2528625941-651579818-236654835-500 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2528625941-651579818-236654835-500 -> {B84465C4-27E6-4E8C-AE9C-2B8231F5CD3E} URL = hxxps://es.search.yahoo.com/search?p={searchTerms}&intl=es&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-29] (Oracle America, Inc. -> Oracle Corporation)
Handler: WSWSVCUchrome - No CLSID Value
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: otdwk0se.default-1528403617916
FF ProfilePath: C:\Users\Administrador\AppData\Roaming\Mozilla\Firefox\Profiles\otdwk0se.default-1528403617916 [2019-02-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2018-01-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2018-01-03] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [No File]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.es/
CHR StartupUrls: Default -> "hxxp://google.es/"
CHR Profile: C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default [2019-02-06]
CHR Extension: (Presentaciones) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Documentos) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-09]
CHR Extension: (YouTube) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-09]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-09]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2019-01-03]
CHR Extension: (Hojas de cálculo) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-06-09]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-10-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-09]
CHR Extension: (Chrome Media Router) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-08]
CHR HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\ADMINI~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-12-10]
CHR HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hehfmjlmadifgnaahehdnpcgcbmdgebg] - C:\Program Files (x86)\iDeals Shopping Optimizer\chrome-powl-deals.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc. -> Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-18] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-03-10] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc. -> McAfee, Inc.)
R2 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2018-10-11] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 RealtekCU; C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2016-03-20] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [491088 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [339536 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [182864 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Microsoft Windows -> Acer Laboratories Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] (Giga-Byte Technology -> )
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [87632 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [97856 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Microsoft Windows -> Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Microsoft Windows -> Broadcom Corporation)
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Microsoft Windows -> Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Microsoft Windows -> Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Microsoft Windows -> Brother Industries Ltd.)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (Microsoft Windows -> CMD Technology, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [530496 2009-07-14] (Microsoft Windows -> Emulex)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Microsoft Windows -> Hauppauge Computer Works, Inc.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [4433696 2013-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [442368 2013-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-02-06] (Malwarebytes Corporation -> Malwarebytes)
R2 MEmuDrv; C:\Program Files (x86)\Microvirt\MEmuHyperv\MEmuDrv.sys [319304 2018-03-30] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-14] (Microsoft Windows -> IBM Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1047144 2011-09-06] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Microsoft Windows -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21584 2013-05-06] (Giga-Byte Technology -> )
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2015-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S1 avriccoc; \??\C:\Windows\system32\drivers\avriccoc.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 godbjomg; \??\C:\Windows\system32\drivers\godbjomg.sys [X]
S1 jqgvaafh; \??\C:\Windows\system32\drivers\jqgvaafh.sys [X]
S1 kiwzdllk; \??\C:\Windows\system32\drivers\kiwzdllk.sys [X]
S1 pimwrxgh; \??\C:\Windows\system32\drivers\pimwrxgh.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-06 17:04 - 2019-02-06 17:05 - 000000000 ____D C:\FRST
2019-02-06 17:00 - 2019-02-06 17:00 - 000000000 ____D C:\ProgramData\reZRknDNm
2019-02-06 16:53 - 2019-02-06 16:53 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-06 16:48 - 2019-02-06 16:48 - 000000000 ____D C:\ProgramData\QAvcveUdO
2019-02-06 16:35 - 2019-02-06 16:35 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-06 16:35 - 2019-02-06 16:35 - 000000000 ____D C:\Users\Administrador\AppData\Local\mbam
2019-02-06 16:35 - 2019-02-06 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-06 16:34 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-02-06 16:28 - 2019-02-06 17:03 - 000000000 ____D C:\Users\Administrador\MediaFire\Documents\REGISTROS
2019-02-06 16:22 - 2019-02-06 17:00 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-06 16:09 - 2019-02-06 16:09 - 001790024 _____ (Malwarebytes) C:\Users\Administrador\Downloads\JRT.exe
2019-02-05 23:39 - 2019-02-05 23:40 - 452083878 _____ C:\Users\Administrador\Downloads\[Kanarianime-Bakari] Free! - 02 [BD] [4AD00419].mkv
2019-02-05 23:35 - 2019-02-05 23:36 - 490628094 _____ C:\Users\Administrador\Downloads\[Kanarianime-Bakari] Free! - 01 [BD] [A9358A50].mkv
2019-02-05 21:06 - 2019-02-05 21:07 - 000000000 ____D C:\Users\Administrador\.MemuHyperv
2019-02-05 21:06 - 2019-02-05 21:06 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
2019-02-05 21:05 - 2019-02-05 21:06 - 000000000 ____D C:\Users\Administrador\AppData\Local\Microvirt
2019-02-05 21:05 - 2019-02-05 21:05 - 000000000 ____D C:\Program Files (x86)\Microvirt
2019-02-05 20:59 - 2019-02-05 20:59 - 003488312 _____ (MEmu Play ) C:\Users\Administrador\Downloads\Memu-Installer.exe
2019-02-05 20:52 - 2019-02-05 20:52 - 000000300 _____ C:\Users\Administrador\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2019-02-05 20:31 - 2019-02-05 20:31 - 000000066 _____ C:\Users\Administrador\inittk.ini
2019-02-05 20:30 - 2019-02-05 20:30 - 000000045 _____ C:\Users\Administrador\nuuid.ini
2019-02-05 20:30 - 2019-02-05 20:30 - 000000041 _____ C:\Users\Administrador\inst.ini
2019-02-05 20:30 - 2019-02-05 20:30 - 000000000 ____D C:\Users\Administrador\Nox_share
2019-02-05 20:29 - 2019-02-05 20:30 - 000000000 ____D C:\Users\Administrador\vmlogs
2019-02-05 20:27 - 2019-02-05 20:55 - 000000000 ____D C:\Program Files (x86)\Nox
2019-02-05 20:26 - 2019-02-05 20:54 - 000000000 ____D C:\Users\Administrador\AppData\Local\Nox
2019-02-05 17:39 - 2019-02-05 17:39 - 000002125 _____ C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks Multi-Instance Manager.lnk
2019-02-05 17:30 - 2019-02-05 17:34 - 487644616 _____ (BlueStack Systems Inc.) C:\Users\Administrador\Downloads\BlueStacks-Installer_4.40.10.1013_amd64_native_4906e0b6f842d4f9a4de4929b77a0c69 (2).exe
2019-02-05 15:41 - 2019-02-05 15:42 - 392469724 _____ C:\Users\Administrador\Downloads\[Ñ-YnK] Goblin Slayer - 02 [720p] [281E563D].mkv
2019-02-05 15:38 - 2019-02-05 15:39 - 381253793 _____ C:\Users\Administrador\Downloads\[Ñ-YnK] Goblin Slayer - 01 [720p] [04F1CE21].mkv
2019-02-05 15:37 - 2019-02-05 15:38 - 365037361 _____ C:\Users\Administrador\Downloads\[Ñ-YnK] Goblin Slayer - 03 [720p] [230AF6BB].mkv
2019-02-05 15:34 - 2019-02-05 15:35 - 481155458 _____ C:\Users\Administrador\Downloads\[YnK] Kuroshitsuji - Book Of Murder - 02 [D67F70AE].mkv
2019-02-05 14:36 - 2019-02-05 14:36 - 411147675 _____ C:\Users\Administrador\Downloads\[YnK] Kuroshitsuji - Book Of Murder - 01 [38D1E794].mkv
2019-02-05 13:57 - 2019-02-05 13:57 - 000000017 _____ C:\Users\Administrador\AppData\Local\resmon.resmoncfg
2019-02-01 16:57 - 2019-02-01 16:57 - 000000000 ____D C:\Users\Administrador\AppData\Local\CrashRpt
2019-02-01 16:56 - 2019-02-01 16:56 - 000000000 ____D C:\Users\Administrador\AppData\Local\DiskDrill
2019-02-01 16:55 - 2019-02-01 16:55 - 000000000 ____D C:\Program Files (x86)\CleverFiles
2019-02-01 11:19 - 2019-02-01 16:06 - 000000000 _RSHD C:\ProgramData\Key-Base
2019-02-01 11:19 - 2019-02-01 11:19 - 000000000 ____D C:\ProgramData\{954F3326-1B91-E139-A9A1-5F9938248F40}
2019-02-01 11:04 - 2019-02-01 11:04 - 000000000 ____D C:\ProgramData\SystemAcCrux
2019-02-01 11:03 - 2019-02-01 16:31 - 000000000 ____D C:\Program Files (x86)\EaseUS
2019-01-31 21:32 - 2019-01-31 22:04 - 000000000 ____D C:\ProgramData\MYrFFDd
2019-01-31 20:47 - 2019-01-31 20:47 - 000000000 ____D C:\Users\Ana\AppData\Local\VirtualStore
2019-01-31 20:42 - 2019-01-31 20:47 - 000000000 ____D C:\Users\Ana\AppData\Local\Dropbox
2019-01-31 20:42 - 2019-01-31 20:42 - 000000000 ____D C:\Users\Ana\AppData\Roaming\ControlCenter4
2019-01-31 20:41 - 2019-01-31 20:41 - 000000000 ____D C:\Users\Ana\AppData\Roaming\Apple Computer
2019-01-31 20:41 - 2019-01-31 20:41 - 000000000 ____D C:\Users\Ana\AppData\Local\mbamtray
2019-01-31 20:40 - 2019-01-31 20:40 - 000002253 _____ C:\Users\Ana\Desktop\Google Chrome.lnk
2019-01-31 20:39 - 2019-01-31 20:39 - 000000000 ____D C:\Users\Ana\AppData\Local\NVIDIA
2019-01-25 12:55 - 2019-02-05 21:05 - 000000000 ____D C:\Users\Administrador\.android
2019-01-25 11:25 - 2019-02-05 23:34 - 000000000 ____D C:\Users\Administrador\Downloads\ANIMES QUE ESTOY VIENDO
2019-01-24 00:10 - 2019-01-24 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-01-23 21:01 - 2019-01-23 21:02 - 000000000 ____D C:\ixojghqvow__
2019-01-23 20:58 - 2019-02-06 15:56 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\23e97774a9b1700f2d4537ef8bda823c
2019-01-23 20:58 - 2019-01-23 20:58 - 000000000 ____D C:\webqderxqp__
2019-01-22 14:14 - 2019-01-22 14:14 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-01-22 14:14 - 2019-01-22 14:14 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-01-22 14:14 - 2019-01-22 14:14 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-01-22 14:14 - 2019-01-22 14:14 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-01-10 16:02 - 2018-12-29 00:42 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-10 16:02 - 2018-12-28 23:52 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-01-10 16:02 - 2018-12-28 21:03 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-01-10 16:02 - 2018-12-28 21:02 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-10 16:02 - 2018-12-28 21:02 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-10 16:02 - 2018-12-28 21:02 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-01-10 16:02 - 2018-12-28 21:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-10 16:02 - 2018-12-28 21:02 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-10 16:02 - 2018-12-28 21:02 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-10 16:02 - 2018-12-28 21:01 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-10 16:02 - 2018-12-28 20:59 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-10 16:02 - 2018-12-28 20:51 - 004055272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-01-10 16:02 - 2018-12-28 20:51 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-01-10 16:02 - 2018-12-28 20:50 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-01-10 16:02 - 2018-12-28 01:01 - 025738240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-10 16:02 - 2018-12-28 00:38 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-10 16:02 - 2018-12-28 00:25 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-10 16:02 - 2018-12-28 00:25 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-10 16:02 - 2018-12-28 00:17 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-01-10 16:02 - 2018-12-28 00:02 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-10 16:02 - 2018-12-27 23:48 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-10 16:02 - 2018-12-27 23:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-10 16:02 - 2018-12-27 23:45 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-10 16:02 - 2018-12-27 23:33 - 004860416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-10 16:02 - 2018-12-27 23:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-10 16:02 - 2018-12-27 23:29 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-01-10 16:02 - 2018-12-27 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-01-10 16:02 - 2018-12-27 23:22 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-10 16:02 - 2018-12-27 23:11 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-10 16:02 - 2018-12-27 23:07 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-10 16:02 - 2018-12-08 03:47 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-10 16:02 - 2018-12-07 16:33 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-10 16:01 - 2018-12-28 20:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-10 16:01 - 2018-12-28 20:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-10 16:01 - 2018-12-28 20:34 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-10 16:01 - 2018-12-28 20:31 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-01-10 16:01 - 2018-12-28 20:31 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-10 16:01 - 2018-12-28 20:31 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-10 16:01 - 2018-12-28 20:30 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-01-10 16:01 - 2018-12-28 20:28 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-10 16:01 - 2018-12-28 20:28 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-10 16:01 - 2018-12-28 20:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-10 16:01 - 2018-12-28 20:27 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-10 16:01 - 2018-12-28 20:27 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-10 16:01 - 2018-12-28 20:27 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-10 16:01 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-10 16:01 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-10 16:01 - 2018-12-28 20:27 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-10 16:01 - 2018-12-28 20:27 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-01-10 16:01 - 2018-12-28 20:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-01-10 16:01 - 2018-12-28 20:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-01-10 16:01 - 2018-12-28 20:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-01-10 16:01 - 2018-12-28 20:26 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-01-10 16:01 - 2018-12-28 20:26 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 20:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-01-10 16:01 - 2018-12-28 00:37 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-01-10 16:01 - 2018-12-28 00:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-10 16:01 - 2018-12-28 00:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-01-10 16:01 - 2018-12-28 00:36 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-01-10 16:01 - 2018-12-28 00:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-01-10 16:01 - 2018-12-28 00:31 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-10 16:01 - 2018-12-28 00:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-01-10 16:01 - 2018-12-28 00:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-01-10 16:01 - 2018-12-28 00:26 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-01-10 16:01 - 2018-12-28 00:25 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-01-10 16:01 - 2018-12-28 00:25 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-01-10 16:01 - 2018-12-28 00:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-10 16:01 - 2018-12-28 00:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-01-10 16:01 - 2018-12-28 00:07 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-01-10 16:01 - 2018-12-28 00:07 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-01-10 16:01 - 2018-12-28 00:06 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-01-10 16:01 - 2018-12-28 00:05 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-01-10 16:01 - 2018-12-28 00:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-01-10 16:01 - 2018-12-28 00:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-01-10 16:01 - 2018-12-28 00:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-01-10 16:01 - 2018-12-28 00:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-01-10 16:01 - 2018-12-28 00:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-01-10 16:01 - 2018-12-28 00:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-01-10 16:01 - 2018-12-28 00:01 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-01-10 16:01 - 2018-12-27 23:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-01-10 16:01 - 2018-12-27 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-01-10 16:01 - 2018-12-27 23:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-01-10 16:01 - 2018-12-27 23:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-01-10 16:01 - 2018-12-27 23:55 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-01-10 16:01 - 2018-12-27 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-01-10 16:01 - 2018-12-27 23:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-01-10 16:01 - 2018-12-27 23:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-10 16:01 - 2018-12-27 23:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-10 16:01 - 2018-12-27 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-01-10 16:01 - 2018-12-27 23:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-01-10 16:01 - 2018-12-27 23:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-01-10 16:01 - 2018-12-27 23:42 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-01-10 16:01 - 2018-12-27 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-01-10 16:01 - 2018-12-27 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-01-10 16:01 - 2018-12-27 23:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-01-10 16:01 - 2018-12-27 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-01-10 16:01 - 2018-12-27 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-01-10 16:01 - 2018-12-27 23:33 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-01-10 16:01 - 2018-12-27 23:31 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-01-10 16:01 - 2018-12-27 23:28 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-01-10 16:01 - 2018-12-27 23:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-10 16:01 - 2018-12-27 23:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-01-10 16:01 - 2018-12-08 04:08 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-01-10 16:01 - 2018-12-08 04:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-01-10 16:01 - 2018-12-08 04:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-01-10 16:01 - 2018-12-08 04:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-01-10 16:01 - 2018-12-08 04:08 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-01-10 16:01 - 2018-12-08 04:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-01-10 16:01 - 2018-12-08 03:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-01-10 16:01 - 2018-12-08 03:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-01-10 16:01 - 2018-12-08 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-01-10 16:01 - 2018-12-08 03:47 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-01-10 16:01 - 2018-12-08 03:47 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-01-10 16:01 - 2018-12-08 03:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-01-10 16:01 - 2018-12-08 03:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-01-10 16:01 - 2018-12-08 03:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-01-10 16:00 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2019-01-10 16:00 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\system32\locale.nls
2019-01-10 16:00 - 2018-12-28 00:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-01-10 16:00 - 2018-12-28 00:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-01-10 16:00 - 2018-12-28 00:17 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-06 17:03 - 2009-07-14 05:45 - 000010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-06 17:03 - 2009-07-14 05:45 - 000010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-06 16:58 - 2017-09-23 22:42 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\uTorrent
2019-02-06 16:55 - 2014-03-10 18:33 - 000000000 ____D C:\Users\UpdatusUser
2019-02-06 16:52 - 2018-12-15 21:18 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\uTorrent
2019-02-06 16:50 - 2014-03-10 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-06 16:50 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-06 16:48 - 2015-04-09 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-02-06 16:47 - 2015-04-22 18:59 - 000000000 ____D C:\AdwCleaner
2019-02-06 16:31 - 2014-04-14 22:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-06 16:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-06 16:25 - 2014-05-23 15:24 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-06 16:23 - 2014-05-22 21:30 - 000000000 ____D C:\Users\Administrador\AppData\Local\CrashDumps
2019-02-06 16:22 - 2014-03-12 14:23 - 000002788 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-06 16:22 - 2014-03-12 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-02-06 16:22 - 2014-03-12 14:23 - 000000000 ____D C:\Program Files\CCleaner
2019-02-06 16:14 - 2009-07-14 10:31 - 000751090 _____ C:\Windows\system32\perfh00A.dat
2019-02-06 16:14 - 2009-07-14 10:31 - 000160132 _____ C:\Windows\system32\perfc00A.dat
2019-02-06 16:14 - 2009-07-14 06:13 - 001686204 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-06 16:01 - 2016-12-10 18:18 - 000000000 ___RD C:\Users\Administrador\Google Drive
2019-02-06 00:23 - 2018-11-27 18:52 - 000000000 ____D C:\Users\Administrador\Downloads\MEmu Download
2019-02-06 00:21 - 2015-12-29 23:46 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\vlc
2019-02-05 21:06 - 2014-03-10 11:09 - 000000000 ____D C:\Users\Administrador
2019-02-05 20:28 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2019-02-05 13:23 - 2016-12-18 22:19 - 000000000 ___RD C:\Users\Administrador\Dropbox
2019-02-04 15:32 - 2018-12-17 14:19 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2019-02-03 19:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-01-31 20:41 - 2015-01-19 22:33 - 000117232 _____ C:\Users\Ana\AppData\Local\GDIPFONTCACHEV1.DAT
2019-01-31 20:40 - 2015-01-19 22:32 - 000002312 _____ C:\Users\Ana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-31 20:39 - 2015-01-19 22:32 - 000000656 __RSH C:\Users\Ana\ntuser.pol
2019-01-31 20:39 - 2015-01-19 22:32 - 000000000 ____D C:\Users\Ana\AppData\Local\Google
2019-01-31 20:39 - 2015-01-19 22:32 - 000000000 ____D C:\Users\Ana
2019-01-31 19:46 - 2014-03-10 20:59 - 000000000 ____D C:\Users\Administrador\AppData\Local\ElevatedDiagnostics
2019-01-29 22:31 - 2015-06-28 21:11 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-29 22:31 - 2014-09-19 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-29 22:24 - 2015-06-28 21:12 - 000099192 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-01-29 12:31 - 2014-03-12 16:41 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\Adobe
2019-01-29 00:15 - 2015-12-29 23:45 - 000000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-25 11:32 - 2016-09-21 18:37 - 000000000 ____D C:\Users\Administrador\Downloads\imagenes
2019-01-25 11:03 - 2018-12-17 14:21 - 000002008 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2019-01-24 00:10 - 2016-12-18 21:55 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-01-23 19:48 - 2018-01-29 22:47 - 000000000 ____D C:\Program Files (x86)\Opera
2019-01-17 13:48 - 2016-08-25 20:41 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-17 13:48 - 2016-08-25 20:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-17 00:20 - 2016-08-25 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-14 16:37 - 2009-07-14 06:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2019-01-12 21:42 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-01-11 19:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-01-10 19:47 - 2018-01-29 22:47 - 000003868 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1517262459
2019-01-10 00:04 - 2014-03-19 23:51 - 001659854 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-01-09 23:59 - 2014-03-17 16:32 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-09 23:59 - 2014-03-17 16:32 - 000000000 ____D C:\Windows\system32\MRT
2019-01-08 11:44 - 2018-06-07 16:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-07 16:17 - 2017-11-03 21:09 - 000001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-01-07 16:17 - 2017-09-15 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-01-07 16:17 - 2016-12-10 18:02 - 000002000 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-01-07 16:17 - 2016-12-10 18:02 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-01-07 14:13 - 2017-04-21 16:22 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\Mozilla
2019-01-07 14:04 - 2018-06-07 16:54 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== Files in the root of some directories =======

2015-03-09 22:30 - 2015-10-02 13:22 - 000000385 _____ () C:\Users\Administrador\AppData\Roaming\BYAIAMUF
2015-06-27 03:00 - 2016-01-11 11:43 - 000000125 _____ () C:\Users\Administrador\AppData\Roaming\D2Info0
2015-04-19 13:20 - 2015-10-02 13:22 - 000000626 _____ () C:\Users\Administrador\AppData\Roaming\d7wtLNWp7jIXw
2015-06-27 03:00 - 2016-01-11 12:30 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_1
2016-01-09 00:44 - 2016-01-11 11:45 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_2
2016-01-11 11:43 - 2016-01-11 11:59 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_3
2016-01-11 11:43 - 2016-01-11 11:58 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_4
2016-01-11 11:43 - 2016-01-11 11:54 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_5
2017-06-02 16:04 - 2017-11-11 20:44 - 038270608 _____ () C:\Users\Administrador\AppData\Roaming\gameboxsetup.exe
2015-12-09 01:03 - 2017-02-02 13:45 - 000000132 _____ () C:\Users\Administrador\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2012-05-03 12:12 - 2012-05-03 12:12 - 000000532 _____ () C:\Users\Administrador\AppData\Local\datos.txt
2018-09-28 14:27 - 2018-09-28 14:27 - 000000000 _____ () C:\Users\Administrador\AppData\Local\oobelibMkey.log
2019-02-05 13:57 - 2019-02-05 13:57 - 000000017 _____ () C:\Users\Administrador\AppData\Local\resmon.resmoncfg
2015-04-06 14:51 - 2015-04-09 11:40 - 000011804 _____ () C:\Users\Administrador\AppData\Local\Temp-log.txt
2016-04-17 16:18 - 2016-04-17 16:18 - 000005897 _____ () C:\Users\Administrador\AppData\Local\transitiontransition_26b96f71c6eea7cd47565f4c02ed0c77.ini
2016-08-15 19:43 - 2016-08-15 19:43 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{7F1DD215-7C33-44DE-975D-4CD17F0F12B9}
2017-11-02 15:46 - 2017-11-02 15:46 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{A9A190BA-08B6-4152-9306-CF612822E0F9}

Some files in TEMP:
====================
2019-02-05 20:20 - 2019-01-21 12:09 - 001161224 _____ (BlueStack Systems, Inc.) C:\Users\Administrador\AppData\Local\Temp\BlueStacksUninstaller.exe
2019-02-05 20:20 - 2019-01-21 12:11 - 001062408 _____ (BlueStack Systems, Inc.) C:\Users\Administrador\AppData\Local\Temp\HD-Common.dll
2019-02-05 20:20 - 2019-01-21 08:30 - 000421344 _____ (CodeTitans) C:\Users\Administrador\AppData\Local\Temp\JSon.dll
2019-02-05 20:54 - 2018-11-05 03:32 - 000083128 _____ () C:\Users\Administrador\AppData\Local\Temp\nox_uninst.exe
2019-01-23 20:58 - 2019-02-06 16:52 - 001060864 _____ (AutoIt Team) C:\Users\Administrador\AppData\Local\Temp\systeminfo.exe
2015-01-19 22:33 - 2015-01-19 22:33 - 000000000 ____D () C:\Users\Ana\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-09-05 13:26

==================== End of FRST.txt ============================
  • Informe de Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 4.02.2019
Ran by Administrador (06-02-2019 17:08:44)
Running from C:\Users\Administrador\Favorites\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-03-10 10:09:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2528625941-651579818-236654835-500 - Administrator - Enabled) => C:\Users\Administrador
Ana (S-1-5-21-2528625941-651579818-236654835-1044 - Administrator - Enabled) => C:\Users\Ana
HomeGroupUser$ (S-1-5-21-2528625941-651579818-236654835-1046 - Limited - Enabled)
Invitado (S-1-5-21-2528625941-651579818-236654835-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2528625941-651579818-236654835-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2528625941-651579818-236654835-500\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.)
Actualización de NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Ad-Aware Web Companion (HKLM-x32\...\{902C3D36-9254-437D-98AC-913B78E60864}) (Version: 1.1.922.1860 - Lavasoft) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
AppLogLibSetup (HKLM-x32\...\{7C40ADB8-AD6E-4CDF-94A1-06ACDC99F90F}) (Version: 1.0.2.0 - Brother Industries Ltd.) Hidden
Backup and Sync from Google (HKLM\...\{693CADB0-962B-4AC1-A939-9524B258C997}) (Version: 3.43.2448.9071 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{9483AB22-92AA-4161-9E79-DE77B71949DA}) (Version: 1.1.6.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{E9A086F3-E0CB-4E91-AABE-586D99788BC3}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{8281F578-2B02-4E98-956F-64E5D60D761B}) (Version: 1.1.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F98C83EC-0334-4F4E-8AC0-211DAC81ED35}) (Version: 1.0.5.2 - Brother Industries Ltd.) Hidden
BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden
DeviceDetect (HKLM-x32\...\{0B226409-96A6-47F0-84D8-89223B6F9479}) (Version: 1.0.3.4 - Brother Industries Ltd.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
iTunes (HKLM\...\{D34CA653-87BB-4605-826F-5525EE0A4664}) (Version: 12.7.2.60 - Apple Inc.)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
LavasoftTcpService (HKLM-x32\...\{90CF05DE-735F-42AB-A52A-F447FDFBE207}) (Version: 2.3.3.0 - Lavasoft) Hidden
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.895.1 - McAfee, Inc.)
MEmu (HKLM-x32\...\MEmu) (Version: 6.0.8.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 64.0 (x64 es-ES)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1007 - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{C9652153-FBF4-465F-A789-51476FF9BDFB}) (Version: 16.0.02800 - Nero AG)
NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
NVIDIA Controlador de 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVMS1000 (HKLM-x32\...\{D7079657-6D6A-4AD2-ABAB-416A10D44F66}) (Version: 1.00.0000 -   ) Hidden
NVMS1000 (HKLM-x32\...\InstallShield_{D7079657-6D6A-4AD2-ABAB-416A10D44F66}) (Version: 1.00.0000 -   )
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Panel de control de NVIDIA 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 341.44 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Prerequisite installer (HKLM-x32\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0004 - Nero AG) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Smart View (HKLM-x32\...\{5F8A3D28-643E-4062-80C9-37AD463EB61D}) (Version: 1.0.0.0 - Samsung )
StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] ()
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} =>  -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07321A2B-739F-4C92-9357-D3E71E522B67} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0803A98E-5E4C-4D81-9795-3C0424C53F90} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-21] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {20D38144-CB15-44DF-9D02-D6E0F56B5F8A} - \SUPERAntiSpyware Scheduled Task dbb34893-67fe-4602-9a5e-53236ed5d922 -> No File <==== ATTENTION
Task: {25A89929-E237-46B5-8371-55776F9C9E91} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {25C3977A-9181-4785-8972-CF3DEB3E061F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {3F39A68A-6ED6-4C36-8595-E3A48C405E27} - System32\Tasks\{06C9D931-0E10-4C97-B8AE-39E0D842E855} => C:\Windows\system32\pcalua.exe -a "C:\Users\Administrador\Downloads\chromeinstall-8u31 (3).exe" -d C:\Users\Administrador\Downloads
Task: {45E4D17D-93E2-4053-BAFA-9B39642EF820} - System32\Tasks\GoogleUpdateTaskMachineCore1d19c6fb19eb900 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {467EAE68-DF1C-47C9-BF2A-BA7BEC71D612} - System32\Tasks\GoogleUpdateTaskMachineCore1d1aaff3ea52cfc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
"C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware" could not be unlocked Error: 5. <==== ATTENTION
Task: {4A6CDA19-16A4-4A77-B191-F5123D7986CF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
Task: {5A5D5622-3F00-4A6B-B134-B7C5407CE9F4} - System32\Tasks\DropboxUpdateTaskMachineCore1d45262205d27ce => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5F55B485-5553-407E-A644-D9628E458BC4} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ea308dcec4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {6FBB46AB-5590-4AF4-A18E-7AF300D65098} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe
Task: {72BBBE58-4232-471C-8C98-67C7FCB30298} - System32\Tasks\GoogleUpdateTaskMachineCore1d06e0354b2be3e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {73D126B1-32F3-4D0C-B09E-AE0F82D27A02} - System32\Tasks\GoogleUpdateTaskMachineCore1d19c6f60ce3d57 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
"C:\Windows\System32\Tasks\Adobe Flash Player Updater" was unlocked. <==== ATTENTION
Task: {7C914F4D-97C3-48C5-9432-68DE65EF5E3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7EFD9AE7-94A4-4299-8D9E-5E102A1D824A} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6aa64be58651 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {877A33DB-34FC-4091-B5A3-566F7DE07A28} - System32\Tasks\AdobeGCInvoker-1.0-WIN-JKCQ8P2BBLH-Administrador => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {88462E43-EC86-48C0-9E4D-072FFE0217DB} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d049f49b4c8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {8885495B-0EB7-46F8-8A66-61335AF6BCDB} - System32\Tasks\BYAIAMUF => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: {9A893405-30D7-4F84-ABEF-20C7110E88A2} - System32\Tasks\{5A215FF5-57FF-4BF8-B027-9822075414AB} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u31.exe -d C:\Users\Administrador\Downloads
Task: {A1E6E820-F194-4587-8A17-9747C6742EF3} - \BHO updater -> No File <==== ATTENTION
Task: {A2AE6AC9-2BF0-48E6-8162-A5B393DB608F} - System32\Tasks\{1102F610-3C56-47B0-A8D2-356179DF9005} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u45.exe -d C:\Users\Administrador\Downloads
Task: {B0941449-A241-4E41-B80F-01CA51E54F12} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e23b309cf951 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {B320A1F0-2B1E-48E3-879D-E478388F1007} - System32\Tasks\{E59CB2EB-F758-4233-AD71-3E03CF7B98C9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\USB-AV Antivirus\Uninstall.exe"
Task: {BF21DF7A-3A46-423D-94E2-DC9546422EAC} - System32\Tasks\{F050E2D3-8406-4462-AC1E-06CF56003DDB} => C:\Windows\system32\pcalua.exe -a C:\Users\ADMINI~1\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {C285B905-FD0E-42A5-AEB2-22302FD3F760} - System32\Tasks\GoogleUpdateTaskMachineCore1d000decfbb71af => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {C39A6898-6E8B-4DDD-8207-87B81A085641} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Software Ltd -> Piriform Ltd)
Task: {C8D3DF45-A4FA-4E56-B3E6-059484DB7DF2} - System32\Tasks\DropboxUpdateTaskMachineCore1d439f829b15556 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D3A783CF-8E98-43E0-8662-5CB44A7CE306} - \SUPERAntiSpyware Scheduled Task cf38180e-19ef-482f-98cf-741c3c7f1984 -> No File <==== ATTENTION
Task: {D78B275F-879C-4F86-888F-EB3F38AAC6FA} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dce763e93f3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {DEB37370-0FDF-4A8D-893B-300BA7F63557} - System32\Tasks\Opera scheduled Autoupdate 1517262459 => C:\Program Files (x86)\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {DFB57B2A-63A1-4D94-8070-E99F938B5EE4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E7011466-9BCF-497C-81DA-407D3258E701} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ef8d44d0047d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {E9A0992C-AF1C-43E9-83F0-4806B66CB18E} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9133fd55cd5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {EEE7E4B6-2463-40D4-B3F1-8AD23E0EBAD8} - System32\Tasks\DropboxUpdateTaskMachineCore1d3ef67a56cb080 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F1108A80-9563-4891-B857-B183B72366C3} - System32\Tasks\GoogleUpdateTaskMachineCore1d11102bf5571f6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {F1D91309-F174-42D5-8878-AE4D6D6921A9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F2583919-18CC-4A1B-8EF8-ED1425F4E1EE} - System32\Tasks\GoogleUpdateTaskMachineCore1d090b421936b3d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {F439EC48-4D4A-41AD-969F-02E50FCAD836} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {FE00C933-2FCA-4D7F-B1F6-6DFAADFBAF86} - System32\Tasks\GoogleUpdateTaskMachineCore1cfec2d52bd2c5f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {FF0F91D8-F3A1-4276-8A1B-D89630CFCEB8} - System32\Tasks\GoogleUpdateTaskMachineCore1cfd45179cb4dad => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {FF3E60BB-19F4-4A3A-BD5E-895C0E5847FF} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf3af473e2fc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore1d45262205d27ce.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d19c6fb19eb900.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1aaff3ea52cfc.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-and-launch-app="C:\Users\Administrador\AppData\Roaming\Mozila"

==================== Loaded Modules (Whitelisted) ==============

2016-12-28 13:01 - 2015-02-27 14:38 - 000721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2019-02-05 21:05 - 2018-10-11 09:56 - 000085304 _____ () C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe
2016-11-29 17:08 - 2005-04-22 13:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll
2019-01-10 11:01 - 2019-01-10 11:01 - 000103560 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2019-02-06 16:35 - 2019-01-24 11:09 - 002714000 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-02-05 21:05 - 2018-09-06 10:01 - 000128552 _____ () C:\Program Files (x86)\Microvirt\MEmu\libgcc_s_dw2-1.dll
2009-02-27 16:38 - 2009-02-27 16:38 - 000139264 _____ () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Administrador\MediaFire:mf_x [104]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [127]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Classes\.exe:  =>  <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-04-22 17:44 - 2018-12-17 14:21 - 000451181 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15500 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64
HKU\S-1-5-21-2528625941-651579818-236654835-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AC114BA8-142F-4F1D-B3C6-1486BAB784F5}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{A62E24A4-62D0-4F58-9B2C-3D5A2FFB0A6C}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe ()
FirewallRules: [UDP Query User{907A95EB-82F6-4A39-9EAD-A5D331D58E04}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe ()
FirewallRules: [{8274BBEF-C87F-44FD-A273-B8A0D6632751}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{85CA363F-CAD7-442D-806D-AA83CA27E6AA}] => (Allow) C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9D41D203-0464-4AE3-9B6B-01362409332D}] => (Allow) C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{54AA4151-C29A-44D7-B3C4-E96A9151312D}C:\program files (x86)\nvms-1000\nvms-1000.exe] => (Allow) C:\program files (x86)\nvms-1000\nvms-1000.exe ()
FirewallRules: [UDP Query User{DD182055-FB98-44C6-9EB5-43A5A457E071}C:\program files (x86)\nvms-1000\nvms-1000.exe] => (Allow) C:\program files (x86)\nvms-1000\nvms-1000.exe ()
FirewallRules: [{330403AB-BF36-481C-8E2B-A47C9F2F4C89}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F2F7F0B7-0232-4E1D-A4F8-15D181C8FF31}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C3B2AB85-965D-47EF-9B39-547B5101C8A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{789FDE2F-D607-47E5-AC11-7395784C3C3F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D76A7DCF-60FC-4540-B8C4-E1E581EA0108}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E7259E4A-84FE-418F-A9A6-8AF77E5A14E5}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DCDA52D6-23FA-47D7-8380-0E5D95CDC6CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{D0963DA1-062D-48F7-872B-BFE94067B244}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{94533DF0-19B5-4154-83C6-4FE4ADDB7F3B}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{01AC6C78-9D79-4290-BE3F-A53B676B6B20}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{357FFA91-F503-4A9C-9F38-1873BC04B0CB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{52E7D500-9840-4211-B819-4B72D76D7F88}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)

==================== Restore Points =========================

04-02-2019 15:37:58 Windows Update
05-02-2019 17:24:04 Revo Uninstaller's restore point - MEmu
05-02-2019 20:19:27 Revo Uninstaller's restore point - BlueStacks App Player
05-02-2019 20:52:53 Revo Uninstaller's restore point - Nox APP Player
06-02-2019 16:32:29 Revo Uninstaller's restore point - Malwarebytes versión 3.7.1.2839
06-02-2019 16:58:25 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Adaptador de tunelización Teredo de Microsoft
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2019 04:32:26 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {e01a19b1-cd55-460e-ac36-8ff7acdea78e}

Error: (02/05/2019 08:19:18 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {39751723-28da-4c4d-b50e-1def8bd3781d}

Error: (02/05/2019 10:59:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RtWlan.exe, versión: 700.1642.1004.2011, marca de tiempo: 0x4e8b165b
Nombre del módulo con errores: RtlLib.dll, versión: 700.1078.817.2011, marca de tiempo: 0x4e730a27
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00014f2a
Id. del proceso con errores: 0x8b0
Hora de inicio de la aplicación con errores: 0x01d4bd39751b6160
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWlan.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlLib.dll
Id. del informe: cacc6ea4-292c-11e9-85cd-74d43510c101

Error: (02/03/2019 06:46:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RtWlan.exe, versión: 700.1642.1004.2011, marca de tiempo: 0x4e8b165b
Nombre del módulo con errores: RtlLib.dll, versión: 700.1078.817.2011, marca de tiempo: 0x4e730a27
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00014f2a
Id. del proceso con errores: 0x88c
Hora de inicio de la aplicación con errores: 0x01d4bbe83f37d3fb
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWlan.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlLib.dll
Id. del informe: 90bc1764-27db-11e9-a4e2-74d43510c101

Error: (02/01/2019 07:43:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MEmuHeadless.exe, versión: 5.1.34.21010, marca de tiempo: 0x5b0269b9
Nombre del módulo con errores: MEmuDD.DLL_unloaded, versión: 0.0.0.0, marca de tiempo: 0x5c4bfa6c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000007feda99949f
Id. del proceso con errores: 0x1fc0
Hora de inicio de la aplicación con errores: 0x01d4ba5dde745649
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Microvirt\MemuHyperv\MEmuHeadless.exe
Ruta de acceso del módulo con errores: MEmuDD.DLL
Id. del informe: 3895dafa-2651-11e9-be2e-74d43510c101

Error: (02/01/2019 07:32:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RtWlan.exe, versión: 700.1642.1004.2011, marca de tiempo: 0x4e8b165b
Nombre del módulo con errores: RtlLib.dll, versión: 700.1078.817.2011, marca de tiempo: 0x4e730a27
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00014f2a
Id. del proceso con errores: 0xaa4
Hora de inicio de la aplicación con errores: 0x01d4ba5c6a0222a4
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWlan.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlLib.dll
Id. del informe: c3f7c785-264f-11e9-be2e-74d43510c101

Error: (01/31/2019 09:04:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AdwCleaner.exe, versión: 7.0.2.1, marca de tiempo: 0x59a5f25e
Nombre del módulo con errores: AdwCleaner.exe, versión: 7.0.2.1, marca de tiempo: 0x59a5f25e
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0004c7aa
Id. del proceso con errores: 0x94c
Hora de inicio de la aplicación con errores: 0x01d4b9a02232581d
Ruta de acceso de la aplicación con errores: C:\Users\Administrador\Favorites\Desktop\AdwCleaner.exe
Ruta de acceso del módulo con errores: C:\Users\Administrador\Favorites\Desktop\AdwCleaner.exe
Id. del informe: 68678d89-2593-11e9-8640-74d43510c101

Error: (01/31/2019 08:42:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2019/01/31 20:42:37.034]: [00013296]: Initialize TwdsMain Class failed!


System errors:
=============
Error: (02/06/2019 05:00:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NVIDIA Display Driver Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (02/06/2019 04:52:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
UsbCharger

Error: (02/06/2019 04:52:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (02/06/2019 04:52:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (02/06/2019 04:52:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (60000 ms) para la conexión con el servicio Wondershare Application Framework Service.

Error: (02/06/2019 04:50:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (02/06/2019 04:50:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (02/06/2019 04:50:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.


CodeIntegrity:
===================================

Date: 2016-08-31 11:04:46.492
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-31 11:04:46.304
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-29 11:48:17.476
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-29 11:48:17.414
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-29 11:14:25.022
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-29 11:14:24.616
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-28 13:08:01.850
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-28 13:08:01.226
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 59%
Total physical RAM: 3983.27 MB
Available physical RAM: 1632.9 MB
Total Virtual: 7964.67 MB
Available Virtual: 5566.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:160.86 GB) NTFS

\\?\Volume{8430950b-a83b-11e3-bd0d-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7B3DD090)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Eso es todo. Muchas gracias por la ayuda y el tiempo dedicado.

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers4: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers6: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
Task: {20D38144-CB15-44DF-9D02-D6E0F56B5F8A} - \SUPERAntiSpyware Scheduled Task dbb34893-67fe-4602-9a5e-53236ed5d922 -> No File <==== ATTENTION
Task: {3F39A68A-6ED6-4C36-8595-E3A48C405E27} - System32\Tasks\{06C9D931-0E10-4C97-B8AE-39E0D842E855} => C:\Windows\system32\pcalua.exe -a "C:\Users\Administrador\Downloads\chromeinstall-8u31 (3).exe" -d C:\Users\Administrador\Downloads
"C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware" could not be unlocked Error: 5. <==== ATTENTION
Task: {4A6CDA19-16A4-4A77-B191-F5123D7986CF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
"C:\Windows\System32\Tasks\Adobe Flash Player Updater" was unlocked. <==== ATTENTION
Task: {8885495B-0EB7-46F8-8A66-61335AF6BCDB} - System32\Tasks\BYAIAMUF => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: {9A893405-30D7-4F84-ABEF-20C7110E88A2} - System32\Tasks\{5A215FF5-57FF-4BF8-B027-9822075414AB} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u31.exe -d C:\Users\Administrador\Downloads
Task: {A1E6E820-F194-4587-8A17-9747C6742EF3} - \BHO updater -> No File <==== ATTENTION
Task: {A2AE6AC9-2BF0-48E6-8162-A5B393DB608F} - System32\Tasks\{1102F610-3C56-47B0-A8D2-356179DF9005} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u45.exe -d C:\Users\Administrador\Downloads
Task: {B320A1F0-2B1E-48E3-879D-E478388F1007} - System32\Tasks\{E59CB2EB-F758-4233-AD71-3E03CF7B98C9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\USB-AV Antivirus\Uninstall.exe"
Task: {BF21DF7A-3A46-423D-94E2-DC9546422EAC} - System32\Tasks\{F050E2D3-8406-4462-AC1E-06CF56003DDB} => C:\Windows\system32\pcalua.exe -a C:\Users\ADMINI~1\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {D3A783CF-8E98-43E0-8662-5CB44A7CE306} - \SUPERAntiSpyware Scheduled Task cf38180e-19ef-482f-98cf-741c3c7f1984 -> No File <==== ATTENTION
Task: {DFB57B2A-63A1-4D94-8070-E99F938B5EE4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Administrador\MediaFire:mf_x [104]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [127]
HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Classes\.exe: => <==== ATTENTION
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f<*>] => C:\ProgramData\f3afbb9f\f3afbb9f.exe C:\ProgramData\f3afbb9f\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f2<*>] => C:\ProgramData\reZRknDNm\f3afbb9f.exe C:\ProgramData\reZRknDNm\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\MountPoints2: {3eec23e1-bd6b-11e3-a73f-74d43510c101} - E:\LGAutoRun.exe
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-05-04]
ShortcutTarget: IMVU.lnk -> C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * ??sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Handler: WSWSVCUchrome - No CLSID Value
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [No File]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [hehfmjlmadifgnaahehdnpcgcbmdgebg] - C:\Program Files (x86)\iDeals Shopping Optimizer\chrome-powl-deals.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc. -> McAfee, Inc.)
S1 avriccoc; \??\C:\Windows\system32\drivers\avriccoc.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 godbjomg; \??\C:\Windows\system32\drivers\godbjomg.sys [X]
S1 jqgvaafh; \??\C:\Windows\system32\drivers\jqgvaafh.sys [X]
S1 kiwzdllk; \??\C:\Windows\system32\drivers\kiwzdllk.sys [X]
S1 pimwrxgh; \??\C:\Windows\system32\drivers\pimwrxgh.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f<*>] => C:\ProgramData\f3afbb9f\f3afbb9f.exe C:\ProgramData\f3afbb9f\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f2<*>] => C:\ProgramData\reZRknDNm\f3afbb9f.exe C:\ProgramData\reZRknDNm\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\MountPoints2: {3eec23e1-bd6b-11e3-a73f-74d43510c101} - E:\LGAutoRun.exe
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-05-04]
ShortcutTarget: IMVU.lnk -> C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * ??sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Handler: WSWSVCUchrome - No CLSID Value
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [No File]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [hehfmjlmadifgnaahehdnpcgcbmdgebg] - C:\Program Files (x86)\iDeals Shopping Optimizer\chrome-powl-deals.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc. -> McAfee, Inc.)
S1 avriccoc; \??\C:\Windows\system32\drivers\avriccoc.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 godbjomg; \??\C:\Windows\system32\drivers\godbjomg.sys [X]
S1 jqgvaafh; \??\C:\Windows\system32\drivers\jqgvaafh.sys [X]
S1 kiwzdllk; \??\C:\Windows\system32\drivers\kiwzdllk.sys [X]
S1 pimwrxgh; \??\C:\Windows\system32\drivers\pimwrxgh.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2015-03-09 22:30 - 2015-10-02 13:22 - 000000385 _____ () C:\Users\Administrador\AppData\Roaming\BYAIAMUF
2015-06-27 03:00 - 2016-01-11 11:43 - 000000125 _____ () C:\Users\Administrador\AppData\Roaming\D2Info0
2015-04-19 13:20 - 2015-10-02 13:22 - 000000626 _____ () C:\Users\Administrador\AppData\Roaming\d7wtLNWp7jIXw
2015-06-27 03:00 - 2016-01-11 12:30 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_1
2016-01-09 00:44 - 2016-01-11 11:45 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_2
2016-01-11 11:43 - 2016-01-11 11:59 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_3
2016-01-11 11:43 - 2016-01-11 11:58 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_4
2016-01-11 11:43 - 2016-01-11 11:54 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_5
2017-06-02 16:04 - 2017-11-11 20:44 - 038270608 _____ () C:\Users\Administrador\AppData\Roaming\gameboxsetup.exe
2012-05-03 12:12 - 2012-05-03 12:12 - 000000532 _____ () C:\Users\Administrador\AppData\Local\datos.txt
2018-09-28 14:27 - 2018-09-28 14:27 - 000000000 _____ () C:\Users\Administrador\AppData\Local\oobelibMkey.log
2019-02-05 13:57 - 2019-02-05 13:57 - 000000017 _____ () C:\Users\Administrador\AppData\Local\resmon.resmoncfg
2015-04-06 14:51 - 2015-04-09 11:40 - 000011804 _____ () C:\Users\Administrador\AppData\Local\Temp-log.txt
2016-04-17 16:18 - 2016-04-17 16:18 - 000005897 _____ () C:\Users\Administrador\AppData\Local\transitiontransition_26b96f71c6eea7cd47565f4c02ed0c77.ini
2016-08-15 19:43 - 2016-08-15 19:43 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{7F1DD215-7C33-44DE-975D-4CD17F0F12B9}
2017-11-02 15:46 - 2017-11-02 15:46 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{A9A190BA-08B6-4152-9306-CF612822E0F9}
2019-02-05 20:20 - 2019-01-21 12:09 - 001161224 _____ (BlueStack Systems, Inc.) C:\Users\Administrador\AppData\Local\Temp\BlueStacksUninstaller.exe
2019-02-05 20:20 - 2019-01-21 12:11 - 001062408 _____ (BlueStack Systems, Inc.) C:\Users\Administrador\AppData\Local\Temp\HD-Common.dll
2019-02-05 20:20 - 2019-01-21 08:30 - 000421344 _____ (CodeTitans) C:\Users\Administrador\AppData\Local\Temp\JSon.dll
2019-02-05 20:54 - 2018-11-05 03:32 - 000083128 _____ () C:\Users\Administrador\AppData\Local\Temp\nox_uninst.exe
2019-01-23 20:58 - 2019-02-06 16:52 - 001060864 _____ (AutoIt Team) C:\Users\Administrador\AppData\Local\Temp\systeminfo.exe
2015-01-19 22:33 - 2015-01-19 22:33 - 000000000 ____D () C:\Users\Ana\AppData\Local\Temp\avgnt.exe
2019-01-25 11:03 - 2018-12-17 14:21 - 000002008 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Hola.

He hecho todo lo que me has dicho, pero sigue igual. Por lo menos ya me quedo un poco mas tranquila de que no sea un problema del equipo.

Dejo el informe:

Fix result of Farbar Recovery Scan Tool (x64) Version: 6.02.2019
Ran by Administrador (07-02-2019 11:27:41) Run:1
Running from C:\Users\Administrador\Favorites\Desktop
Loaded Profiles: Administrador (Available Profiles: UpdatusUser & Ana & Administrador)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers4: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers6: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
Task: {20D38144-CB15-44DF-9D02-D6E0F56B5F8A} - \SUPERAntiSpyware Scheduled Task dbb34893-67fe-4602-9a5e-53236ed5d922 -> No File <==== ATTENTION
Task: {3F39A68A-6ED6-4C36-8595-E3A48C405E27} - System32\Tasks\{06C9D931-0E10-4C97-B8AE-39E0D842E855} => C:\Windows\system32\pcalua.exe -a "C:\Users\Administrador\Downloads\chromeinstall-8u31 (3).exe" -d C:\Users\Administrador\Downloads
"C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware" could not be unlocked Error: 5. <==== ATTENTION
Task: {4A6CDA19-16A4-4A77-B191-F5123D7986CF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
"C:\Windows\System32\Tasks\Adobe Flash Player Updater" was unlocked. <==== ATTENTION
Task: {8885495B-0EB7-46F8-8A66-61335AF6BCDB} - System32\Tasks\BYAIAMUF => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: {9A893405-30D7-4F84-ABEF-20C7110E88A2} - System32\Tasks\{5A215FF5-57FF-4BF8-B027-9822075414AB} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u31.exe -d C:\Users\Administrador\Downloads
Task: {A1E6E820-F194-4587-8A17-9747C6742EF3} - \BHO updater -> No File <==== ATTENTION
Task: {A2AE6AC9-2BF0-48E6-8162-A5B393DB608F} - System32\Tasks\{1102F610-3C56-47B0-A8D2-356179DF9005} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u45.exe -d C:\Users\Administrador\Downloads
Task: {B320A1F0-2B1E-48E3-879D-E478388F1007} - System32\Tasks\{E59CB2EB-F758-4233-AD71-3E03CF7B98C9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\USB-AV Antivirus\Uninstall.exe"
Task: {BF21DF7A-3A46-423D-94E2-DC9546422EAC} - System32\Tasks\{F050E2D3-8406-4462-AC1E-06CF56003DDB} => C:\Windows\system32\pcalua.exe -a C:\Users\ADMINI~1\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {D3A783CF-8E98-43E0-8662-5CB44A7CE306} - \SUPERAntiSpyware Scheduled Task cf38180e-19ef-482f-98cf-741c3c7f1984 -> No File <==== ATTENTION
Task: {DFB57B2A-63A1-4D94-8070-E99F938B5EE4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Administrador\MediaFire:mf_x [104]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [127]
HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Classes\.exe: => <==== ATTENTION
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f<*>] => C:\ProgramData\f3afbb9f\f3afbb9f.exe C:\ProgramData\f3afbb9f\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f2<*>] => C:\ProgramData\reZRknDNm\f3afbb9f.exe C:\ProgramData\reZRknDNm\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\MountPoints2: {3eec23e1-bd6b-11e3-a73f-74d43510c101} - E:\LGAutoRun.exe
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-05-04]
ShortcutTarget: IMVU.lnk -> C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * ??sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Handler: WSWSVCUchrome - No CLSID Value
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [No File]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [hehfmjlmadifgnaahehdnpcgcbmdgebg] - C:\Program Files (x86)\iDeals Shopping Optimizer\chrome-powl-deals.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc. -> McAfee, Inc.)
S1 avriccoc; \??\C:\Windows\system32\drivers\avriccoc.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 godbjomg; \??\C:\Windows\system32\drivers\godbjomg.sys [X]
S1 jqgvaafh; \??\C:\Windows\system32\drivers\jqgvaafh.sys [X]
S1 kiwzdllk; \??\C:\Windows\system32\drivers\kiwzdllk.sys [X]
S1 pimwrxgh; \??\C:\Windows\system32\drivers\pimwrxgh.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f<*>] => C:\ProgramData\f3afbb9f\f3afbb9f.exe C:\ProgramData\f3afbb9f\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f2<*>] => C:\ProgramData\reZRknDNm\f3afbb9f.exe C:\ProgramData\reZRknDNm\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\MountPoints2: {3eec23e1-bd6b-11e3-a73f-74d43510c101} - E:\LGAutoRun.exe
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-05-04]
ShortcutTarget: IMVU.lnk -> C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * ??sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Handler: WSWSVCUchrome - No CLSID Value
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [No File]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [hehfmjlmadifgnaahehdnpcgcbmdgebg] - C:\Program Files (x86)\iDeals Shopping Optimizer\chrome-powl-deals.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc. -> McAfee, Inc.)
S1 avriccoc; \??\C:\Windows\system32\drivers\avriccoc.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 godbjomg; \??\C:\Windows\system32\drivers\godbjomg.sys [X]
S1 jqgvaafh; \??\C:\Windows\system32\drivers\jqgvaafh.sys [X]
S1 kiwzdllk; \??\C:\Windows\system32\drivers\kiwzdllk.sys [X]
S1 pimwrxgh; \??\C:\Windows\system32\drivers\pimwrxgh.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2015-03-09 22:30 - 2015-10-02 13:22 - 000000385 _____ () C:\Users\Administrador\AppData\Roaming\BYAIAMUF
2015-06-27 03:00 - 2016-01-11 11:43 - 000000125 _____ () C:\Users\Administrador\AppData\Roaming\D2Info0
2015-04-19 13:20 - 2015-10-02 13:22 - 000000626 _____ () C:\Users\Administrador\AppData\Roaming\d7wtLNWp7jIXw
2015-06-27 03:00 - 2016-01-11 12:30 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_1
2016-01-09 00:44 - 2016-01-11 11:45 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_2
2016-01-11 11:43 - 2016-01-11 11:59 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_3
2016-01-11 11:43 - 2016-01-11 11:58 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_4
2016-01-11 11:43 - 2016-01-11 11:54 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_5
2017-06-02 16:04 - 2017-11-11 20:44 - 038270608 _____ () C:\Users\Administrador\AppData\Roaming\gameboxsetup.exe
2012-05-03 12:12 - 2012-05-03 12:12 - 000000532 _____ () C:\Users\Administrador\AppData\Local\datos.txt
2018-09-28 14:27 - 2018-09-28 14:27 - 000000000 _____ () C:\Users\Administrador\AppData\Local\oobelibMkey.log
2019-02-05 13:57 - 2019-02-05 13:57 - 000000017 _____ () C:\Users\Administrador\AppData\Local\resmon.resmoncfg
2015-04-06 14:51 - 2015-04-09 11:40 - 000011804 _____ () C:\Users\Administrador\AppData\Local\Temp-log.txt
2016-04-17 16:18 - 2016-04-17 16:18 - 000005897 _____ () C:\Users\Administrador\AppData\Local\transitiontransition_26b96f71c6eea7cd47565f4c02ed0c77.ini
2016-08-15 19:43 - 2016-08-15 19:43 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{7F1DD215-7C33-44DE-975D-4CD17F0F12B9}
2017-11-02 15:46 - 2017-11-02 15:46 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{A9A190BA-08B6-4152-9306-CF612822E0F9}
2019-02-05 20:20 - 2019-01-21 12:09 - 001161224 _____ (BlueStack Systems, Inc.) C:\Users\Administrador\AppData\Local\Temp\BlueStacksUninstaller.exe
2019-02-05 20:20 - 2019-01-21 12:11 - 001062408 _____ (BlueStack Systems, Inc.) C:\Users\Administrador\AppData\Local\Temp\HD-Common.dll
2019-02-05 20:20 - 2019-01-21 08:30 - 000421344 _____ (CodeTitans) C:\Users\Administrador\AppData\Local\Temp\JSon.dll
2019-02-05 20:54 - 2018-11-05 03:32 - 000083128 _____ () C:\Users\Administrador\AppData\Local\Temp\nox_uninst.exe
2019-01-23 20:58 - 2019-02-06 16:52 - 001060864 _____ (AutoIt Team) C:\Users\Administrador\AppData\Local\Temp\systeminfo.exe
2015-01-19 22:33 - 2015-01-19 22:33 - 000000000 ____D () C:\Users\Ana\AppData\Local\Temp\avgnt.exe
2019-01-25 11:03 - 2018-12-17 14:21 - 000002008 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\iSafeRKScan => invalid subkey removed.
HKLM\Software\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\iSafeRKScan => invalid subkey removed.
HKLM\Software\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\iSafeRKScan => invalid subkey removed.
HKLM\Software\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20D38144-CB15-44DF-9D02-D6E0F56B5F8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task dbb34893-67fe-4602-9a5e-53236ed5d922" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F39A68A-6ED6-4C36-8595-E3A48C405E27}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F39A68A-6ED6-4C36-8595-E3A48C405E27}" => removed successfully
C:\Windows\System32\Tasks\{06C9D931-0E10-4C97-B8AE-39E0D842E855} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06C9D931-0E10-4C97-B8AE-39E0D842E855}" => removed successfully
"C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware" could not be unlocked Error: 5. <==== ATTENTION" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A6CDA19-16A4-4A77-B191-F5123D7986CF}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" => removed successfully
"C:\Windows\System32\Tasks\Adobe Flash Player Updater" was unlocked. <==== ATTENTION" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8885495B-0EB7-46F8-8A66-61335AF6BCDB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8885495B-0EB7-46F8-8A66-61335AF6BCDB}" => removed successfully
C:\Windows\System32\Tasks\BYAIAMUF => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BYAIAMUF" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A893405-30D7-4F84-ABEF-20C7110E88A2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A893405-30D7-4F84-ABEF-20C7110E88A2}" => removed successfully
C:\Windows\System32\Tasks\{5A215FF5-57FF-4BF8-B027-9822075414AB} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5A215FF5-57FF-4BF8-B027-9822075414AB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1E6E820-F194-4587-8A17-9747C6742EF3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1E6E820-F194-4587-8A17-9747C6742EF3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BHO updater" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2AE6AC9-2BF0-48E6-8162-A5B393DB608F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2AE6AC9-2BF0-48E6-8162-A5B393DB608F}" => removed successfully
C:\Windows\System32\Tasks\{1102F610-3C56-47B0-A8D2-356179DF9005} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1102F610-3C56-47B0-A8D2-356179DF9005}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B320A1F0-2B1E-48E3-879D-E478388F1007}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B320A1F0-2B1E-48E3-879D-E478388F1007}" => removed successfully
C:\Windows\System32\Tasks\{E59CB2EB-F758-4233-AD71-3E03CF7B98C9} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E59CB2EB-F758-4233-AD71-3E03CF7B98C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF21DF7A-3A46-423D-94E2-DC9546422EAC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF21DF7A-3A46-423D-94E2-DC9546422EAC}" => removed successfully
C:\Windows\System32\Tasks\{F050E2D3-8406-4462-AC1E-06CF56003DDB} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F050E2D3-8406-4462-AC1E-06CF56003DDB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3A783CF-8E98-43E0-8662-5CB44A7CE306}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task cf38180e-19ef-482f-98cf-741c3c7f1984" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFB57B2A-63A1-4D94-8070-E99F938B5EE4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
C:\Windows\Tasks\BYAIAMUF.job => moved successfully
C:\Users\Administrador\MediaFire => ":mf_x" ADS could not remove.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully
C:\ProgramData\TEMP => ":890CC2F3" ADS removed successfully
HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Classes\.exe => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\*f3afbb9f<*>" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\*f3afbb9f2<*>" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => removed successfully
HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3eec23e1-bd6b-11e3-a73f-74d43510c101} => removed successfully
HKLM\Software\Classes\CLSID\{3eec23e1-bd6b-11e3-a73f-74d43510c101} => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully
HKLM\Software\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => removed successfully
C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk => moved successfully
"C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe" => not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe => moved successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\WSWSVCUchrome => removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => removed successfully
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.8 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@Nero.com/KM => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hehfmjlmadifgnaahehdnpcgcbmdgebg => removed successfully
HKLM\System\CurrentControlSet\Services\McComponentHostService => removed successfully
McComponentHostService => service removed successfully
HKLM\System\CurrentControlSet\Services\avriccoc => removed successfully
avriccoc => service removed successfully
HKLM\System\CurrentControlSet\Services\BAPIDRV => removed successfully
BAPIDRV => service removed successfully
HKLM\System\CurrentControlSet\Services\dbx => removed successfully
dbx => service removed successfully
HKLM\System\CurrentControlSet\Services\godbjomg => removed successfully
godbjomg => service removed successfully
HKLM\System\CurrentControlSet\Services\jqgvaafh => removed successfully
jqgvaafh => service removed successfully
HKLM\System\CurrentControlSet\Services\kiwzdllk => removed successfully
kiwzdllk => service removed successfully
HKLM\System\CurrentControlSet\Services\pimwrxgh => removed successfully
pimwrxgh => service removed successfully
HKLM\System\CurrentControlSet\Services\xhunter1 => removed successfully
xhunter1 => service removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\*f3afbb9f<*>" => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\*f3afbb9f2<*>" => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => not found
HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3eec23e1-bd6b-11e3-a73f-74d43510c101} => not found
HKLM\Software\Classes\CLSID\{3eec23e1-bd6b-11e3-a73f-74d43510c101} => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => not found
HKLM\Software\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => not found
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => not found
"C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk" => not found
"C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" => not found
"C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe" => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"C:\Windows\system32\GroupPolicy\Machine" => not found
"C:\Windows\system32\GroupPolicy\User" => not found
"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User" => not found
HKLM\SOFTWARE\Policies\Google => not found
HKLM\Software\Classes\PROTOCOLS\Handler\WSWSVCUchrome => not found
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.8 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0 => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0 => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@Nero.com/KM => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hehfmjlmadifgnaahehdnpcgcbmdgebg => not found
McComponentHostService => service not found.
avriccoc => service not found.
BAPIDRV => service not found.
dbx => service not found.
godbjomg => service not found.
jqgvaafh => service not found.
kiwzdllk => service not found.
pimwrxgh => service not found.
xhunter1 => service not found.
C:\Users\Administrador\AppData\Roaming\BYAIAMUF => moved successfully
C:\Users\Administrador\AppData\Roaming\D2Info0 => moved successfully
C:\Users\Administrador\AppData\Roaming\d7wtLNWp7jIXw => moved successfully
C:\Users\Administrador\AppData\Roaming\DofusAppId0_1 => moved successfully
C:\Users\Administrador\AppData\Roaming\DofusAppId0_2 => moved successfully
C:\Users\Administrador\AppData\Roaming\DofusAppId0_3 => moved successfully
C:\Users\Administrador\AppData\Roaming\DofusAppId0_4 => moved successfully
C:\Users\Administrador\AppData\Roaming\DofusAppId0_5 => moved successfully
C:\Users\Administrador\AppData\Roaming\gameboxsetup.exe => moved successfully
C:\Users\Administrador\AppData\Local\datos.txt => moved successfully
C:\Users\Administrador\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\Administrador\AppData\Local\resmon.resmoncfg => moved successfully
C:\Users\Administrador\AppData\Local\Temp-log.txt => moved successfully
C:\Users\Administrador\AppData\Local\transitiontransition_26b96f71c6eea7cd47565f4c02ed0c77.ini => moved successfully
C:\Users\Administrador\AppData\Local\{7F1DD215-7C33-44DE-975D-4CD17F0F12B9} => moved successfully
C:\Users\Administrador\AppData\Local\{A9A190BA-08B6-4152-9306-CF612822E0F9} => moved successfully
C:\Users\Administrador\AppData\Local\Temp\BlueStacksUninstaller.exe => moved successfully
C:\Users\Administrador\AppData\Local\Temp\HD-Common.dll => moved successfully
C:\Users\Administrador\AppData\Local\Temp\JSon.dll => moved successfully
C:\Users\Administrador\AppData\Local\Temp\nox_uninst.exe => moved successfully
C:\Users\Administrador\AppData\Local\Temp\systeminfo.exe => moved successfully
C:\Users\Ana\AppData\Local\Temp\avgnt.exe => moved successfully
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::9189:1065:e9af:ea22%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.37
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18722604 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 25533187 B
Edge => 0 B
Chrome => 361591792 B
Firefox => 15747825 B
Opera => 252180 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 148373 B
LocalService => 132372 B
NetworkService => 64116986 B
UpdatusUser => 0 B
Ana => 183814 B
Administrador => 346831571 B

RecycleBin => 0 B
EmptyTemp: => 794.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:28:14 ====

Muchas gracias por la ayuda.

Hola.

Vamos a seguir comprobando tu equipo, para hacerlo usas este herramienta :

:arrow_right: Manual de UsbFix

Úsalo igualmente con el equipo/disco conectado directamente por un cable a un puerto USB directo del ordenador. :+1:

Nos pones los informes y comentas. :roll_eyes:

Saludos.

Buenos días.

Os paso los informes, he hecho los tres limpiados, el full, el de windows, y el de usb, os dejo los tres informes en ese orden.

# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Versión : 11.011
# Base de datos : 2019.01.29 
# Contacto : https://www.usb-antivirus.com/es/contacto
# ----------------------------------------------------
# Tipo de escaneo : Full
# Usuario : Administrador (Administrador)
# Dispositivo : WIN-JKCQ8P2BBLH
# Comenzó : 08/02/2019 12:23:51
# ----------------------------------------------------

------------ | Discos analizados |

C:\	NTFS	(147GB/466GB)	[Fixed] 

------------ | Elemento(s) infectado(s) |


------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
04 - HKCU\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKCU\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKCU\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
04 - HKLM\..\Run : [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
04 - HKLM\..\Run : [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
04 - HKLM\..\Run : [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - [x64] HKLM\..\Run : [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-1000\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

------------ | Tasks |

Task - Adobe Acrobat Update Task --> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task - Adobe Flash Player PPAPI Notifier --> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe -check pepperplugin
Task - Adobe Flash Player Updater --> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task - AdobeGCInvoker-1.0-WIN-JKCQ8P2BBLH-Administrador --> C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
Task - CCleaner Update --> C:\Program Files\CCleaner\CCUpdate.exe
Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Task - DropboxUpdateTaskMachineCore --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d3ef67a56cb080 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d439f829b15556 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d45262205d27ce --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cf6aa64be58651 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfd45179cb4dad --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfec2d52bd2c5f --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d000decfbb71af --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d06e0354b2be3e --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d090b421936b3d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0bf3af473e2fc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0e23b309cf951 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ea308dcec4 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ef8d44d0047d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d11102bf5571f6 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d12d049f49b4c8 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d15dce763e93f3 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6f60ce3d57 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6fb19eb900 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1aaff3ea52cfc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1e9133fd55cd5 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Task - Norton WSC Integration --> "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe" /taskschd
Task - Opera scheduled Autoupdate 1517262459 --> C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
Task - User_Feed_Synchronization-{620B0231-AED2-4E7C-BB96-C2BADE9B7A94} --> C:\Windows\system32\msfeedssync.exe sync

------------ | C:\ %SystemDrive% - Disco fijo (NTFS) |

[07/02/2019 - 11:13:25 | A | 0 Ko] - DelFix.txt
[08/02/2019 - 12:07:59 | ASH | 3059148 Ko] - hiberfil.sys
[08/02/2019 - 12:08:03 | ASH | 4078864 Ko] - pagefile.sys
[18/12/2017 - 19:59:23 | ASH | 0 Ko] - partition_identifier_bc_new.platform
[05/02/2019 - 20:29:08 | SHD] - Config.Msi
[26/04/2014 - 21:57:48 | A | 0 Ko] - AVScanner.ini
[11/08/2014 - 09:26:10 | A | 0 Ko] - BackupLoader.ini
[02/11/2015 - 11:28:48 | A | 0 Ko] - ftconfig.ini
[16/01/2014 - 01:42:40 | A | 594 Ko] - SecurityScanner.dll
[08/09/2015 - 13:44:34 | SHD] - $Recycle.Bin
[19/04/2014 - 18:28:15 | A | 0 Ko] - autoexec.bat
[14/07/2009 - 04:20:08 | D] - PerfLogs
[14/07/2009 - 06:08:56 | SHD] - Documents and Settings
[10/03/2014 - 11:09:37 | SHD] - Archivos de programa
[10/03/2014 - 11:09:37 | SHD] - Recovery
[10/03/2014 - 17:18:13 | D] - Intel
[10/03/2014 - 17:27:13 | RHD] - MSOCache
[20/03/2014 - 13:35:40 | D] - Spacekace
[21/05/2014 - 15:40:08 | AH | 0 Ko] - F868451E796E
[24/05/2014 - 16:27:45 | D] - SUPERDelete
[09/01/2015 - 14:44:31 | D] - FSTool
[19/01/2015 - 22:32:04 | RD] - Users
[14/02/2015 - 05:14:27 | D] - 960186468abc0a36aecba590591f55
[16/02/2015 - 05:14:54 | D] - cca0d0aa049143b965f235af4d
[17/02/2015 - 05:15:12 | D] - b804be2c4ecb3b259a
[22/04/2015 - 18:59:53 | D] - RegBackup
[28/11/2015 - 18:45:12 | D] - Riot Games
[19/03/2016 - 21:42:31 | D] - AeriaGames
[28/12/2016 - 13:06:31 | HD] - MediaServer_Temp
[18/12/2017 - 19:59:24 | D] - RecData
[17/07/2018 - 10:42:43 | D] - c8e130bdd8085ccc79
[04/09/2018 - 12:14:17 | D] - temp
[23/01/2019 - 20:58:35 | D] - webqderxqp__
[23/01/2019 - 21:02:10 | D] - ixojghqvow__
[05/02/2019 - 20:21:15 | RD] - Program Files
[06/02/2019 - 16:47:19 | D] - AdwCleaner
[07/02/2019 - 11:32:08 | D] - FRST
[07/02/2019 - 20:44:33 | HD] - ProgramData
[07/02/2019 - 21:45:53 | D] - Windows
[08/02/2019 - 12:22:25 | RD] - Program Files (x86)

Elemento(s) infectado(s) : 1
Elementos analizados : 59751 en 00h 00m 08s

# UsbFix-Report-01.txt [8677B]

------------ | E.O.F  |
# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Versión : 11.011
# Base de datos : 2019.01.29 
# Contacto : https://www.usb-antivirus.com/es/contacto
# ----------------------------------------------------
# Tipo de escaneo : Windows
# Usuario : Administrador (Administrador)
# Dispositivo : WIN-JKCQ8P2BBLH
# Comenzó : 08/02/2019 12:25:22
# ----------------------------------------------------

------------ | Discos analizados |

C:\	NTFS	(152GB/466GB)	[Fixed] 

------------ | Elemento(s) infectado(s) |


------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
04 - HKCU\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKCU\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKCU\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
04 - HKLM\..\Run : [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
04 - HKLM\..\Run : [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
04 - HKLM\..\Run : [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - [x64] HKLM\..\Run : [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-1000\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

------------ | Tasks |

Task - Adobe Acrobat Update Task --> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task - Adobe Flash Player PPAPI Notifier --> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe -check pepperplugin
Task - Adobe Flash Player Updater --> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task - AdobeGCInvoker-1.0-WIN-JKCQ8P2BBLH-Administrador --> C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
Task - CCleaner Update --> C:\Program Files\CCleaner\CCUpdate.exe
Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Task - DropboxUpdateTaskMachineCore --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d3ef67a56cb080 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d439f829b15556 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d45262205d27ce --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cf6aa64be58651 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfd45179cb4dad --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfec2d52bd2c5f --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d000decfbb71af --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d06e0354b2be3e --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d090b421936b3d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0bf3af473e2fc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0e23b309cf951 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ea308dcec4 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ef8d44d0047d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d11102bf5571f6 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d12d049f49b4c8 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d15dce763e93f3 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6f60ce3d57 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6fb19eb900 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1aaff3ea52cfc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1e9133fd55cd5 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Task - Norton WSC Integration --> "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe" /taskschd
Task - Opera scheduled Autoupdate 1517262459 --> C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
Task - User_Feed_Synchronization-{620B0231-AED2-4E7C-BB96-C2BADE9B7A94} --> C:\Windows\system32\msfeedssync.exe sync

------------ | C:\ %SystemDrive% - Disco fijo (NTFS) |

[07/02/2019 - 11:13:25 | A | 0 Ko] - DelFix.txt
[08/02/2019 - 12:07:59 | ASH | 3059148 Ko] - hiberfil.sys
[08/02/2019 - 12:08:03 | ASH | 4078864 Ko] - pagefile.sys
[18/12/2017 - 19:59:23 | ASH | 0 Ko] - partition_identifier_bc_new.platform
[05/02/2019 - 20:29:08 | SHD] - Config.Msi
[26/04/2014 - 21:57:48 | A | 0 Ko] - AVScanner.ini
[11/08/2014 - 09:26:10 | A | 0 Ko] - BackupLoader.ini
[02/11/2015 - 11:28:48 | A | 0 Ko] - ftconfig.ini
[16/01/2014 - 01:42:40 | A | 594 Ko] - SecurityScanner.dll
[08/09/2015 - 13:44:34 | SHD] - $Recycle.Bin
[19/04/2014 - 18:28:15 | A | 0 Ko] - autoexec.bat
[14/07/2009 - 04:20:08 | D] - PerfLogs
[14/07/2009 - 06:08:56 | SHD] - Documents and Settings
[10/03/2014 - 11:09:37 | SHD] - Archivos de programa
[10/03/2014 - 11:09:37 | SHD] - Recovery
[10/03/2014 - 17:18:13 | D] - Intel
[10/03/2014 - 17:27:13 | RHD] - MSOCache
[20/03/2014 - 13:35:40 | D] - Spacekace
[21/05/2014 - 15:40:08 | AH | 0 Ko] - F868451E796E
[24/05/2014 - 16:27:45 | D] - SUPERDelete
[09/01/2015 - 14:44:31 | D] - FSTool
[19/01/2015 - 22:32:04 | RD] - Users
[14/02/2015 - 05:14:27 | D] - 960186468abc0a36aecba590591f55
[16/02/2015 - 05:14:54 | D] - cca0d0aa049143b965f235af4d
[17/02/2015 - 05:15:12 | D] - b804be2c4ecb3b259a
[22/04/2015 - 18:59:53 | D] - RegBackup
[28/11/2015 - 18:45:12 | D] - Riot Games
[19/03/2016 - 21:42:31 | D] - AeriaGames
[28/12/2016 - 13:06:31 | HD] - MediaServer_Temp
[18/12/2017 - 19:59:24 | D] - RecData
[17/07/2018 - 10:42:43 | D] - c8e130bdd8085ccc79
[04/09/2018 - 12:14:17 | D] - temp
[23/01/2019 - 20:58:35 | D] - webqderxqp__
[23/01/2019 - 21:02:10 | D] - ixojghqvow__
[05/02/2019 - 20:21:15 | RD] - Program Files
[06/02/2019 - 16:47:19 | D] - AdwCleaner
[07/02/2019 - 11:32:08 | D] - FRST
[07/02/2019 - 20:44:33 | HD] - ProgramData
[07/02/2019 - 21:45:53 | D] - Windows
[08/02/2019 - 12:22:25 | RD] - Program Files (x86)

Elemento(s) infectado(s) : 1
Elementos analizados : 59757 en 00h 00m 03s

# UsbFix-Report-02.txt [8680B]

------------ | E.O.F  |
# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Versión : 11.011
# Base de datos : 2019.01.29 
# Contacto : https://www.usb-antivirus.com/es/contacto
# ----------------------------------------------------
# Tipo de escaneo : USB
# Usuario : Administrador (Administrador)
# Dispositivo : WIN-JKCQ8P2BBLH
# Comenzó : 08/02/2019 12:25:58
# ----------------------------------------------------

------------ | Discos analizados |

No se detectan dispositivos para este tipo de escaneo.

------------ | Elemento(s) infectado(s) |


------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
04 - HKCU\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKCU\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKCU\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
04 - HKLM\..\Run : [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
04 - HKLM\..\Run : [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
04 - HKLM\..\Run : [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - [x64] HKLM\..\Run : [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-1000\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

------------ | Tasks |

Task - Adobe Acrobat Update Task --> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task - Adobe Flash Player PPAPI Notifier --> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe -check pepperplugin
Task - Adobe Flash Player Updater --> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task - AdobeGCInvoker-1.0-WIN-JKCQ8P2BBLH-Administrador --> C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
Task - CCleaner Update --> C:\Program Files\CCleaner\CCUpdate.exe
Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Task - DropboxUpdateTaskMachineCore --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d3ef67a56cb080 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d439f829b15556 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d45262205d27ce --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cf6aa64be58651 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfd45179cb4dad --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfec2d52bd2c5f --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d000decfbb71af --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d06e0354b2be3e --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d090b421936b3d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0bf3af473e2fc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0e23b309cf951 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ea308dcec4 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ef8d44d0047d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d11102bf5571f6 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d12d049f49b4c8 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d15dce763e93f3 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6f60ce3d57 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6fb19eb900 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1aaff3ea52cfc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1e9133fd55cd5 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Task - Norton WSC Integration --> "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe" /taskschd
Task - Opera scheduled Autoupdate 1517262459 --> C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
Task - User_Feed_Synchronization-{620B0231-AED2-4E7C-BB96-C2BADE9B7A94} --> C:\Windows\system32\msfeedssync.exe sync

Elemento(s) infectado(s) : 1
Elementos analizados : 40208 en 00h 00m 02s

# UsbFix-Report-03.txt [6737B]

------------ | E.O.F  |

Gracias por la ayuda. Pero el disco duro sigue igual.

Hola.

Ya te dije que NO tenia apariencia que fuera por infección. :roll_eyes:

La única alternativa que puedes probar seria intentar acceder a ese disco(si se deja) con alguna versión de sistema operativo distinta a windows. :thinking:

Prueba con estos pasos :arrow_right: ¿Cómo puedo salvar mis archivos si en mi PC NO arranca el sistema? o ¿Cómo hacer un Livecd.?

Céntrate en los pasos de como iniciar el equipo con un LiveCD para luego intentar visualizar e incluso copiar los archivos/carpetas que puedas tener en el disco duro dañado, mantén siempre el disco dañado al equipo con el cable directamente al puerto USB.

Prueba con esa opción y nos comentas.

Saludos.

Buenas noches.

He intentado hacer lo de livecd, pero no lo consigo, no me sale como en las instrucciones y no sé como hacerlo, sobre todo no entiendo los pasos, no da la suficiente información desde la descarga del archivo.

saludos.

Hola.

Por favor, dinos exactamente que es lo que NO entiendes o donde te quedas parada.??

Hola.

Es desde el primer paso, desde que tengo que descargar el iso, porque lo descargo y no tiene ningun icono y hay que asignarle uno, desde que se dice que se tiene que asociar con agun programa, yo no se hacerlo.

Hola.

Para que tengas un icono asociado a un archivo de tipo ISO debes tener en tu ordenador un programa que lo identifique/asocie y en caso de NO tenerlo debes descargar alguno como los que se indican en el tema que te puse "(Nero, Roxio, Alcohol 120 %, IsoBurner, etc…)

Alternativamente a realizar un DVD/CD de arranque con la imagen ISO descargada también se pueden usar unidades USB y crear un LiveUSB alternativo al LiveCD para hacer/crear ese LiveUSB puedes usar programas alternativos como los que se indican aquí :

Revisalos y cualquier duda nos comentas.

Saludos.