Mi Pc no lee ni reconoce el disco duro externo


#22
  • Informe de Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 4.02.2019
Ran by Administrador (06-02-2019 17:08:44)
Running from C:\Users\Administrador\Favorites\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-03-10 10:09:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2528625941-651579818-236654835-500 - Administrator - Enabled) => C:\Users\Administrador
Ana (S-1-5-21-2528625941-651579818-236654835-1044 - Administrator - Enabled) => C:\Users\Ana
HomeGroupUser$ (S-1-5-21-2528625941-651579818-236654835-1046 - Limited - Enabled)
Invitado (S-1-5-21-2528625941-651579818-236654835-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2528625941-651579818-236654835-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2528625941-651579818-236654835-500\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.)
Actualización de NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Ad-Aware Web Companion (HKLM-x32\...\{902C3D36-9254-437D-98AC-913B78E60864}) (Version: 1.1.922.1860 - Lavasoft) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
AppLogLibSetup (HKLM-x32\...\{7C40ADB8-AD6E-4CDF-94A1-06ACDC99F90F}) (Version: 1.0.2.0 - Brother Industries Ltd.) Hidden
Backup and Sync from Google (HKLM\...\{693CADB0-962B-4AC1-A939-9524B258C997}) (Version: 3.43.2448.9071 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{9483AB22-92AA-4161-9E79-DE77B71949DA}) (Version: 1.1.6.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{E9A086F3-E0CB-4E91-AABE-586D99788BC3}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{8281F578-2B02-4E98-956F-64E5D60D761B}) (Version: 1.1.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F98C83EC-0334-4F4E-8AC0-211DAC81ED35}) (Version: 1.0.5.2 - Brother Industries Ltd.) Hidden
BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden
DeviceDetect (HKLM-x32\...\{0B226409-96A6-47F0-84D8-89223B6F9479}) (Version: 1.0.3.4 - Brother Industries Ltd.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
iTunes (HKLM\...\{D34CA653-87BB-4605-826F-5525EE0A4664}) (Version: 12.7.2.60 - Apple Inc.)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
LavasoftTcpService (HKLM-x32\...\{90CF05DE-735F-42AB-A52A-F447FDFBE207}) (Version: 2.3.3.0 - Lavasoft) Hidden
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.895.1 - McAfee, Inc.)
MEmu (HKLM-x32\...\MEmu) (Version: 6.0.8.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 64.0 (x64 es-ES)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1007 - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{C9652153-FBF4-465F-A789-51476FF9BDFB}) (Version: 16.0.02800 - Nero AG)
NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
NVIDIA Controlador de 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVMS1000 (HKLM-x32\...\{D7079657-6D6A-4AD2-ABAB-416A10D44F66}) (Version: 1.00.0000 -   ) Hidden
NVMS1000 (HKLM-x32\...\InstallShield_{D7079657-6D6A-4AD2-ABAB-416A10D44F66}) (Version: 1.00.0000 -   )
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Panel de control de NVIDIA 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 341.44 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Prerequisite installer (HKLM-x32\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0004 - Nero AG) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Smart View (HKLM-x32\...\{5F8A3D28-643E-4062-80C9-37AD463EB61D}) (Version: 1.0.0.0 - Samsung )
StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2528625941-651579818-236654835-500_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] ()
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} =>  -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07321A2B-739F-4C92-9357-D3E71E522B67} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0803A98E-5E4C-4D81-9795-3C0424C53F90} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-21] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {20D38144-CB15-44DF-9D02-D6E0F56B5F8A} - \SUPERAntiSpyware Scheduled Task dbb34893-67fe-4602-9a5e-53236ed5d922 -> No File <==== ATTENTION
Task: {25A89929-E237-46B5-8371-55776F9C9E91} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {25C3977A-9181-4785-8972-CF3DEB3E061F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {3F39A68A-6ED6-4C36-8595-E3A48C405E27} - System32\Tasks\{06C9D931-0E10-4C97-B8AE-39E0D842E855} => C:\Windows\system32\pcalua.exe -a "C:\Users\Administrador\Downloads\chromeinstall-8u31 (3).exe" -d C:\Users\Administrador\Downloads
Task: {45E4D17D-93E2-4053-BAFA-9B39642EF820} - System32\Tasks\GoogleUpdateTaskMachineCore1d19c6fb19eb900 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {467EAE68-DF1C-47C9-BF2A-BA7BEC71D612} - System32\Tasks\GoogleUpdateTaskMachineCore1d1aaff3ea52cfc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
"C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware" could not be unlocked Error: 5. <==== ATTENTION
Task: {4A6CDA19-16A4-4A77-B191-F5123D7986CF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
Task: {5A5D5622-3F00-4A6B-B134-B7C5407CE9F4} - System32\Tasks\DropboxUpdateTaskMachineCore1d45262205d27ce => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5F55B485-5553-407E-A644-D9628E458BC4} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ea308dcec4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {6FBB46AB-5590-4AF4-A18E-7AF300D65098} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe
Task: {72BBBE58-4232-471C-8C98-67C7FCB30298} - System32\Tasks\GoogleUpdateTaskMachineCore1d06e0354b2be3e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {73D126B1-32F3-4D0C-B09E-AE0F82D27A02} - System32\Tasks\GoogleUpdateTaskMachineCore1d19c6f60ce3d57 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
"C:\Windows\System32\Tasks\Adobe Flash Player Updater" was unlocked. <==== ATTENTION
Task: {7C914F4D-97C3-48C5-9432-68DE65EF5E3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7EFD9AE7-94A4-4299-8D9E-5E102A1D824A} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6aa64be58651 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {877A33DB-34FC-4091-B5A3-566F7DE07A28} - System32\Tasks\AdobeGCInvoker-1.0-WIN-JKCQ8P2BBLH-Administrador => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {88462E43-EC86-48C0-9E4D-072FFE0217DB} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d049f49b4c8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {8885495B-0EB7-46F8-8A66-61335AF6BCDB} - System32\Tasks\BYAIAMUF => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: {9A893405-30D7-4F84-ABEF-20C7110E88A2} - System32\Tasks\{5A215FF5-57FF-4BF8-B027-9822075414AB} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u31.exe -d C:\Users\Administrador\Downloads
Task: {A1E6E820-F194-4587-8A17-9747C6742EF3} - \BHO updater -> No File <==== ATTENTION
Task: {A2AE6AC9-2BF0-48E6-8162-A5B393DB608F} - System32\Tasks\{1102F610-3C56-47B0-A8D2-356179DF9005} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u45.exe -d C:\Users\Administrador\Downloads
Task: {B0941449-A241-4E41-B80F-01CA51E54F12} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e23b309cf951 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {B320A1F0-2B1E-48E3-879D-E478388F1007} - System32\Tasks\{E59CB2EB-F758-4233-AD71-3E03CF7B98C9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\USB-AV Antivirus\Uninstall.exe"
Task: {BF21DF7A-3A46-423D-94E2-DC9546422EAC} - System32\Tasks\{F050E2D3-8406-4462-AC1E-06CF56003DDB} => C:\Windows\system32\pcalua.exe -a C:\Users\ADMINI~1\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {C285B905-FD0E-42A5-AEB2-22302FD3F760} - System32\Tasks\GoogleUpdateTaskMachineCore1d000decfbb71af => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {C39A6898-6E8B-4DDD-8207-87B81A085641} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Software Ltd -> Piriform Ltd)
Task: {C8D3DF45-A4FA-4E56-B3E6-059484DB7DF2} - System32\Tasks\DropboxUpdateTaskMachineCore1d439f829b15556 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D3A783CF-8E98-43E0-8662-5CB44A7CE306} - \SUPERAntiSpyware Scheduled Task cf38180e-19ef-482f-98cf-741c3c7f1984 -> No File <==== ATTENTION
Task: {D78B275F-879C-4F86-888F-EB3F38AAC6FA} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dce763e93f3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {DEB37370-0FDF-4A8D-893B-300BA7F63557} - System32\Tasks\Opera scheduled Autoupdate 1517262459 => C:\Program Files (x86)\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {DFB57B2A-63A1-4D94-8070-E99F938B5EE4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E7011466-9BCF-497C-81DA-407D3258E701} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ef8d44d0047d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {E9A0992C-AF1C-43E9-83F0-4806B66CB18E} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9133fd55cd5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {EEE7E4B6-2463-40D4-B3F1-8AD23E0EBAD8} - System32\Tasks\DropboxUpdateTaskMachineCore1d3ef67a56cb080 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F1108A80-9563-4891-B857-B183B72366C3} - System32\Tasks\GoogleUpdateTaskMachineCore1d11102bf5571f6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {F1D91309-F174-42D5-8878-AE4D6D6921A9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F2583919-18CC-4A1B-8EF8-ED1425F4E1EE} - System32\Tasks\GoogleUpdateTaskMachineCore1d090b421936b3d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {F439EC48-4D4A-41AD-969F-02E50FCAD836} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {FE00C933-2FCA-4D7F-B1F6-6DFAADFBAF86} - System32\Tasks\GoogleUpdateTaskMachineCore1cfec2d52bd2c5f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {FF0F91D8-F3A1-4276-8A1B-D89630CFCEB8} - System32\Tasks\GoogleUpdateTaskMachineCore1cfd45179cb4dad => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)
Task: {FF3E60BB-19F4-4A3A-BD5E-895C0E5847FF} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf3af473e2fc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-22] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore1d45262205d27ce.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d19c6fb19eb900.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1aaff3ea52cfc.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Administrador\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-and-launch-app="C:\Users\Administrador\AppData\Roaming\Mozila"

==================== Loaded Modules (Whitelisted) ==============

2016-12-28 13:01 - 2015-02-27 14:38 - 000721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2019-02-05 21:05 - 2018-10-11 09:56 - 000085304 _____ () C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe
2016-11-29 17:08 - 2005-04-22 13:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll
2019-01-10 11:01 - 2019-01-10 11:01 - 000103560 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2019-02-06 16:35 - 2019-01-24 11:09 - 002714000 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-02-05 21:05 - 2018-09-06 10:01 - 000128552 _____ () C:\Program Files (x86)\Microvirt\MEmu\libgcc_s_dw2-1.dll
2009-02-27 16:38 - 2009-02-27 16:38 - 000139264 _____ () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Administrador\MediaFire:mf_x [104]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [127]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Classes\.exe:  =>  <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2528625941-651579818-236654835-1000\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-04-22 17:44 - 2018-12-17 14:21 - 000451181 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15500 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64
HKU\S-1-5-21-2528625941-651579818-236654835-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AC114BA8-142F-4F1D-B3C6-1486BAB784F5}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{A62E24A4-62D0-4F58-9B2C-3D5A2FFB0A6C}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe ()
FirewallRules: [UDP Query User{907A95EB-82F6-4A39-9EAD-A5D331D58E04}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe ()
FirewallRules: [{8274BBEF-C87F-44FD-A273-B8A0D6632751}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{85CA363F-CAD7-442D-806D-AA83CA27E6AA}] => (Allow) C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9D41D203-0464-4AE3-9B6B-01362409332D}] => (Allow) C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{54AA4151-C29A-44D7-B3C4-E96A9151312D}C:\program files (x86)\nvms-1000\nvms-1000.exe] => (Allow) C:\program files (x86)\nvms-1000\nvms-1000.exe ()
FirewallRules: [UDP Query User{DD182055-FB98-44C6-9EB5-43A5A457E071}C:\program files (x86)\nvms-1000\nvms-1000.exe] => (Allow) C:\program files (x86)\nvms-1000\nvms-1000.exe ()
FirewallRules: [{330403AB-BF36-481C-8E2B-A47C9F2F4C89}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F2F7F0B7-0232-4E1D-A4F8-15D181C8FF31}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C3B2AB85-965D-47EF-9B39-547B5101C8A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{789FDE2F-D607-47E5-AC11-7395784C3C3F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D76A7DCF-60FC-4540-B8C4-E1E581EA0108}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E7259E4A-84FE-418F-A9A6-8AF77E5A14E5}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DCDA52D6-23FA-47D7-8380-0E5D95CDC6CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{D0963DA1-062D-48F7-872B-BFE94067B244}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{94533DF0-19B5-4154-83C6-4FE4ADDB7F3B}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{01AC6C78-9D79-4290-BE3F-A53B676B6B20}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{357FFA91-F503-4A9C-9F38-1873BC04B0CB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{52E7D500-9840-4211-B819-4B72D76D7F88}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)

==================== Restore Points =========================

04-02-2019 15:37:58 Windows Update
05-02-2019 17:24:04 Revo Uninstaller's restore point - MEmu
05-02-2019 20:19:27 Revo Uninstaller's restore point - BlueStacks App Player
05-02-2019 20:52:53 Revo Uninstaller's restore point - Nox APP Player
06-02-2019 16:32:29 Revo Uninstaller's restore point - Malwarebytes versión 3.7.1.2839
06-02-2019 16:58:25 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Adaptador de tunelización Teredo de Microsoft
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2019 04:32:26 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {e01a19b1-cd55-460e-ac36-8ff7acdea78e}

Error: (02/05/2019 08:19:18 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {39751723-28da-4c4d-b50e-1def8bd3781d}

Error: (02/05/2019 10:59:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RtWlan.exe, versión: 700.1642.1004.2011, marca de tiempo: 0x4e8b165b
Nombre del módulo con errores: RtlLib.dll, versión: 700.1078.817.2011, marca de tiempo: 0x4e730a27
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00014f2a
Id. del proceso con errores: 0x8b0
Hora de inicio de la aplicación con errores: 0x01d4bd39751b6160
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWlan.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlLib.dll
Id. del informe: cacc6ea4-292c-11e9-85cd-74d43510c101

Error: (02/03/2019 06:46:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RtWlan.exe, versión: 700.1642.1004.2011, marca de tiempo: 0x4e8b165b
Nombre del módulo con errores: RtlLib.dll, versión: 700.1078.817.2011, marca de tiempo: 0x4e730a27
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00014f2a
Id. del proceso con errores: 0x88c
Hora de inicio de la aplicación con errores: 0x01d4bbe83f37d3fb
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWlan.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlLib.dll
Id. del informe: 90bc1764-27db-11e9-a4e2-74d43510c101

Error: (02/01/2019 07:43:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MEmuHeadless.exe, versión: 5.1.34.21010, marca de tiempo: 0x5b0269b9
Nombre del módulo con errores: MEmuDD.DLL_unloaded, versión: 0.0.0.0, marca de tiempo: 0x5c4bfa6c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000007feda99949f
Id. del proceso con errores: 0x1fc0
Hora de inicio de la aplicación con errores: 0x01d4ba5dde745649
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Microvirt\MemuHyperv\MEmuHeadless.exe
Ruta de acceso del módulo con errores: MEmuDD.DLL
Id. del informe: 3895dafa-2651-11e9-be2e-74d43510c101

Error: (02/01/2019 07:32:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RtWlan.exe, versión: 700.1642.1004.2011, marca de tiempo: 0x4e8b165b
Nombre del módulo con errores: RtlLib.dll, versión: 700.1078.817.2011, marca de tiempo: 0x4e730a27
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00014f2a
Id. del proceso con errores: 0xaa4
Hora de inicio de la aplicación con errores: 0x01d4ba5c6a0222a4
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWlan.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlLib.dll
Id. del informe: c3f7c785-264f-11e9-be2e-74d43510c101

Error: (01/31/2019 09:04:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AdwCleaner.exe, versión: 7.0.2.1, marca de tiempo: 0x59a5f25e
Nombre del módulo con errores: AdwCleaner.exe, versión: 7.0.2.1, marca de tiempo: 0x59a5f25e
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0004c7aa
Id. del proceso con errores: 0x94c
Hora de inicio de la aplicación con errores: 0x01d4b9a02232581d
Ruta de acceso de la aplicación con errores: C:\Users\Administrador\Favorites\Desktop\AdwCleaner.exe
Ruta de acceso del módulo con errores: C:\Users\Administrador\Favorites\Desktop\AdwCleaner.exe
Id. del informe: 68678d89-2593-11e9-8640-74d43510c101

Error: (01/31/2019 08:42:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2019/01/31 20:42:37.034]: [00013296]: Initialize TwdsMain Class failed!


System errors:
=============
Error: (02/06/2019 05:00:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NVIDIA Display Driver Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (02/06/2019 04:52:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
UsbCharger

Error: (02/06/2019 04:52:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (02/06/2019 04:52:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (02/06/2019 04:52:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (60000 ms) para la conexión con el servicio Wondershare Application Framework Service.

Error: (02/06/2019 04:50:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (02/06/2019 04:50:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.

Error: (02/06/2019 04:50:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR1.


CodeIntegrity:
===================================

Date: 2016-08-31 11:04:46.492
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-31 11:04:46.304
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-29 11:48:17.476
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-29 11:48:17.414
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-29 11:14:25.022
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-29 11:14:24.616
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-28 13:08:01.850
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-08-28 13:08:01.226
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 59%
Total physical RAM: 3983.27 MB
Available physical RAM: 1632.9 MB
Total Virtual: 7964.67 MB
Available Virtual: 5566.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:160.86 GB) NTFS

\\?\Volume{8430950b-a83b-11e3-bd0d-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7B3DD090)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Eso es todo. Muchas gracias por la ayuda y el tiempo dedicado.


#23

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers4: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers6: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
Task: {20D38144-CB15-44DF-9D02-D6E0F56B5F8A} - \SUPERAntiSpyware Scheduled Task dbb34893-67fe-4602-9a5e-53236ed5d922 -> No File <==== ATTENTION
Task: {3F39A68A-6ED6-4C36-8595-E3A48C405E27} - System32\Tasks\{06C9D931-0E10-4C97-B8AE-39E0D842E855} => C:\Windows\system32\pcalua.exe -a "C:\Users\Administrador\Downloads\chromeinstall-8u31 (3).exe" -d C:\Users\Administrador\Downloads
"C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware" could not be unlocked Error: 5. <==== ATTENTION
Task: {4A6CDA19-16A4-4A77-B191-F5123D7986CF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
"C:\Windows\System32\Tasks\Adobe Flash Player Updater" was unlocked. <==== ATTENTION
Task: {8885495B-0EB7-46F8-8A66-61335AF6BCDB} - System32\Tasks\BYAIAMUF => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: {9A893405-30D7-4F84-ABEF-20C7110E88A2} - System32\Tasks\{5A215FF5-57FF-4BF8-B027-9822075414AB} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u31.exe -d C:\Users\Administrador\Downloads
Task: {A1E6E820-F194-4587-8A17-9747C6742EF3} - \BHO updater -> No File <==== ATTENTION
Task: {A2AE6AC9-2BF0-48E6-8162-A5B393DB608F} - System32\Tasks\{1102F610-3C56-47B0-A8D2-356179DF9005} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u45.exe -d C:\Users\Administrador\Downloads
Task: {B320A1F0-2B1E-48E3-879D-E478388F1007} - System32\Tasks\{E59CB2EB-F758-4233-AD71-3E03CF7B98C9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\USB-AV Antivirus\Uninstall.exe"
Task: {BF21DF7A-3A46-423D-94E2-DC9546422EAC} - System32\Tasks\{F050E2D3-8406-4462-AC1E-06CF56003DDB} => C:\Windows\system32\pcalua.exe -a C:\Users\ADMINI~1\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {D3A783CF-8E98-43E0-8662-5CB44A7CE306} - \SUPERAntiSpyware Scheduled Task cf38180e-19ef-482f-98cf-741c3c7f1984 -> No File <==== ATTENTION
Task: {DFB57B2A-63A1-4D94-8070-E99F938B5EE4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Administrador\MediaFire:mf_x [104]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [127]
HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Classes\.exe: => <==== ATTENTION
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f<*>] => C:\ProgramData\f3afbb9f\f3afbb9f.exe C:\ProgramData\f3afbb9f\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f2<*>] => C:\ProgramData\reZRknDNm\f3afbb9f.exe C:\ProgramData\reZRknDNm\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\MountPoints2: {3eec23e1-bd6b-11e3-a73f-74d43510c101} - E:\LGAutoRun.exe
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-05-04]
ShortcutTarget: IMVU.lnk -> C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * ??sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Handler: WSWSVCUchrome - No CLSID Value
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [No File]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [hehfmjlmadifgnaahehdnpcgcbmdgebg] - C:\Program Files (x86)\iDeals Shopping Optimizer\chrome-powl-deals.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc. -> McAfee, Inc.)
S1 avriccoc; \??\C:\Windows\system32\drivers\avriccoc.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 godbjomg; \??\C:\Windows\system32\drivers\godbjomg.sys [X]
S1 jqgvaafh; \??\C:\Windows\system32\drivers\jqgvaafh.sys [X]
S1 kiwzdllk; \??\C:\Windows\system32\drivers\kiwzdllk.sys [X]
S1 pimwrxgh; \??\C:\Windows\system32\drivers\pimwrxgh.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f<*>] => C:\ProgramData\f3afbb9f\f3afbb9f.exe C:\ProgramData\f3afbb9f\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f2<*>] => C:\ProgramData\reZRknDNm\f3afbb9f.exe C:\ProgramData\reZRknDNm\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\MountPoints2: {3eec23e1-bd6b-11e3-a73f-74d43510c101} - E:\LGAutoRun.exe
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-05-04]
ShortcutTarget: IMVU.lnk -> C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * ??sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Handler: WSWSVCUchrome - No CLSID Value
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [No File]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [hehfmjlmadifgnaahehdnpcgcbmdgebg] - C:\Program Files (x86)\iDeals Shopping Optimizer\chrome-powl-deals.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc. -> McAfee, Inc.)
S1 avriccoc; \??\C:\Windows\system32\drivers\avriccoc.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 godbjomg; \??\C:\Windows\system32\drivers\godbjomg.sys [X]
S1 jqgvaafh; \??\C:\Windows\system32\drivers\jqgvaafh.sys [X]
S1 kiwzdllk; \??\C:\Windows\system32\drivers\kiwzdllk.sys [X]
S1 pimwrxgh; \??\C:\Windows\system32\drivers\pimwrxgh.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2015-03-09 22:30 - 2015-10-02 13:22 - 000000385 _____ () C:\Users\Administrador\AppData\Roaming\BYAIAMUF
2015-06-27 03:00 - 2016-01-11 11:43 - 000000125 _____ () C:\Users\Administrador\AppData\Roaming\D2Info0
2015-04-19 13:20 - 2015-10-02 13:22 - 000000626 _____ () C:\Users\Administrador\AppData\Roaming\d7wtLNWp7jIXw
2015-06-27 03:00 - 2016-01-11 12:30 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_1
2016-01-09 00:44 - 2016-01-11 11:45 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_2
2016-01-11 11:43 - 2016-01-11 11:59 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_3
2016-01-11 11:43 - 2016-01-11 11:58 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_4
2016-01-11 11:43 - 2016-01-11 11:54 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_5
2017-06-02 16:04 - 2017-11-11 20:44 - 038270608 _____ () C:\Users\Administrador\AppData\Roaming\gameboxsetup.exe
2012-05-03 12:12 - 2012-05-03 12:12 - 000000532 _____ () C:\Users\Administrador\AppData\Local\datos.txt
2018-09-28 14:27 - 2018-09-28 14:27 - 000000000 _____ () C:\Users\Administrador\AppData\Local\oobelibMkey.log
2019-02-05 13:57 - 2019-02-05 13:57 - 000000017 _____ () C:\Users\Administrador\AppData\Local\resmon.resmoncfg
2015-04-06 14:51 - 2015-04-09 11:40 - 000011804 _____ () C:\Users\Administrador\AppData\Local\Temp-log.txt
2016-04-17 16:18 - 2016-04-17 16:18 - 000005897 _____ () C:\Users\Administrador\AppData\Local\transitiontransition_26b96f71c6eea7cd47565f4c02ed0c77.ini
2016-08-15 19:43 - 2016-08-15 19:43 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{7F1DD215-7C33-44DE-975D-4CD17F0F12B9}
2017-11-02 15:46 - 2017-11-02 15:46 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{A9A190BA-08B6-4152-9306-CF612822E0F9}
2019-02-05 20:20 - 2019-01-21 12:09 - 001161224 _____ (BlueStack Systems, Inc.) C:\Users\Administrador\AppData\Local\Temp\BlueStacksUninstaller.exe
2019-02-05 20:20 - 2019-01-21 12:11 - 001062408 _____ (BlueStack Systems, Inc.) C:\Users\Administrador\AppData\Local\Temp\HD-Common.dll
2019-02-05 20:20 - 2019-01-21 08:30 - 000421344 _____ (CodeTitans) C:\Users\Administrador\AppData\Local\Temp\JSon.dll
2019-02-05 20:54 - 2018-11-05 03:32 - 000083128 _____ () C:\Users\Administrador\AppData\Local\Temp\nox_uninst.exe
2019-01-23 20:58 - 2019-02-06 16:52 - 001060864 _____ (AutoIt Team) C:\Users\Administrador\AppData\Local\Temp\systeminfo.exe
2015-01-19 22:33 - 2015-01-19 22:33 - 000000000 ____D () C:\Users\Ana\AppData\Local\Temp\avgnt.exe
2019-01-25 11:03 - 2018-12-17 14:21 - 000002008 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.


#24

Hola.

He hecho todo lo que me has dicho, pero sigue igual. Por lo menos ya me quedo un poco mas tranquila de que no sea un problema del equipo.

Dejo el informe:

Fix result of Farbar Recovery Scan Tool (x64) Version: 6.02.2019
Ran by Administrador (07-02-2019 11:27:41) Run:1
Running from C:\Users\Administrador\Favorites\Desktop
Loaded Profiles: Administrador (Available Profiles: UpdatusUser & Ana & Administrador)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers4: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers6: [iSafeRKScan] -> {5411D116-5A37-47D4-B154-5F7FCD9062F0} => -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
Task: {20D38144-CB15-44DF-9D02-D6E0F56B5F8A} - \SUPERAntiSpyware Scheduled Task dbb34893-67fe-4602-9a5e-53236ed5d922 -> No File <==== ATTENTION
Task: {3F39A68A-6ED6-4C36-8595-E3A48C405E27} - System32\Tasks\{06C9D931-0E10-4C97-B8AE-39E0D842E855} => C:\Windows\system32\pcalua.exe -a "C:\Users\Administrador\Downloads\chromeinstall-8u31 (3).exe" -d C:\Users\Administrador\Downloads
"C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware" could not be unlocked Error: 5. <==== ATTENTION
Task: {4A6CDA19-16A4-4A77-B191-F5123D7986CF} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -> No File <==== ATTENTION
"C:\Windows\System32\Tasks\Adobe Flash Player Updater" was unlocked. <==== ATTENTION
Task: {8885495B-0EB7-46F8-8A66-61335AF6BCDB} - System32\Tasks\BYAIAMUF => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: {9A893405-30D7-4F84-ABEF-20C7110E88A2} - System32\Tasks\{5A215FF5-57FF-4BF8-B027-9822075414AB} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u31.exe -d C:\Users\Administrador\Downloads
Task: {A1E6E820-F194-4587-8A17-9747C6742EF3} - \BHO updater -> No File <==== ATTENTION
Task: {A2AE6AC9-2BF0-48E6-8162-A5B393DB608F} - System32\Tasks\{1102F610-3C56-47B0-A8D2-356179DF9005} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrador\Downloads\chromeinstall-8u45.exe -d C:\Users\Administrador\Downloads
Task: {B320A1F0-2B1E-48E3-879D-E478388F1007} - System32\Tasks\{E59CB2EB-F758-4233-AD71-3E03CF7B98C9} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\USB-AV Antivirus\Uninstall.exe"
Task: {BF21DF7A-3A46-423D-94E2-DC9546422EAC} - System32\Tasks\{F050E2D3-8406-4462-AC1E-06CF56003DDB} => C:\Windows\system32\pcalua.exe -a C:\Users\ADMINI~1\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {D3A783CF-8E98-43E0-8662-5CB44A7CE306} - \SUPERAntiSpyware Scheduled Task cf38180e-19ef-482f-98cf-741c3c7f1984 -> No File <==== ATTENTION
Task: {DFB57B2A-63A1-4D94-8070-E99F938B5EE4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\Administrador\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Administrador\MediaFire:mf_x [104]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3 [127]
HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Classes\.exe: => <==== ATTENTION
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f<*>] => C:\ProgramData\f3afbb9f\f3afbb9f.exe C:\ProgramData\f3afbb9f\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f2<*>] => C:\ProgramData\reZRknDNm\f3afbb9f.exe C:\ProgramData\reZRknDNm\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\MountPoints2: {3eec23e1-bd6b-11e3-a73f-74d43510c101} - E:\LGAutoRun.exe
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-05-04]
ShortcutTarget: IMVU.lnk -> C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * ??sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Handler: WSWSVCUchrome - No CLSID Value
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [No File]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [hehfmjlmadifgnaahehdnpcgcbmdgebg] - C:\Program Files (x86)\iDeals Shopping Optimizer\chrome-powl-deals.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc. -> McAfee, Inc.)
S1 avriccoc; \??\C:\Windows\system32\drivers\avriccoc.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 godbjomg; \??\C:\Windows\system32\drivers\godbjomg.sys [X]
S1 jqgvaafh; \??\C:\Windows\system32\drivers\jqgvaafh.sys [X]
S1 kiwzdllk; \??\C:\Windows\system32\drivers\kiwzdllk.sys [X]
S1 pimwrxgh; \??\C:\Windows\system32\drivers\pimwrxgh.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f<*>] => C:\ProgramData\f3afbb9f\f3afbb9f.exe C:\ProgramData\f3afbb9f\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Run: [*f3afbb9f2<*>] => C:\ProgramData\reZRknDNm\f3afbb9f.exe C:\ProgramData\reZRknDNm\f3afbb9ftest.au3 <==== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\MountPoints2: {3eec23e1-bd6b-11e3-a73f-74d43510c101} - E:\LGAutoRun.exe
HKU\S-1-5-21-2528625941-651579818-236654835-500\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2016-05-04]
ShortcutTarget: IMVU.lnk -> C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * ??sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Handler: WSWSVCUchrome - No CLSID Value
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [No File]
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [hehfmjlmadifgnaahehdnpcgcbmdgebg] - C:\Program Files (x86)\iDeals Shopping Optimizer\chrome-powl-deals.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc. -> McAfee, Inc.)
S1 avriccoc; \??\C:\Windows\system32\drivers\avriccoc.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 godbjomg; \??\C:\Windows\system32\drivers\godbjomg.sys [X]
S1 jqgvaafh; \??\C:\Windows\system32\drivers\jqgvaafh.sys [X]
S1 kiwzdllk; \??\C:\Windows\system32\drivers\kiwzdllk.sys [X]
S1 pimwrxgh; \??\C:\Windows\system32\drivers\pimwrxgh.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2015-03-09 22:30 - 2015-10-02 13:22 - 000000385 _____ () C:\Users\Administrador\AppData\Roaming\BYAIAMUF
2015-06-27 03:00 - 2016-01-11 11:43 - 000000125 _____ () C:\Users\Administrador\AppData\Roaming\D2Info0
2015-04-19 13:20 - 2015-10-02 13:22 - 000000626 _____ () C:\Users\Administrador\AppData\Roaming\d7wtLNWp7jIXw
2015-06-27 03:00 - 2016-01-11 12:30 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_1
2016-01-09 00:44 - 2016-01-11 11:45 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_2
2016-01-11 11:43 - 2016-01-11 11:59 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_3
2016-01-11 11:43 - 2016-01-11 11:58 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_4
2016-01-11 11:43 - 2016-01-11 11:54 - 000000008 _____ () C:\Users\Administrador\AppData\Roaming\DofusAppId0_5
2017-06-02 16:04 - 2017-11-11 20:44 - 038270608 _____ () C:\Users\Administrador\AppData\Roaming\gameboxsetup.exe
2012-05-03 12:12 - 2012-05-03 12:12 - 000000532 _____ () C:\Users\Administrador\AppData\Local\datos.txt
2018-09-28 14:27 - 2018-09-28 14:27 - 000000000 _____ () C:\Users\Administrador\AppData\Local\oobelibMkey.log
2019-02-05 13:57 - 2019-02-05 13:57 - 000000017 _____ () C:\Users\Administrador\AppData\Local\resmon.resmoncfg
2015-04-06 14:51 - 2015-04-09 11:40 - 000011804 _____ () C:\Users\Administrador\AppData\Local\Temp-log.txt
2016-04-17 16:18 - 2016-04-17 16:18 - 000005897 _____ () C:\Users\Administrador\AppData\Local\transitiontransition_26b96f71c6eea7cd47565f4c02ed0c77.ini
2016-08-15 19:43 - 2016-08-15 19:43 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{7F1DD215-7C33-44DE-975D-4CD17F0F12B9}
2017-11-02 15:46 - 2017-11-02 15:46 - 000000000 _____ () C:\Users\Administrador\AppData\Local\{A9A190BA-08B6-4152-9306-CF612822E0F9}
2019-02-05 20:20 - 2019-01-21 12:09 - 001161224 _____ (BlueStack Systems, Inc.) C:\Users\Administrador\AppData\Local\Temp\BlueStacksUninstaller.exe
2019-02-05 20:20 - 2019-01-21 12:11 - 001062408 _____ (BlueStack Systems, Inc.) C:\Users\Administrador\AppData\Local\Temp\HD-Common.dll
2019-02-05 20:20 - 2019-01-21 08:30 - 000421344 _____ (CodeTitans) C:\Users\Administrador\AppData\Local\Temp\JSon.dll
2019-02-05 20:54 - 2018-11-05 03:32 - 000083128 _____ () C:\Users\Administrador\AppData\Local\Temp\nox_uninst.exe
2019-01-23 20:58 - 2019-02-06 16:52 - 001060864 _____ (AutoIt Team) C:\Users\Administrador\AppData\Local\Temp\systeminfo.exe
2015-01-19 22:33 - 2015-01-19 22:33 - 000000000 ____D () C:\Users\Ana\AppData\Local\Temp\avgnt.exe
2019-01-25 11:03 - 2018-12-17 14:21 - 000002008 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\iSafeRKScan => invalid subkey removed.
HKLM\Software\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\iSafeRKScan => invalid subkey removed.
HKLM\Software\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\iSafeRKScan => invalid subkey removed.
HKLM\Software\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20D38144-CB15-44DF-9D02-D6E0F56B5F8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task dbb34893-67fe-4602-9a5e-53236ed5d922" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F39A68A-6ED6-4C36-8595-E3A48C405E27}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F39A68A-6ED6-4C36-8595-E3A48C405E27}" => removed successfully
C:\Windows\System32\Tasks\{06C9D931-0E10-4C97-B8AE-39E0D842E855} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06C9D931-0E10-4C97-B8AE-39E0D842E855}" => removed successfully
"C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware" could not be unlocked Error: 5. <==== ATTENTION" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A6CDA19-16A4-4A77-B191-F5123D7986CF}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" => removed successfully
"C:\Windows\System32\Tasks\Adobe Flash Player Updater" was unlocked. <==== ATTENTION" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8885495B-0EB7-46F8-8A66-61335AF6BCDB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8885495B-0EB7-46F8-8A66-61335AF6BCDB}" => removed successfully
C:\Windows\System32\Tasks\BYAIAMUF => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BYAIAMUF" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A893405-30D7-4F84-ABEF-20C7110E88A2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A893405-30D7-4F84-ABEF-20C7110E88A2}" => removed successfully
C:\Windows\System32\Tasks\{5A215FF5-57FF-4BF8-B027-9822075414AB} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5A215FF5-57FF-4BF8-B027-9822075414AB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1E6E820-F194-4587-8A17-9747C6742EF3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1E6E820-F194-4587-8A17-9747C6742EF3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BHO updater" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2AE6AC9-2BF0-48E6-8162-A5B393DB608F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2AE6AC9-2BF0-48E6-8162-A5B393DB608F}" => removed successfully
C:\Windows\System32\Tasks\{1102F610-3C56-47B0-A8D2-356179DF9005} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1102F610-3C56-47B0-A8D2-356179DF9005}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B320A1F0-2B1E-48E3-879D-E478388F1007}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B320A1F0-2B1E-48E3-879D-E478388F1007}" => removed successfully
C:\Windows\System32\Tasks\{E59CB2EB-F758-4233-AD71-3E03CF7B98C9} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E59CB2EB-F758-4233-AD71-3E03CF7B98C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF21DF7A-3A46-423D-94E2-DC9546422EAC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF21DF7A-3A46-423D-94E2-DC9546422EAC}" => removed successfully
C:\Windows\System32\Tasks\{F050E2D3-8406-4462-AC1E-06CF56003DDB} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F050E2D3-8406-4462-AC1E-06CF56003DDB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3A783CF-8E98-43E0-8662-5CB44A7CE306}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task cf38180e-19ef-482f-98cf-741c3c7f1984" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFB57B2A-63A1-4D94-8070-E99F938B5EE4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
C:\Windows\Tasks\BYAIAMUF.job => moved successfully
C:\Users\Administrador\MediaFire => ":mf_x" ADS could not remove.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully
C:\ProgramData\TEMP => ":890CC2F3" ADS removed successfully
HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Classes\.exe => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\*f3afbb9f<*>" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\*f3afbb9f2<*>" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => removed successfully
HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3eec23e1-bd6b-11e3-a73f-74d43510c101} => removed successfully
HKLM\Software\Classes\CLSID\{3eec23e1-bd6b-11e3-a73f-74d43510c101} => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully
HKLM\Software\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => removed successfully
C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk => moved successfully
"C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe" => not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe => moved successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\WSWSVCUchrome => removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => removed successfully
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.8 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@Nero.com/KM => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hehfmjlmadifgnaahehdnpcgcbmdgebg => removed successfully
HKLM\System\CurrentControlSet\Services\McComponentHostService => removed successfully
McComponentHostService => service removed successfully
HKLM\System\CurrentControlSet\Services\avriccoc => removed successfully
avriccoc => service removed successfully
HKLM\System\CurrentControlSet\Services\BAPIDRV => removed successfully
BAPIDRV => service removed successfully
HKLM\System\CurrentControlSet\Services\dbx => removed successfully
dbx => service removed successfully
HKLM\System\CurrentControlSet\Services\godbjomg => removed successfully
godbjomg => service removed successfully
HKLM\System\CurrentControlSet\Services\jqgvaafh => removed successfully
jqgvaafh => service removed successfully
HKLM\System\CurrentControlSet\Services\kiwzdllk => removed successfully
kiwzdllk => service removed successfully
HKLM\System\CurrentControlSet\Services\pimwrxgh => removed successfully
pimwrxgh => service removed successfully
HKLM\System\CurrentControlSet\Services\xhunter1 => removed successfully
xhunter1 => service removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\*f3afbb9f<*>" => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Run\\*f3afbb9f2<*>" => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => not found
HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3eec23e1-bd6b-11e3-a73f-74d43510c101} => not found
HKLM\Software\Classes\CLSID\{3eec23e1-bd6b-11e3-a73f-74d43510c101} => not found
"HKU\S-1-5-21-2528625941-651579818-236654835-500\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => not found
HKLM\Software\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => not found
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => not found
"C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk" => not found
"C:\Users\Administrador\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" => not found
"C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe" => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"C:\Windows\system32\GroupPolicy\Machine" => not found
"C:\Windows\system32\GroupPolicy\User" => not found
"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2528625941-651579818-236654835-1000\User" => not found
HKLM\SOFTWARE\Policies\Google => not found
HKLM\Software\Classes\PROTOCOLS\Handler\WSWSVCUchrome => not found
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.8 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4 => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0 => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0 => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@Nero.com/KM => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hehfmjlmadifgnaahehdnpcgcbmdgebg => not found
McComponentHostService => service not found.
avriccoc => service not found.
BAPIDRV => service not found.
dbx => service not found.
godbjomg => service not found.
jqgvaafh => service not found.
kiwzdllk => service not found.
pimwrxgh => service not found.
xhunter1 => service not found.
C:\Users\Administrador\AppData\Roaming\BYAIAMUF => moved successfully
C:\Users\Administrador\AppData\Roaming\D2Info0 => moved successfully
C:\Users\Administrador\AppData\Roaming\d7wtLNWp7jIXw => moved successfully
C:\Users\Administrador\AppData\Roaming\DofusAppId0_1 => moved successfully
C:\Users\Administrador\AppData\Roaming\DofusAppId0_2 => moved successfully
C:\Users\Administrador\AppData\Roaming\DofusAppId0_3 => moved successfully
C:\Users\Administrador\AppData\Roaming\DofusAppId0_4 => moved successfully
C:\Users\Administrador\AppData\Roaming\DofusAppId0_5 => moved successfully
C:\Users\Administrador\AppData\Roaming\gameboxsetup.exe => moved successfully
C:\Users\Administrador\AppData\Local\datos.txt => moved successfully
C:\Users\Administrador\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\Administrador\AppData\Local\resmon.resmoncfg => moved successfully
C:\Users\Administrador\AppData\Local\Temp-log.txt => moved successfully
C:\Users\Administrador\AppData\Local\transitiontransition_26b96f71c6eea7cd47565f4c02ed0c77.ini => moved successfully
C:\Users\Administrador\AppData\Local\{7F1DD215-7C33-44DE-975D-4CD17F0F12B9} => moved successfully
C:\Users\Administrador\AppData\Local\{A9A190BA-08B6-4152-9306-CF612822E0F9} => moved successfully
C:\Users\Administrador\AppData\Local\Temp\BlueStacksUninstaller.exe => moved successfully
C:\Users\Administrador\AppData\Local\Temp\HD-Common.dll => moved successfully
C:\Users\Administrador\AppData\Local\Temp\JSon.dll => moved successfully
C:\Users\Administrador\AppData\Local\Temp\nox_uninst.exe => moved successfully
C:\Users\Administrador\AppData\Local\Temp\systeminfo.exe => moved successfully
C:\Users\Ana\AppData\Local\Temp\avgnt.exe => moved successfully
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2528625941-651579818-236654835-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::9189:1065:e9af:ea22%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.37
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18722604 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 25533187 B
Edge => 0 B
Chrome => 361591792 B
Firefox => 15747825 B
Opera => 252180 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 148373 B
LocalService => 132372 B
NetworkService => 64116986 B
UpdatusUser => 0 B
Ana => 183814 B
Administrador => 346831571 B

RecycleBin => 0 B
EmptyTemp: => 794.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:28:14 ====

Muchas gracias por la ayuda.


#25

Hola.

Vamos a seguir comprobando tu equipo, para hacerlo usas este herramienta :

:arrow_right: Manual de UsbFix

Úsalo igualmente con el equipo/disco conectado directamente por un cable a un puerto USB directo del ordenador. :+1:

Nos pones los informes y comentas. :roll_eyes:

Saludos.


#26

Buenos días.

Os paso los informes, he hecho los tres limpiados, el full, el de windows, y el de usb, os dejo los tres informes en ese orden.

# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Versión : 11.011
# Base de datos : 2019.01.29 
# Contacto : https://www.usb-antivirus.com/es/contacto
# ----------------------------------------------------
# Tipo de escaneo : Full
# Usuario : Administrador (Administrador)
# Dispositivo : WIN-JKCQ8P2BBLH
# Comenzó : 08/02/2019 12:23:51
# ----------------------------------------------------

------------ | Discos analizados |

C:\	NTFS	(147GB/466GB)	[Fixed] 

------------ | Elemento(s) infectado(s) |


------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
04 - HKCU\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKCU\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKCU\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
04 - HKLM\..\Run : [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
04 - HKLM\..\Run : [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
04 - HKLM\..\Run : [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - [x64] HKLM\..\Run : [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-1000\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

------------ | Tasks |

Task - Adobe Acrobat Update Task --> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task - Adobe Flash Player PPAPI Notifier --> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe -check pepperplugin
Task - Adobe Flash Player Updater --> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task - AdobeGCInvoker-1.0-WIN-JKCQ8P2BBLH-Administrador --> C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
Task - CCleaner Update --> C:\Program Files\CCleaner\CCUpdate.exe
Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Task - DropboxUpdateTaskMachineCore --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d3ef67a56cb080 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d439f829b15556 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d45262205d27ce --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cf6aa64be58651 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfd45179cb4dad --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfec2d52bd2c5f --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d000decfbb71af --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d06e0354b2be3e --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d090b421936b3d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0bf3af473e2fc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0e23b309cf951 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ea308dcec4 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ef8d44d0047d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d11102bf5571f6 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d12d049f49b4c8 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d15dce763e93f3 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6f60ce3d57 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6fb19eb900 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1aaff3ea52cfc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1e9133fd55cd5 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Task - Norton WSC Integration --> "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe" /taskschd
Task - Opera scheduled Autoupdate 1517262459 --> C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
Task - User_Feed_Synchronization-{620B0231-AED2-4E7C-BB96-C2BADE9B7A94} --> C:\Windows\system32\msfeedssync.exe sync

------------ | C:\ %SystemDrive% - Disco fijo (NTFS) |

[07/02/2019 - 11:13:25 | A | 0 Ko] - DelFix.txt
[08/02/2019 - 12:07:59 | ASH | 3059148 Ko] - hiberfil.sys
[08/02/2019 - 12:08:03 | ASH | 4078864 Ko] - pagefile.sys
[18/12/2017 - 19:59:23 | ASH | 0 Ko] - partition_identifier_bc_new.platform
[05/02/2019 - 20:29:08 | SHD] - Config.Msi
[26/04/2014 - 21:57:48 | A | 0 Ko] - AVScanner.ini
[11/08/2014 - 09:26:10 | A | 0 Ko] - BackupLoader.ini
[02/11/2015 - 11:28:48 | A | 0 Ko] - ftconfig.ini
[16/01/2014 - 01:42:40 | A | 594 Ko] - SecurityScanner.dll
[08/09/2015 - 13:44:34 | SHD] - $Recycle.Bin
[19/04/2014 - 18:28:15 | A | 0 Ko] - autoexec.bat
[14/07/2009 - 04:20:08 | D] - PerfLogs
[14/07/2009 - 06:08:56 | SHD] - Documents and Settings
[10/03/2014 - 11:09:37 | SHD] - Archivos de programa
[10/03/2014 - 11:09:37 | SHD] - Recovery
[10/03/2014 - 17:18:13 | D] - Intel
[10/03/2014 - 17:27:13 | RHD] - MSOCache
[20/03/2014 - 13:35:40 | D] - Spacekace
[21/05/2014 - 15:40:08 | AH | 0 Ko] - F868451E796E
[24/05/2014 - 16:27:45 | D] - SUPERDelete
[09/01/2015 - 14:44:31 | D] - FSTool
[19/01/2015 - 22:32:04 | RD] - Users
[14/02/2015 - 05:14:27 | D] - 960186468abc0a36aecba590591f55
[16/02/2015 - 05:14:54 | D] - cca0d0aa049143b965f235af4d
[17/02/2015 - 05:15:12 | D] - b804be2c4ecb3b259a
[22/04/2015 - 18:59:53 | D] - RegBackup
[28/11/2015 - 18:45:12 | D] - Riot Games
[19/03/2016 - 21:42:31 | D] - AeriaGames
[28/12/2016 - 13:06:31 | HD] - MediaServer_Temp
[18/12/2017 - 19:59:24 | D] - RecData
[17/07/2018 - 10:42:43 | D] - c8e130bdd8085ccc79
[04/09/2018 - 12:14:17 | D] - temp
[23/01/2019 - 20:58:35 | D] - webqderxqp__
[23/01/2019 - 21:02:10 | D] - ixojghqvow__
[05/02/2019 - 20:21:15 | RD] - Program Files
[06/02/2019 - 16:47:19 | D] - AdwCleaner
[07/02/2019 - 11:32:08 | D] - FRST
[07/02/2019 - 20:44:33 | HD] - ProgramData
[07/02/2019 - 21:45:53 | D] - Windows
[08/02/2019 - 12:22:25 | RD] - Program Files (x86)

Elemento(s) infectado(s) : 1
Elementos analizados : 59751 en 00h 00m 08s

# UsbFix-Report-01.txt [8677B]

------------ | E.O.F  |
# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Versión : 11.011
# Base de datos : 2019.01.29 
# Contacto : https://www.usb-antivirus.com/es/contacto
# ----------------------------------------------------
# Tipo de escaneo : Windows
# Usuario : Administrador (Administrador)
# Dispositivo : WIN-JKCQ8P2BBLH
# Comenzó : 08/02/2019 12:25:22
# ----------------------------------------------------

------------ | Discos analizados |

C:\	NTFS	(152GB/466GB)	[Fixed] 

------------ | Elemento(s) infectado(s) |


------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
04 - HKCU\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKCU\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKCU\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
04 - HKLM\..\Run : [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
04 - HKLM\..\Run : [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
04 - HKLM\..\Run : [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - [x64] HKLM\..\Run : [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-1000\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

------------ | Tasks |

Task - Adobe Acrobat Update Task --> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task - Adobe Flash Player PPAPI Notifier --> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe -check pepperplugin
Task - Adobe Flash Player Updater --> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task - AdobeGCInvoker-1.0-WIN-JKCQ8P2BBLH-Administrador --> C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
Task - CCleaner Update --> C:\Program Files\CCleaner\CCUpdate.exe
Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Task - DropboxUpdateTaskMachineCore --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d3ef67a56cb080 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d439f829b15556 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d45262205d27ce --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cf6aa64be58651 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfd45179cb4dad --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfec2d52bd2c5f --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d000decfbb71af --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d06e0354b2be3e --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d090b421936b3d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0bf3af473e2fc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0e23b309cf951 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ea308dcec4 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ef8d44d0047d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d11102bf5571f6 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d12d049f49b4c8 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d15dce763e93f3 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6f60ce3d57 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6fb19eb900 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1aaff3ea52cfc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1e9133fd55cd5 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Task - Norton WSC Integration --> "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe" /taskschd
Task - Opera scheduled Autoupdate 1517262459 --> C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
Task - User_Feed_Synchronization-{620B0231-AED2-4E7C-BB96-C2BADE9B7A94} --> C:\Windows\system32\msfeedssync.exe sync

------------ | C:\ %SystemDrive% - Disco fijo (NTFS) |

[07/02/2019 - 11:13:25 | A | 0 Ko] - DelFix.txt
[08/02/2019 - 12:07:59 | ASH | 3059148 Ko] - hiberfil.sys
[08/02/2019 - 12:08:03 | ASH | 4078864 Ko] - pagefile.sys
[18/12/2017 - 19:59:23 | ASH | 0 Ko] - partition_identifier_bc_new.platform
[05/02/2019 - 20:29:08 | SHD] - Config.Msi
[26/04/2014 - 21:57:48 | A | 0 Ko] - AVScanner.ini
[11/08/2014 - 09:26:10 | A | 0 Ko] - BackupLoader.ini
[02/11/2015 - 11:28:48 | A | 0 Ko] - ftconfig.ini
[16/01/2014 - 01:42:40 | A | 594 Ko] - SecurityScanner.dll
[08/09/2015 - 13:44:34 | SHD] - $Recycle.Bin
[19/04/2014 - 18:28:15 | A | 0 Ko] - autoexec.bat
[14/07/2009 - 04:20:08 | D] - PerfLogs
[14/07/2009 - 06:08:56 | SHD] - Documents and Settings
[10/03/2014 - 11:09:37 | SHD] - Archivos de programa
[10/03/2014 - 11:09:37 | SHD] - Recovery
[10/03/2014 - 17:18:13 | D] - Intel
[10/03/2014 - 17:27:13 | RHD] - MSOCache
[20/03/2014 - 13:35:40 | D] - Spacekace
[21/05/2014 - 15:40:08 | AH | 0 Ko] - F868451E796E
[24/05/2014 - 16:27:45 | D] - SUPERDelete
[09/01/2015 - 14:44:31 | D] - FSTool
[19/01/2015 - 22:32:04 | RD] - Users
[14/02/2015 - 05:14:27 | D] - 960186468abc0a36aecba590591f55
[16/02/2015 - 05:14:54 | D] - cca0d0aa049143b965f235af4d
[17/02/2015 - 05:15:12 | D] - b804be2c4ecb3b259a
[22/04/2015 - 18:59:53 | D] - RegBackup
[28/11/2015 - 18:45:12 | D] - Riot Games
[19/03/2016 - 21:42:31 | D] - AeriaGames
[28/12/2016 - 13:06:31 | HD] - MediaServer_Temp
[18/12/2017 - 19:59:24 | D] - RecData
[17/07/2018 - 10:42:43 | D] - c8e130bdd8085ccc79
[04/09/2018 - 12:14:17 | D] - temp
[23/01/2019 - 20:58:35 | D] - webqderxqp__
[23/01/2019 - 21:02:10 | D] - ixojghqvow__
[05/02/2019 - 20:21:15 | RD] - Program Files
[06/02/2019 - 16:47:19 | D] - AdwCleaner
[07/02/2019 - 11:32:08 | D] - FRST
[07/02/2019 - 20:44:33 | HD] - ProgramData
[07/02/2019 - 21:45:53 | D] - Windows
[08/02/2019 - 12:22:25 | RD] - Program Files (x86)

Elemento(s) infectado(s) : 1
Elementos analizados : 59757 en 00h 00m 03s

# UsbFix-Report-02.txt [8680B]

------------ | E.O.F  |
# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Versión : 11.011
# Base de datos : 2019.01.29 
# Contacto : https://www.usb-antivirus.com/es/contacto
# ----------------------------------------------------
# Tipo de escaneo : USB
# Usuario : Administrador (Administrador)
# Dispositivo : WIN-JKCQ8P2BBLH
# Comenzó : 08/02/2019 12:25:58
# ----------------------------------------------------

------------ | Discos analizados |

No se detectan dispositivos para este tipo de escaneo.

------------ | Elemento(s) infectado(s) |


------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
04 - HKCU\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKCU\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKCU\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
04 - HKLM\..\Run : [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
04 - HKLM\..\Run : [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
04 - HKLM\..\Run : [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - [x64] HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - [x64] HKLM\..\Run : [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-1000\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [uTorrent] "C:\Users\Administrador\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
04 - HKU\S-1-5-21-2528625941-651579818-236654835-500\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

------------ | Tasks |

Task - Adobe Acrobat Update Task --> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task - Adobe Flash Player PPAPI Notifier --> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe -check pepperplugin
Task - Adobe Flash Player Updater --> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task - AdobeGCInvoker-1.0-WIN-JKCQ8P2BBLH-Administrador --> C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
Task - CCleaner Update --> C:\Program Files\CCleaner\CCUpdate.exe
Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Task - DropboxUpdateTaskMachineCore --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d3ef67a56cb080 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d439f829b15556 --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineCore1d45262205d27ce --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cf6aa64be58651 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfd45179cb4dad --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1cfec2d52bd2c5f --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d000decfbb71af --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d06e0354b2be3e --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d090b421936b3d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0bf3af473e2fc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0e23b309cf951 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ea308dcec4 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d0ef8d44d0047d --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d11102bf5571f6 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d12d049f49b4c8 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d15dce763e93f3 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6f60ce3d57 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d19c6fb19eb900 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1aaff3ea52cfc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineCore1d1e9133fd55cd5 --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Task - Norton WSC Integration --> "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe" /taskschd
Task - Opera scheduled Autoupdate 1517262459 --> C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
Task - User_Feed_Synchronization-{620B0231-AED2-4E7C-BB96-C2BADE9B7A94} --> C:\Windows\system32\msfeedssync.exe sync

Elemento(s) infectado(s) : 1
Elementos analizados : 40208 en 00h 00m 02s

# UsbFix-Report-03.txt [6737B]

------------ | E.O.F  |

Gracias por la ayuda. Pero el disco duro sigue igual.


#27

Hola.

Ya te dije que NO tenia apariencia que fuera por infección. :roll_eyes:

La única alternativa que puedes probar seria intentar acceder a ese disco(si se deja) con alguna versión de sistema operativo distinta a windows. :thinking:

Prueba con estos pasos :arrow_right: ¿Cómo puedo salvar mis archivos si en mi PC NO arranca el sistema? o ¿Cómo hacer un Livecd.?

Céntrate en los pasos de como iniciar el equipo con un LiveCD para luego intentar visualizar e incluso copiar los archivos/carpetas que puedas tener en el disco duro dañado, mantén siempre el disco dañado al equipo con el cable directamente al puerto USB.

Prueba con esa opción y nos comentas.

Saludos.


#28

Buenas noches.

He intentado hacer lo de livecd, pero no lo consigo, no me sale como en las instrucciones y no sé como hacerlo, sobre todo no entiendo los pasos, no da la suficiente información desde la descarga del archivo.

saludos.


#29

Hola.

Por favor, dinos exactamente que es lo que NO entiendes o donde te quedas parada.??


#30

Hola.

Es desde el primer paso, desde que tengo que descargar el iso, porque lo descargo y no tiene ningun icono y hay que asignarle uno, desde que se dice que se tiene que asociar con agun programa, yo no se hacerlo.


#31

Hola.

Para que tengas un icono asociado a un archivo de tipo ISO debes tener en tu ordenador un programa que lo identifique/asocie y en caso de NO tenerlo debes descargar alguno como los que se indican en el tema que te puse "(Nero, Roxio, Alcohol 120 %, IsoBurner, etc…)

Alternativamente a realizar un DVD/CD de arranque con la imagen ISO descargada también se pueden usar unidades USB y crear un LiveUSB alternativo al LiveCD para hacer/crear ese LiveUSB puedes usar programas alternativos como los que se indican aquí :

Revisalos y cualquier duda nos comentas.

Saludos.