Buenos dias, El PC se me infectó y después de eliminar malware con diferentes programas, observo que el gmail no me funciona. Carga la página pero al elegir cualquiera de las cuentas que tengo con gmail ninguna responde al click del ratón. Mi PC es de torre, SO.Windows 7 pro, 64 bits Agradeceria ayuda.
Hola @Bfenix
Qué programas utilizaste paea desinfectar tu equipo?
Vas a revisar que no queden infecciones.
Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:
1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.
- Realiza un Análisis personalizado, actualizando si te lo pide.
- Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
- En el apartado del manual Informes
Informe de análisis encontrarás el reporte de MBAM, clic en Exportar Copiar al portapapeles.
2) Descarga AdwCleaner | InfoSpyware en el escritorio.
- Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus.
- Cierra también todos los programas que tengas abiertos.
- Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
- Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
- Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
- Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
- El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt
3) Descarga CCleaner
- Instala Ccleaner
- Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine clic en ejecutar limpiador
- Clic en la pestaña Registro clic en buscar problemas esperas que termine clic en Reparar Seleccionadas y haces una copia de seguridad
- Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.
Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.
Un saludo
Ante todo muchas gracias por su pronta respuesta ! Los programas que utilicé (por este orden) fueron: CCleaner, SUPERAntispyware, AdwCleaner y Malwarebites. En modalidad de análisis rápido.
He seguido sus instrucciones y le adjunto informes. El problema persiste.
Malwarebytes
-Detalles del registro-
Fecha del análisis: 14/7/19
Hora del análisis: 12:42
Archivo de registro: 1161ecc2-a624-11e9-bc75-5404a6938746.json
Administrador: Sí
-Información del software-
Versión: 3.5.1.2522
Versión de los componentes: 1.0.365
Versión del paquete de actualización: 1.0.11540
Licencia: Gratis
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Usuario-PC\Usuario
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 334601
Amenazas detectadas: 5
Amenazas en cuarentena: 5
Tiempo transcurrido: 1 hr, 50 min, 29 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 2
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B1C9B5E8-B4F0-4293-8260-A860A3EB4CEF}|NameServer, Sustituido, [3067], [706134],1.0.11540
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{90A8E6E6-3698-401D-9BE3-C351DB60532F}|NameServer, Sustituido, [3067], [706134],1.0.11540
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 3
Adware.DownloadAssistant, C:\USERS\USUARIO\PAPA\PROGRAMAS\ZZZ\DESCARGAS\TENORSHARE_4UKEY_2.0.1-1102D3EDDD.EXE, En cuarentena, [8131], [707740],1.0.11540
PUP.Optional.MailRu, C:\ADWCLEANER\QUARANTINE\V1\20190714.102855\8\MAIL.RU.LNK#9D18CF5BE526F636, En cuarentena, [254], [511420],1.0.11540
PUP.Optional.PCProtect, C:\ADWCLEANER\QUARANTINE\RYWTIIZS2T\TOTALAV.EXE, En cuarentena, [4539], [354597],1.0.11540
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-14-2019
# Duration: 00:00:15
# OS: Windows 7 Professional
# Scanned: 27198
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [1954 octets] - [14/09/2018 08:34:03]
AdwCleaner[C00].txt - [2010 octets] - [14/09/2018 08:35:07]
AdwCleaner[S01].txt - [1379 octets] - [16/11/2018 08:42:23]
AdwCleaner[S02].txt - [1440 octets] - [06/01/2019 10:43:57]
AdwCleaner[S03].txt - [1501 octets] - [06/01/2019 10:44:39]
AdwCleaner[S04].txt - [1562 octets] - [21/02/2019 16:23:38]
AdwCleaner[S05].txt - [3048 octets] - [14/03/2019 08:52:39]
AdwCleaner[C05].txt - [2850 octets] - [14/03/2019 08:52:55]
AdwCleaner[S06].txt - [1745 octets] - [15/03/2019 13:18:36]
AdwCleaner[S07].txt - [2280 octets] - [16/06/2019 17:50:40]
AdwCleaner[C07].txt - [2354 octets] - [16/06/2019 17:50:58]
AdwCleaner[S08].txt - [1928 octets] - [10/07/2019 00:03:04]
AdwCleaner[S09].txt - [3835 octets] - [14/07/2019 10:28:40]
AdwCleaner[C09].txt - [3653 octets] - [14/07/2019 10:28:58]
AdwCleaner[S10].txt - [2111 octets] - [14/07/2019 10:52:18]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S11].txt ##########
Disculpe si no he sabido interpretar lo de las etiquetas CODE
Hola
Tienes una versión antigua de Malwarebytes, actualizalo y realiza un nuevo análisis personalizado, vamos a ver si detecta algo más.
El reporte de AdwCleaner es del escaneo, le diste luego a limpiar? Y Si no es así vuelve a ejecutarlo y recuerda mandar a cuarentena lo que detecte.
Pon los dos reportes y comenta cómo sigue el problema.
Un saludo
He actualizado el programa. Creo que no ha detectado nada mas:
Malwarebytes
-Detalles del registro-
Fecha del análisis: 14/7/19
Hora del análisis: 15:55
Archivo de registro: 0deddd6a-a63f-11e9-865f-5404a6938746.json
-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11542
Licencia: Prueba
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Usuario-PC\Usuario
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 326929
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 43 min, 58 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Si, había limpiado, no obstante he pasado de nuevo el programa. Este es el resultado:
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-14-2019
# Duration: 00:00:00
# OS: Windows 7 Professional
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329\invalidprefs.js
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1954 octets] - [14/09/2018 08:34:03]
AdwCleaner[C00].txt - [2010 octets] - [14/09/2018 08:35:07]
AdwCleaner[S01].txt - [1379 octets] - [16/11/2018 08:42:23]
AdwCleaner[S02].txt - [1440 octets] - [06/01/2019 10:43:57]
AdwCleaner[S03].txt - [1501 octets] - [06/01/2019 10:44:39]
AdwCleaner[S04].txt - [1562 octets] - [21/02/2019 16:23:38]
AdwCleaner[S05].txt - [3048 octets] - [14/03/2019 08:52:39]
AdwCleaner[C05].txt - [2850 octets] - [14/03/2019 08:52:55]
AdwCleaner[S06].txt - [1745 octets] - [15/03/2019 13:18:36]
AdwCleaner[S07].txt - [2280 octets] - [16/06/2019 17:50:40]
AdwCleaner[C07].txt - [2354 octets] - [16/06/2019 17:50:58]
AdwCleaner[S08].txt - [1928 octets] - [10/07/2019 00:03:04]
AdwCleaner[S09].txt - [3835 octets] - [14/07/2019 10:28:40]
AdwCleaner[C09].txt - [3653 octets] - [14/07/2019 10:28:58]
AdwCleaner[S10].txt - [2111 octets] - [14/07/2019 10:52:18]
AdwCleaner[S11].txt - [2283 octets] - [14/07/2019 14:44:21]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C11].txt ##########
El problema todavía persiste.
Hola
Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
- Ejecuta FRST.exe.
- En el mensaje de la ventana del Disclaimer, pulsamos Yes
- En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
- Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Pon los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Un saludo
Iré publicando los 2 informes en varios mensajes
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2019
Ran by Usuario (administrator) on USUARIO-PC (14-07-2019 17:19:15)
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [316848 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {036A5264-8CDE-473D-BCD3-7E791620BA5B} - System32\Tasks\{674DF696-C628-4E7A-8357-811B92CEAD98} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\PAPA\Programas\zzz\Nero Vision 3\Nero Vision 3.1.0.21.exe" -d "C:\Users\Usuario\PAPA\Programas\zzz\Nero Vision 3"
Task: {105C0113-84BB-4234-9181-C685092E79A2} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2314008 2019-06-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {1317A0D8-1DD9-4FDE-88ED-7544C77E580C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {17E518C5-F1F5-4287-B82A-BECAF384C4A9} - System32\Tasks\{B8EF9A02-BC90-428C-B603-DB36127584F8} => C:\Users\Usuario\PAPA\Programas\zzz\FreeRapid-0.9u4\frd.exe [35840 2014-05-18] (Vity) [File not signed]
Task: {1B16B20C-B513-44CC-B9C4-DA673263B61D} - System32\Tasks\{C3209CBF-B228-48DF-BAFE-5C1AEFB31C61} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Mipony 2.2.4\Desinstalador.exe" -d "C:\Program Files (x86)\Mipony 2.2.4"
Task: {225408B4-08AD-4344-A635-C91730852D75} - System32\Tasks\{D383DD78-6ACD-4208-91DB-3AA90719058F} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\PAPA\Programas\zzz\TL-WN422G_v2_100324\Setup.exe -d C:\Users\Usuario\PAPA\Programas\zzz\TL-WN422G_v2_100324
Task: {28FC17AB-90B1-42A9-81BF-DCA1B06221C2} - System32\Tasks\{CEDBC5BD-EC81-4A5B-A065-0FCAC6FDC479} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\PAPA\Programas\zzz\epson375128eu.exe -d C:\Users\Usuario\PAPA\Programas\zzz
Task: {2EE4FE67-D5F5-490E-97ED-EAAB4E20F46F} - System32\Tasks\{255307FA-EF09-4DD2-B9E1-9EA2E920E9C5} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\Desktop\60G1D4302-04(5.6.0.8700_6.5.1.3400_12.0.0.2700)\WIN7\Setup.exe -d C:\Users\Usuario\Desktop\60G1D4302-04(5.6.0.8700_6.5.1.3400_12.0.0.2700)\WIN7
Task: {30C02AAD-1C38-43E2-A565-2EE17512BF33} - System32\Tasks\EPSON XP-342 343 345 Series Update {58856FE9-A24F-456A-8538-6F0875B5C079} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSREE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {3F2834D5-73F5-4D5C-8CAF-0716C1D3C0C1} - System32\Tasks\{8A945590-32B1-4682-9ECA-A1D4F74402D3} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\IconViewer\Setup.exe" -d "C:\Program Files (x86)\IconViewer"
Task: {4124C230-0F6D-4ACF-803A-8F8329671F32} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [570240 2017-02-14] (Apple Inc. -> Apple Inc.)
Task: {46377963-C2B6-4BC1-ACC1-BDADB77E9E65} - System32\Tasks\ftcnytyzhhqcfmt => msiexec.exe /quiet /i "C:\Users\Usuario\AppData\Roaming\vbyyrnwiputz\sfbcyrcldrwygid.msi" WEBID=PP_MN_P3 TKNME=ftcnytyzhhqcfmt
Task: {476D717E-85B7-4AAF-8C80-9AB851C41B58} - System32\Tasks\{E81FDF6D-8773-4E86-A3D8-46CB1E24FDE9} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\Desktop\NDP30SP2-KB976570-x64.exe -d C:\Users\Usuario\Desktop
Task: {4D1B588B-7743-4C59-8D46-C9748534EAD2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {570AA6AC-7735-4F5E-AF23-FC182774C890} - System32\Tasks\{8B82222B-FA57-46DE-BE73-3673FB456C82} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\PAPA\TL-WN422G_v2_100611\Setup.exe -d C:\Users\Usuario\PAPA\TL-WN422G_v2_100611
Task: {5C7EF7C0-244E-4D3D-B599-4D703A094ADC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-11] (Adobe Inc. -> Adobe)
Task: {5F347D0A-D0D2-43A3-B693-40BA01560B07} - System32\Tasks\{8F2A0D64-F416-4ED3-A903-424FF3073317} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\Desktop\mami\jocs\Instalaciones\Instalar3.exe -d C:\Users\Usuario\Desktop\mami\jocs\Instalaciones
Task: {6B3C42AB-5732-46F2-BC3E-936D1E4C07F7} - System32\Tasks\Health-Check-auto => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {6F360C03-F988-444F-AB6A-C304982F142D} - System32\Tasks\Microsoft\Windows\Wininet\CacheTask => {0358b920-0ac7-461f-98f4-58e32cd89148}
Task: {7432DA14-E1F3-45BD-9992-5C69D112BA37} - System32\Tasks\{5AF48EB2-CAE1-4C7E-8B8F-D3FCFC0802B5} => C:\Users\Usuario\PAPA\Programas\zzz\FreeRapid-0.9u4\frd.exe [35840 2014-05-18] (Vity) [File not signed]
Task: {7B9177BC-03D7-4A55-B034-023C1DDC351D} - System32\Tasks\EPSON XP-342 343 345 Series Update {66578C5C-8161-4657-A5C2-7F46CFB5185F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSREE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {7D3A43E1-74E1-4AC7-8906-1C58092BAD33} - System32\Tasks\{0525AD5C-FCF1-45CE-A6E6-55C8C2BD8585} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OW52VEG1\JavaSetup8u60.exe" -d C:\Users\Usuario\Desktop
Task: {835DC05D-6450-41B1-A1E6-4576C85A5B2B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {85C18F9C-179A-45C3-9141-00959411F49B} - System32\Tasks\{0B780F06-0BFF-41E0-BDF4-DE9E0A43D66F} => C:\Windows\system32\pcalua.exe -a "G:\Nero Vision 4 Portable Rus.exe" -d G:\
Task: {85C6E627-C30F-44C0-BDFF-A203F97FAEC5} - System32\Tasks\{5AF37BF2-D23C-45BE-AB5A-D010B37BC720} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3JQQ6PCF\JavaSetup8u121.exe" -d C:\Users\Usuario\Desktop
Task: {86822D77-87D9-43E1-A0AF-7C7D83ACE59E} - System32\Tasks\{4C0E1A18-32EB-4487-89E6-D8096FA2E337} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\SmartCardReader\install.exe"
Task: {86971D62-C652-4628-B2B7-78FAA2C4CE66} - System32\Tasks\MICROSOFT\WINDOWS\SECURHOSTTSK => C:\Windows\debug\th\th.vbs
Task: {90EFC67F-6B42-4D52-943D-4BEC8B36D652} - System32\Tasks\{3A19B8D7-B587-4F9E-81FE-A05787C1FC0D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\PAPA\TL-WN422G V2\Setup.exe" -d "C:\Users\Usuario\PAPA\TL-WN422G V2"
Task: {97E9E32D-24E3-499A-9541-0EF22E8ABDBF} - System32\Tasks\{BA2EE899-DDBD-43EC-9464-3DE1ED914222} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\PAPA\Programas\zzz\Cambio PIN DNI.exe" -d C:\Users\Usuario\PAPA\Programas\zzz
Task: {A2EBCF17-8B7D-45A8-B528-A6B660AB9FD4} - System32\Tasks\{ECB88F70-0330-4582-BB40-1C9FF4B13D48} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\PAPA\Programas\ashampoo\ashampoo_movieshrinkburn221_sm.exe -d C:\Users\Usuario\PAPA\Programas\ashampoo
Task: {A5E2D90C-2A86-4BEA-90BA-557C9BFD72AD} - System32\Tasks\{073B4DB9-85CD-4737-9EC2-2196C5AF24D8} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\PAPA\Programas\zzz\internet-connection-repair-tool-.exe -d C:\Users\Usuario\PAPA\Programas\zzz
Task: {AFB2812E-41C5-4F0C-B529-89F4ACEE8B38} - \SidebarExecute -> No File <==== ATTENTION
Task: {B1CD7104-52F4-4BB6-9F8F-9AFDABBB5504} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B81AD3EC-AF0C-486F-B38B-73921723FB45} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {BD308902-42A1-4205-8162-32CCC1B27798} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {BE49C077-2250-490F-BE2E-A2ED57CE323F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-08-24] (Piriform Ltd -> Piriform Ltd)
Task: {BEC6BFF8-4B11-4B91-8C50-F10A722FDB1D} - System32\Tasks\{F83F4451-AAE2-4C22-B559-64EB0430E317} => C:\Windows\system32\pcalua.exe -a D:\WIN7\Setup.exe -d D:\WIN7
Task: {C459C796-EBE6-4D0A-841A-09A8AA5BE13F} - System32\Tasks\{98D24010-BEDC-4D51-B9AB-28FA2D1268CC} => C:\Program Files (x86)\Driver Identifier\DriverIdentifier.exe
Task: {CB06ED89-457F-469D-88F2-6B58B6BBD688} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
Task: {CCC81357-4329-48AB-944E-A4021D12A8D2} - System32\Tasks\{5CE96762-5D03-4C14-8A82-6A66E6CB0CF9} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\Desktop\dotnetfx35.exe -d C:\Users\Usuario\Desktop
Task: {D9823C01-C762-4B43-B078-C97D8E34577A} - System32\Tasks\Opera scheduled Autoupdate 1551170994 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [1519640 2019-07-03] (Opera Software AS -> Opera Software)
Task: {E790EF6F-C029-4D69-B6D2-64F8436EE3D0} - System32\Tasks\{AD327771-3123-4EBF-A187-4F63E0CFDBF1} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\PAPA\Programas\zzz\IconTweaker.exe -d C:\Users\Usuario\PAPA\Programas\zzz
Task: {EDC325EB-B6C3-4190-84B7-D512D237E595} - System32\Tasks\{49EA9CF4-C87B-42B1-8E63-6C8F94200B26} => C:\Users\Usuario\Desktop\IE11-Windows6.1-x64-es-es(1).exe
Task: {F252D833-5E5B-43C4-B4F6-13392014487D} - System32\Tasks\{1795ED53-BA72-4594-BA7C-B30A349ECCFF} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\PAPA\Programas\Adaware\Adaware_Installer.exe -d C:\Users\Usuario\PAPA\Programas\Adaware
Task: {FB541701-3D9F-43E5-80A7-DF6D83213B54} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3987888 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {58856FE9-A24F-456A-8538-6F0875B5C079}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSREE.EXE:/EXE:{58856FE9-A24F-456A-8538-6F0875B5C079} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {66578C5C-8161-4657-A5C2-7F46CFB5185F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSREE.EXE:/EXE:{66578C5C-8161-4657-A5C2-7F46CFB5185F} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\Health-Check-auto.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.166.211.2 212.166.132.104
Tcpip\..\Interfaces\{90A8E6E6-3698-401D-9BE3-C351DB60532F}: [NameServer] 92.246.76.123,,116.203.6.218,
Tcpip\..\Interfaces\{B1C9B5E8-B4F0-4293-8260-A860A3EB4CEF}: [NameServer] 92.246.76.123,,116.203.6.218,
Tcpip\..\Interfaces\{B1C9B5E8-B4F0-4293-8260-A860A3EB4CEF}: [DhcpNameServer] 212.166.211.2 212.166.132.104
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-662850928-3325907665-2809455224-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-05-27] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-12-10] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-12-10] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-12-10] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-12-10] (Microsoft Windows -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: dn18mykk.default-1485788150329
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 [2019-07-14]
FF Homepage: Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 -> www.ara.cat
FF NetworkProxy: Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 -> backup.ftp", "195.138.83.188"
FF HomepageOverride: Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 -> Enabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (IBM Security Rapport) - C:\Users\Usuario\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2019-01-31] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Captura de página completa - FireShot) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}.xpi [2019-02-27]
FF Extension: (Malwarebytes Browser Extension) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2019-04-11]
FF Extension: (Flash y descarga de video) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-08-28]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF ProfilePath: C:\ProgramData [2019-07-14]
FF Extension: (Muter) - C:\ProgramData\Extensions\[email protected] [2019-06-16] [Legacy] [not signed]
FF Extension: (iMacros for Firefox) - C:\ProgramData\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2019-06-16] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]_xpi
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]_xpi [2019-06-16] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.ebay.es/
CHR StartupUrls: Default -> "hxxps://www.ebay.es/"
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2019-07-14]
CHR Extension: (Video Downloader professional) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeeajafchghccbnppaimjhhfpejabole [2019-06-04]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-20]
CHR Extension: (Malwarebytes Browser Extension) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2019-04-10]
CHR Extension: (Captura de página completa - FireShot) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2019-03-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-14]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-14]
CHR HKU\S-1-5-21-662850928-3325907665-2809455224-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [415032 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6845400 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-01-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S2 FirmwareService; C:\Users\Usuario\AppData\Roaming\Tenorshare\Service\FirmwareService.exe [41880 2018-02-06] (Tenorshare Co.,Ltd. -> )
S2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [806352 2019-03-12] (ICEpower a/s -> ICEpower)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [116224 2019-01-26] (Microsoft Corporation) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe [320512 2009-10-23] (Solid Documents, LLC) [File not signed]
S3 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [472800 2017-03-21] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1931264 2011-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37368 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [209304 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [263784 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [206624 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61736 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42552 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [169160 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [112568 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [88208 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1031048 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [477336 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [225864 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [387440 2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-16] (Martin Malik - REALiX -> REALiX(tm))
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Generic USB smartcard reader)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R1 RapportCerberus_1930247; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1930247.sys [1657968 2019-01-31] (IBM -> IBM Corp.)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation) [File not signed]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [1094496 2018-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Realtek )
S3 ssadmdfl; C:\Windows\System32\DRIVERS\ssadmdfl.sys [16872 2010-08-27] (MCCI Internal Testing Software -> MCCI Corporation) [File not signed]
S3 ssadmdm; C:\Windows\System32\DRIVERS\ssadmdm.sys [159208 2010-08-27] (MCCI Internal Testing Software -> MCCI Corporation) [File not signed]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 vrvd5; C:\Windows\System32\DRIVERS\vrvd5.sys [13344 2015-03-09] (Rsupport Co., Ltd. -> Rsupport Corporation)
S1 SASDIFSV; \??\C:\Users\Usuario\Desktop\SASDIFSV64.SYS [X]
S1 SASKUTIL; \??\C:\Users\Usuario\Desktop\SASKUTIL64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 17:19 - 2019-07-14 17:20 - 000029534 _____ C:\Users\Usuario\Desktop\FRST.txt
2019-07-14 17:19 - 2019-07-14 17:19 - 000000000 ____D C:\FRST
2019-07-14 17:17 - 2019-07-14 17:17 - 002095104 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2019-07-14 15:53 - 2019-07-14 15:53 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2019-07-14 15:52 - 2019-07-14 15:52 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2019-07-14 15:52 - 2019-07-14 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-14 15:52 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-14 10:52 - 2019-07-14 10:54 - 000207094 _____ C:\TDSSKiller.3.1.0.26_14.07.2019_10.52.58_log.txt
2019-07-14 10:47 - 2019-07-14 10:51 - 000000282 __RSH C:\ProgramData\ntuser.pol
2019-07-14 10:31 - 2019-07-14 10:36 - 000000004 _____ C:\ProgramData\lock.dat
2019-07-14 10:31 - 2019-07-14 10:31 - 000000008 _____ C:\ProgramData\ts.dat
2019-07-14 10:31 - 2019-07-14 10:31 - 000000004 _____ C:\ProgramData\irw.atsd
2019-07-14 10:09 - 2019-07-14 10:09 - 000000000 ____D C:\ProgramData\TempLogs
2019-07-14 09:54 - 2019-07-14 09:54 - 000000000 ____D C:\ProgramData\Lamia
2019-07-14 09:54 - 2019-07-14 09:54 - 000000000 ____D C:\ProgramData\jQNJzOXEnOPr
2019-07-14 09:53 - 2019-07-14 10:47 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\1337
2019-07-14 09:53 - 2019-07-14 10:45 - 000000000 ____D C:\Windows\System32\Tasks\System
2019-07-14 09:53 - 2019-07-14 09:53 - 000003242 _____ C:\Windows\System32\Tasks\ftcnytyzhhqcfmt
2019-07-14 09:53 - 2019-07-14 09:53 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vbyyrnwiputz
2019-07-14 09:52 - 2019-07-14 09:56 - 000000000 ____D C:\Program Files (x86)\InlogOptimizer
2019-07-14 09:52 - 2019-07-14 09:54 - 000000000 ____D C:\Users\Usuario\AppData\Local\Mail.Ru
2019-07-14 09:52 - 2019-07-14 09:52 - 000825856 _____ C:\Default.xml
2019-07-14 09:52 - 2019-07-14 09:52 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-07-14 09:47 - 2019-07-14 10:18 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2019-07-14 09:37 - 2019-07-14 09:37 - 000363440 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2019-07-14 09:37 - 2019-07-14 09:37 - 000225864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2019-07-14 09:37 - 2019-07-14 09:37 - 000169160 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2019-07-12 09:37 - 2019-07-14 11:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-11 14:25 - 2019-07-11 14:25 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-10 09:23 - 2019-07-10 09:23 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Tenorshare
2019-07-10 08:40 - 2019-06-28 07:24 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-10 08:40 - 2019-06-28 07:24 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-07-10 08:40 - 2019-06-28 07:24 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-10 08:40 - 2019-06-28 07:24 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-07-10 08:40 - 2019-06-28 07:24 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-10 08:40 - 2019-06-28 07:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2019-07-10 08:40 - 2019-06-28 07:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2019-07-10 08:40 - 2019-06-28 07:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2019-07-10 08:40 - 2019-06-28 07:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-10 08:40 - 2019-06-21 05:09 - 001555456 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-10 08:40 - 2019-06-21 05:09 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-07-10 08:40 - 2019-06-21 05:05 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-07-10 08:40 - 2019-06-21 05:04 - 001082880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-10 08:40 - 2019-06-21 04:44 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-07-10 08:40 - 2019-06-13 05:25 - 000160488 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-10 08:40 - 2019-06-13 05:21 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-10 08:40 - 2019-06-12 17:23 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-07-10 08:40 - 2019-06-12 17:23 - 003964136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-07-10 08:40 - 2019-06-12 17:22 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-07-10 08:40 - 2019-06-12 17:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-07-10 08:40 - 2019-06-12 17:21 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-07-10 08:40 - 2019-06-12 17:21 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-07-10 08:40 - 2019-06-12 17:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-07-10 08:40 - 2019-06-12 17:21 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-10 08:40 - 2019-06-12 17:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-07-10 08:40 - 2019-06-12 17:21 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-07-10 08:40 - 2019-06-12 17:21 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-07-10 08:40 - 2019-06-12 17:21 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-07-10 08:40 - 2019-06-12 17:21 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 002136064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-07-10 08:40 - 2019-06-12 17:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:15 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-10 08:40 - 2019-06-12 17:11 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-10 08:40 - 2019-06-12 17:11 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-10 08:40 - 2019-06-12 17:11 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-07-10 08:40 - 2019-06-12 17:11 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-07-10 08:40 - 2019-06-12 17:10 - 005550824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-10 08:40 - 2019-06-12 17:10 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-07-10 08:40 - 2019-06-12 17:09 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-07-10 08:40 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-07-10 08:40 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000641024 _____ (Microsoft Corporation) =C:\Windows\system32\msscp.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-07-10 08:40 - 2019-06-12 17:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-07-10 08:40 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-07-10 08:40 - 2019-06-12 17:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-07-10 08:40 - 2019-06-12 17:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-07-10 08:40 - 2019-06-12 17:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-10 08:40 - 2019-06-12 16:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-07-10 08:40 - 2019-06-12 16:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-07-10 08:40 - 2019-06-12 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-07-10 08:40 - 2019-06-12 16:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2019-07-10 08:40 - 2019-06-12 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-07-10 08:40 - 2019-06-12 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-07-10 08:40 - 2019-06-12 16:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-07-10 08:40 - 2019-06-12 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-07-10 08:40 - 2019-06-12 16:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-07-10 08:40 - 2019-06-12 16:42 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-07-10 08:40 - 2019-06-12 16:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-10 08:40 - 2019-06-12 16:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-07-10 08:40 - 2019-06-12 16:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-07-10 08:40 - 2019-06-12 16:39 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-07-10 08:40 - 2019-06-12 16:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-07-10 08:40 - 2019-06-12 16:37 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2019-07-10 08:40 - 2019-06-12 16:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-07-10 08:40 - 2019-06-12 16:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-07-10 08:40 - 2019-06-12 16:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-07-10 08:40 - 2019-06-12 16:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-10 08:40 - 2019-06-12 16:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-07-10 08:40 - 2019-06-12 16:36 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-10 08:40 - 2019-06-12 16:36 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-07-10 08:40 - 2019-06-12 16:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-07-10 08:40 - 2019-06-12 16:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-07-10 08:40 - 2019-06-12 16:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-07-10 08:40 - 2019-06-12 16:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-07-10 08:40 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-07-10 08:40 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-07-10 08:40 - 2019-06-12 16:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-07-10 08:40 - 2019-06-12 16:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-07-10 08:40 - 2019-06-11 04:59 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-10 08:40 - 2019-06-11 04:59 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-10 08:40 - 2019-06-11 04:59 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-10 08:40 - 2019-06-11 04:59 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-10 08:40 - 2019-06-11 04:59 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-07-10 08:40 - 2019-06-11 04:59 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-10 08:40 - 2019-06-11 04:59 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-10 08:40 - 2019-06-11 04:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-10 08:40 - 2019-06-09 17:20 - 003229184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-10 08:40 - 2019-06-09 17:19 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2019-07-10 08:40 - 2019-06-09 17:08 - 003730432 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-10 08:40 - 2019-06-09 17:08 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-07-10 08:40 - 2019-06-09 17:07 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2019-07-10 08:40 - 2019-06-09 17:04 - 001053184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2019-07-10 08:40 - 2019-06-09 17:04 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-07-10 08:40 - 2019-06-09 16:49 - 001120768 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2019-07-10 08:40 - 2019-06-09 16:49 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2019-07-10 08:40 - 2019-06-07 17:18 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-07-10 08:40 - 2019-06-07 17:08 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-07-10 08:40 - 2019-06-07 17:08 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-10 08:40 - 2019-06-07 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-07-10 08:40 - 2019-06-07 16:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-07-10 08:40 - 2019-06-02 05:50 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-10 08:39 - 2019-06-12 17:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-07-10 08:39 - 2019-06-12 17:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-07-10 08:39 - 2019-06-12 17:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-07-10 08:39 - 2019-06-12 17:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:08 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-07-10 08:39 - 2019-06-12 17:07 - 002646528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-07-10 08:39 - 2019-06-12 17:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-07-10 08:39 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-07-10 08:39 - 2019-06-12 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-07-10 08:39 - 2019-06-12 17:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 16:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-07-10 08:39 - 2019-06-12 16:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-07-10 08:39 - 2019-06-12 16:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-07-10 08:39 - 2019-06-12 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-07-10 08:39 - 2019-06-12 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-07-10 08:39 - 2019-06-07 17:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-07-10 08:39 - 2019-06-07 17:08 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-07-09 16:44 - 2019-07-10 14:37 - 000000000 ____D C:\Users\Usuario\Desktop\ROMA Jul2019
2019-07-09 10:31 - 2019-07-09 10:31 - 000000193 _____ C:\Windows\WORDPAD.INI
2019-07-08 10:31 - 2019-07-10 12:58 - 000000000 ____D C:\Users\Usuario\Desktop\Reclamacion vuelo
2019-07-01 07:42 - 2019-07-01 07:42 - 000089600 _____ C:\Users\Usuario\Desktop\Copia de export201971.xls
2019-06-17 13:11 - 2019-06-17 13:11 - 000002563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2019-06-17 13:11 - 2019-06-17 13:11 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2019-06-17 13:11 - 2019-06-17 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-06-17 13:11 - 2019-06-17 13:11 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2019-06-17 13:10 - 2019-06-17 13:10 - 000000000 ____D C:\Program Files\iPod
2019-06-17 13:09 - 2019-06-17 13:09 - 000000000 ____D C:\Program Files\Bonjour
2019-06-17 13:09 - 2019-06-17 13:09 - 000000000 ____D C:\Program Files (x86)\Bonjour
2019-06-16 18:14 - 2019-06-20 07:42 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-16 17:31 - 2019-06-04 01:11 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-16 17:31 - 2019-06-04 01:11 - 000474112 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-16 17:31 - 2019-06-04 01:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-16 17:31 - 2019-05-25 02:04 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-16 17:31 - 2019-05-25 02:03 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-06-16 17:31 - 2019-05-25 01:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-16 17:31 - 2019-05-25 01:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-06-16 17:31 - 2019-05-23 04:06 - 001829888 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-06-16 17:31 - 2019-05-23 04:06 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-16 17:31 - 2019-05-23 04:06 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-06-16 17:31 - 2019-05-23 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-16 17:31 - 2019-05-23 04:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-06-16 17:31 - 2019-05-23 03:58 - 001161728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-06-16 17:31 - 2019-05-23 03:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-06-16 17:31 - 2019-05-23 03:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-16 17:31 - 2019-05-23 03:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-06-16 17:31 - 2019-05-17 20:21 - 000372456 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-06-16 17:31 - 2019-05-13 16:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-16 17:31 - 2019-05-13 16:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-16 17:31 - 2019-05-13 16:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-16 17:31 - 2019-05-13 16:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-16 17:31 - 2019-05-09 17:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-16 17:31 - 2019-05-09 17:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-06-16 17:31 - 2019-05-09 17:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-06-16 17:31 - 2019-05-09 17:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-06-16 17:31 - 2019-05-09 17:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-06-16 17:31 - 2019-05-09 17:09 - 000114400 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-06-16 17:31 - 2019-05-09 17:07 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-16 17:31 - 2019-05-09 17:07 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-06-16 17:31 - 2019-05-09 17:07 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-06-16 17:31 - 2019-05-09 17:06 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-06-16 17:31 - 2019-05-09 17:06 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-06-16 17:31 - 2019-05-09 17:06 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-06-16 17:31 - 2019-05-09 16:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-06-16 17:31 - 2019-05-09 16:40 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-06-16 17:31 - 2019-04-30 04:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-16 17:31 - 2019-04-30 03:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-16 17:31 - 2019-04-25 17:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-16 17:31 - 2019-04-25 17:06 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-16 17:31 - 2019-04-24 17:11 - 001893096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-16 17:31 - 2019-04-24 17:09 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-06-16 17:31 - 2019-04-24 17:09 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-16 17:31 - 2019-04-12 15:05 - 000994384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000064248 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000016120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000014288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000014072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000012536 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:05 - 000011504 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-06-16 17:31 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-06-16 17:31 - 2019-04-09 17:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-06-16 17:31 - 2019-04-09 17:05 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-06-16 17:31 - 2019-04-09 17:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-16 17:31 - 2019-04-09 17:05 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-06-16 17:31 - 2019-04-09 17:05 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-06-16 17:31 - 2019-04-09 17:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-06-16 17:31 - 2019-04-09 17:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-06-16 17:31 - 2019-04-09 17:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-16 17:31 - 2019-04-09 17:03 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-06-16 17:31 - 2019-04-09 16:53 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-16 17:31 - 2019-04-09 16:52 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-16 17:31 - 2019-04-09 16:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-06-16 17:31 - 2019-04-09 16:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-16 17:31 - 2019-04-09 16:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-06-16 17:31 - 2019-04-09 16:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-16 17:31 - 2019-04-09 16:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-06-16 17:21 - 2019-06-16 17:21 - 000000000 ____D C:\SUPERDelete
2019-06-16 16:44 - 2019-06-16 17:01 - 000000000 ____D C:\Program Files\PicosmosTools
2019-06-16 16:31 - 2019-06-16 17:00 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\dvdcss
2019-06-16 16:28 - 2019-06-16 17:01 - 000000000 ____D C:\ProgramData\Segurazo
2019-06-16 16:28 - 2019-06-16 17:01 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-06-16 16:28 - 2019-06-16 17:00 - 000000000 ____D C:\Users\Usuario\AppData\Local\WallpaperHd
2019-06-16 16:28 - 2019-06-16 16:33 - 000000000 ____D C:\FFOutput
2019-06-16 16:28 - 2019-06-16 16:29 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\segurazoclient
2019-06-16 16:28 - 2019-06-16 16:28 - 000000000 ____D C:\Users\Usuario\Downloads\Picosmos P2P Installer
2019-06-16 16:28 - 2019-06-16 16:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\fontconfig
2019-06-16 16:28 - 2019-06-16 16:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo
2019-06-16 16:27 - 2019-06-16 17:01 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2019-06-16 16:21 - 2019-06-16 16:21 - 000000000 ____D C:\Users\Usuario\Documents\Any Video Converter Professional
2019-06-16 16:21 - 2019-06-16 16:21 - 000000000 ____D C:\Users\Usuario\Documents\Any Video Converter
2019-06-16 16:21 - 2019-06-16 16:21 - 000000000 ____D C:\Program Files (x86)\AnvSoft
2019-06-16 15:58 - 2019-06-16 17:00 - 000000000 ____D C:\Users\Usuario\.fontconfig
2019-06-16 15:57 - 2019-06-16 16:04 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Movavi Video Converter 19 Premium
2019-06-16 15:57 - 2019-06-16 15:57 - 000004983 _____ C:\ProgramData\yubhinti.sju
2019-06-16 15:57 - 2019-06-16 15:57 - 000000016 _____ C:\ProgramData\mntemp
2019-06-16 13:19 - 2019-06-16 13:19 - 000000000 ____D C:\Wondershare Video Converter Ultimate
2019-06-16 13:19 - 2019-06-16 13:19 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-14 17:03 - 2019-04-29 11:03 - 000000911 _____ C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {66578C5C-8161-4657-A5C2-7F46CFB5185F}.job
2019-07-14 16:50 - 2017-06-02 14:19 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2019-07-14 16:45 - 2018-01-17 22:45 - 000000911 _____ C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {58856FE9-A24F-456A-8538-6F0875B5C079}.job
2019-07-14 16:12 - 2012-10-18 23:11 - 000000000 __SHD C:\ProgramData\TEMP
2019-07-14 15:53 - 2012-10-18 22:18 - 000000000 ___RD C:\Users\Usuario\PAPA
2019-07-14 15:52 - 2012-10-19 13:12 - 000000000 __SHD C:\ProgramData\Malwarebytes
2019-07-14 15:50 - 2012-11-22 11:20 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
2019-07-14 15:46 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-14 14:55 - 2009-07-14 06:45 - 000035648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-14 14:55 - 2009-07-14 06:45 - 000035648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-14 14:53 - 2016-11-17 08:34 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2019-07-14 14:47 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-07-14 14:46 - 2018-01-17 18:17 - 000000346 _____ C:\Windows\Tasks\Health-Check-auto.job
2019-07-14 14:45 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-14 10:49 - 2009-07-14 07:08 - 000032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-07-14 10:46 - 2019-02-21 12:31 - 000000000 ____D C:\Users\Usuario
2019-07-14 10:46 - 2019-02-21 09:14 - 000000000 ____D C:\Users\TEMP
2019-07-14 10:37 - 2011-04-12 11:10 - 000750994 _____ C:\Windows\system32\perfh00A.dat
2019-07-14 10:37 - 2011-04-12 11:10 - 000160036 _____ C:\Windows\system32\perfc00A.dat
2019-07-14 10:37 - 2009-07-14 07:13 - 001685800 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-14 10:15 - 2016-01-22 19:29 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\MPC-HC
2019-07-14 09:52 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-07-14 09:37 - 2019-01-14 18:03 - 000263784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2019-07-14 09:37 - 2019-01-10 10:03 - 000206624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2019-07-14 09:37 - 2019-01-10 10:03 - 000061736 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2019-07-14 09:37 - 2019-01-10 10:03 - 000037368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2019-07-14 09:37 - 2018-10-23 08:27 - 000042552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2019-07-14 09:37 - 2017-11-28 12:57 - 000209304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2019-07-14 09:37 - 2017-06-02 14:19 - 001031048 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2019-07-14 09:37 - 2017-06-02 14:19 - 000477336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2019-07-14 09:37 - 2017-06-02 14:19 - 000387440 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2019-07-14 09:37 - 2017-06-02 14:19 - 000112568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2019-07-14 09:37 - 2017-06-02 14:19 - 000088208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2019-07-14 08:48 - 2012-10-18 23:58 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-13 11:31 - 2019-02-28 16:34 - 000002100 _____ C:\Users\Usuario\Desktop\Previsio pagaments.txt
2019-07-13 09:04 - 2014-01-13 10:46 - 000000000 ____D C:\Programas de Gestion
2019-07-13 07:55 - 2017-01-30 16:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-11 14:25 - 2014-08-19 09:48 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe
2019-07-11 14:25 - 2012-10-18 23:58 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-11 14:25 - 2012-10-18 23:58 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-11 14:24 - 2012-10-18 23:58 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-10 11:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-07-10 09:33 - 2019-03-12 21:01 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-07-10 09:29 - 2009-07-14 06:45 - 005043832 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-10 09:26 - 2019-02-21 21:01 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-07-10 09:26 - 2019-02-21 21:01 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-10 09:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-10 09:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-07-10 08:59 - 2019-05-15 09:16 - 001659450 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-07-10 08:54 - 2013-08-14 07:53 - 000000000 ____D C:\Windows\system32\MRT
2019-07-10 08:47 - 2019-02-21 17:00 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-09 23:58 - 2016-07-31 10:07 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-07-09 17:19 - 2017-06-02 09:14 - 000000000 ___RD C:\Users\Usuario\Desktop\Zapatillas
2019-07-09 09:36 - 2018-08-19 12:19 - 000004500 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-08 08:38 - 2018-11-20 15:31 - 000013647 _____ C:\Users\Usuario\Cont.Escala (emulació).xlsx
2019-07-08 08:34 - 2016-10-31 09:28 - 000013596 _____ C:\Users\Usuario\Desktop\Cont.Escala.xlsx
2019-07-08 08:10 - 2019-02-26 10:49 - 000004094 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1551170994
2019-06-28 15:17 - 2017-07-28 20:32 - 000000000 ___RD C:\Users\Usuario\Desktop\Escultura
2019-06-24 14:30 - 2019-04-29 11:03 - 000003978 _____ C:\Windows\System32\Tasks\EPSON XP-342 343 345 Series Update {66578C5C-8161-4657-A5C2-7F46CFB5185F}
2019-06-24 14:30 - 2019-02-24 17:34 - 000002996 _____ C:\Windows\System32\Tasks\{98D24010-BEDC-4D51-B9AB-28FA2D1268CC}
2019-06-24 14:30 - 2018-07-10 16:39 - 000002988 _____ C:\Windows\System32\Tasks\{49EA9CF4-C87B-42B1-8E63-6C8F94200B26}
2019-06-24 14:30 - 2018-01-17 22:45 - 000003978 _____ C:\Windows\System32\Tasks\EPSON XP-342 343 345 Series Update {58856FE9-A24F-456A-8538-6F0875B5C079}
2019-06-24 14:30 - 2018-01-17 18:17 - 000002624 _____ C:\Windows\System32\Tasks\Health-Check-auto
2019-06-24 14:30 - 2017-03-02 10:52 - 000003288 _____ C:\Windows\System32\Tasks\{5AF37BF2-D23C-45BE-AB5A-D010B37BC720}
2019-06-24 14:30 - 2016-09-03 11:08 - 000003240 _____ C:\Windows\System32\Tasks\{ECB88F70-0330-4582-BB40-1C9FF4B13D48}
2019-06-24 14:30 - 2016-07-31 10:25 - 000003250 _____ C:\Windows\System32\Tasks\{D383DD78-6ACD-4208-91DB-3AA90719058F}
2019-06-24 14:30 - 2016-07-20 09:23 - 000003224 _____ C:\Windows\System32\Tasks\{073B4DB9-85CD-4737-9EC2-2196C5AF24D8}
2019-06-24 14:30 - 2016-05-31 08:36 - 000002992 _____ C:\Windows\System32\Tasks\{B8EF9A02-BC90-428C-B603-DB36127584F8}
2019-06-24 14:30 - 2016-05-31 08:36 - 000002992 _____ C:\Windows\System32\Tasks\{5AF48EB2-CAE1-4C7E-8B8F-D3FCFC0802B5}
2019-06-24 14:30 - 2015-10-19 22:22 - 000003158 _____ C:\Windows\System32\Tasks\{E81FDF6D-8773-4E86-A3D8-46CB1E24FDE9}
2019-06-24 14:30 - 2015-10-19 22:14 - 000003136 _____ C:\Windows\System32\Tasks\{5CE96762-5D03-4C14-8A82-6A66E6CB0CF9}
2019-06-24 14:30 - 2015-09-05 09:08 - 000003286 _____ C:\Windows\System32\Tasks\{0525AD5C-FCF1-45CE-A6E6-55C8C2BD8585}
2019-06-24 14:30 - 2015-07-11 08:56 - 000003194 _____ C:\Windows\System32\Tasks\{C3209CBF-B228-48DF-BAFE-5C1AEFB31C61}
2019-06-24 14:30 - 2015-05-14 19:23 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-06-24 14:30 - 2015-03-25 23:03 - 000003338 _____ C:\Windows\System32\Tasks\{255307FA-EF09-4DD2-B9E1-9EA2E920E9C5}
2019-06-24 14:30 - 2015-03-25 21:24 - 000003058 _____ C:\Windows\System32\Tasks\{F83F4451-AAE2-4C22-B559-64EB0430E317}
2019-06-24 14:30 - 2015-03-13 18:48 - 000003170 _____ C:\Windows\System32\Tasks\{8A945590-32B1-4682-9ECA-A1D4F74402D3}
2019-06-24 14:30 - 2015-03-12 19:24 - 000003182 _____ C:\Windows\System32\Tasks\{AD327771-3123-4EBF-A187-4F63E0CFDBF1}
2019-06-24 14:30 - 2014-11-25 18:32 - 000003192 _____ C:\Windows\System32\Tasks\{BA2EE899-DDBD-43EC-9464-3DE1ED914222}
2019-06-24 14:30 - 2014-11-14 10:24 - 000003186 _____ C:\Windows\System32\Tasks\{CEDBC5BD-EC81-4A5B-A065-0FCAC6FDC479}
2019-06-24 14:30 - 2014-09-09 17:29 - 000003194 _____ C:\Windows\System32\Tasks\{8B82222B-FA57-46DE-BE73-3673FB456C82}
2019-06-24 14:30 - 2014-09-09 08:44 - 000003174 _____ C:\Windows\System32\Tasks\{3A19B8D7-B587-4F9E-81FE-A05787C1FC0D}
2019-06-24 14:30 - 2014-05-17 11:51 - 000003796 _____ C:\Windows\System32\Tasks\Adobe online update program
2019-06-24 14:30 - 2014-01-29 21:33 - 000003210 _____ C:\Windows\System32\Tasks\{1795ED53-BA72-4594-BA7C-B30A349ECCFF}
2019-06-24 14:30 - 2013-10-06 14:31 - 000003264 _____ C:\Windows\System32\Tasks\{674DF696-C628-4E7A-8357-811B92CEAD98}
2019-06-24 14:30 - 2013-10-06 13:29 - 000003086 _____ C:\Windows\System32\Tasks\{0B780F06-0BFF-41E0-BDF4-DE9E0A43D66F}
2019-06-24 14:30 - 2012-10-20 10:51 - 000003106 _____ C:\Windows\System32\Tasks\{4C0E1A18-32EB-4487-89E6-D8096FA2E337}
2019-06-24 14:30 - 2012-10-19 00:10 - 000003230 _____ C:\Windows\System32\Tasks\{8F2A0D64-F416-4ED3-A903-424FF3073317}
2019-06-24 14:30 - 2012-10-18 22:37 - 000002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-20 12:48 - 2012-10-22 12:21 - 000000000 ____D C:\Users\Usuario\AppData\Local\ElevatedDiagnostics
2019-06-17 13:10 - 2018-04-07 18:42 - 000000000 ____D C:\Program Files\iTunes
2019-06-17 13:08 - 2013-07-11 08:56 - 000000000 __SHD C:\ProgramData\Apple
2019-06-16 18:13 - 2017-06-02 14:21 - 000000000 ____D C:\Program Files (x86)\Google
2019-06-16 17:50 - 2016-08-24 11:59 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\IObit
2019-06-16 17:50 - 2016-08-24 11:59 - 000000000 ____D C:\ProgramData\IObit
2019-06-16 17:28 - 2015-11-06 21:03 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-16 17:02 - 2018-10-31 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoFirma
2019-06-16 17:02 - 2018-09-17 08:49 - 000000000 ____D C:\ProgramData\SecTaskMan
2019-06-16 17:02 - 2018-09-02 14:27 - 000000000 ____D C:\Users\Usuario\Documents\Wondershare MediaServer
2019-06-16 17:02 - 2016-08-24 12:00 - 000000000 ____D C:\ProgramData\ProductData
2019-06-16 17:02 - 2016-06-02 08:53 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2019-06-16 17:02 - 2015-05-12 12:36 - 000000000 ____D C:\ProgramData\Aimersoft Video Converter Ultimate
2019-06-16 17:02 - 2014-02-22 21:58 - 000000000 ____D C:\ProgramData\Aimersoft DVD Ripper
2019-06-16 17:02 - 2014-01-28 16:52 - 000000000 __SHD C:\ProgramData\CometBird
2019-06-16 17:02 - 2014-01-13 10:46 - 000000000 __SHD C:\ProgramData\Programas de Gestion
2019-06-16 17:01 - 2018-10-31 18:21 - 000000000 ____D C:\Program Files\AutoFirma
2019-06-16 17:01 - 2018-09-19 11:44 - 000000000 ____D C:\Program Files (x86)\Your Uninstaller! 7
2019-06-16 17:01 - 2018-09-02 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-06-16 17:01 - 2018-03-31 16:04 - 000000000 ____D C:\ProgramData\GraphicsType
2019-06-16 17:01 - 2017-05-06 20:50 - 000000000 ____D C:\ProgramData\Movavi Video Converter 17
2019-06-16 17:01 - 2016-01-23 09:32 - 000000000 ____D C:\ProgramData\Avg_Update_0615pi
2019-06-16 17:01 - 2014-10-19 08:53 - 000000000 ____D C:\ProgramData\AVG2015
2019-06-16 17:01 - 2014-04-18 18:50 - 000000000 ____D C:\ProgramData\Avg_Update_0414b
2019-06-16 17:01 - 2014-04-16 20:47 - 000000000 ____D C:\ProgramData\Skype
2019-06-16 17:01 - 2014-01-31 16:19 - 000000000 ____D C:\ProgramData\AVG2014
2019-06-16 17:01 - 2013-09-12 21:04 - 000000000 __SHD C:\ProgramData\Atheros
2019-06-16 17:01 - 2013-07-11 08:56 - 000000000 __SHD C:\ProgramData\Apple Computer
2019-06-16 17:01 - 2013-03-02 22:26 - 000000000 __SHD C:\ProgramData\Microsoft SkyDrive
2019-06-16 17:01 - 2012-11-11 09:57 - 000000000 __SHD C:\ProgramData\McAfee
2019-06-16 17:01 - 2012-10-19 17:06 - 000000000 __SHD C:\ProgramData\Yahoo!
2019-06-16 17:01 - 2012-10-18 23:58 - 000000000 __SHD C:\ProgramData\Google
2019-06-16 17:01 - 2012-10-18 23:55 - 000000000 __SHD C:\ProgramData\avg9
2019-06-16 17:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\servicing
2019-06-16 17:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2019-06-16 16:58 - 2014-02-04 09:55 - 000000000 ____D C:\ProgramData\Wondershare
2019-06-16 16:58 - 2013-05-06 15:39 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\SolidDocuments
2019-06-16 16:58 - 2012-10-19 09:06 - 000000000 __SHD C:\ProgramData\TuneUp Software
2019-06-16 16:58 - 2012-10-18 20:55 - 000000000 ____D C:\Users\Usuario\AppData\Local\Mozilla
2019-06-16 16:57 - 2019-01-31 15:48 - 000000000 ____D C:\ProgramData\Trusteer
2019-06-16 16:57 - 2018-03-31 16:03 - 000000000 ____D C:\ProgramData\iSkysoft
2019-06-16 16:57 - 2014-12-11 12:36 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-06-16 16:57 - 2014-01-28 16:52 - 000000000 __SHD C:\ProgramData\iMacros
2019-06-16 16:57 - 2014-01-28 16:52 - 000000000 __SHD C:\ProgramData\extensions
2019-06-16 16:57 - 2013-10-21 10:07 - 000000000 __SHD C:\ProgramData\Oracle
2019-06-16 16:57 - 2013-05-06 15:35 - 000000000 __SHD C:\ProgramData\SolidDocuments
2019-06-16 16:57 - 2012-10-19 00:58 - 000000000 __SHD C:\ProgramData\EPSON
2019-06-16 16:57 - 2012-10-18 23:53 - 000000000 __SHD C:\ProgramData\Adobe
2019-06-16 16:56 - 2018-09-02 14:27 - 000000000 ____D C:\Program Files (x86)\Wondershare
2019-06-16 16:56 - 2017-11-03 20:31 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-16 16:51 - 2019-02-21 12:24 - 000000000 ____D C:\Windows\Panther
2019-06-16 16:51 - 2013-09-12 20:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2019-06-16 16:51 - 2012-10-19 00:18 - 000000000 ___HD C:\Users\Usuario\Tracing
2019-06-16 15:57 - 2017-05-06 20:50 - 000000000 ____D C:\Users\Usuario\AppData\Local\Movavi
2019-06-16 15:57 - 2017-05-06 20:50 - 000000000 ____D C:\ProgramData\Movavi
2019-06-15 16:38 - 2015-09-12 09:16 - 000006907 _____ C:\Users\Usuario\Desktop\Rapid.txt
2019-06-14 18:54 - 2018-10-31 18:21 - 000000000 ____D C:\Users\Usuario\.afirma
==================== Files in the root of some directories ================
2019-07-14 10:31 - 2019-07-14 10:36 - 000000004 _____ () C:\ProgramData\lock.dat
2019-07-14 10:31 - 2019-07-14 10:31 - 000000008 _____ () C:\ProgramData\ts.dat
2014-06-20 17:23 - 2014-06-20 17:24 - 000000120 _____ () C:\Users\Usuario\AppData\Roaming\Camdata.ini
2014-06-20 17:23 - 2014-06-20 17:24 - 000000408 _____ () C:\Users\Usuario\AppData\Roaming\CamLayout.ini
2014-06-20 17:23 - 2014-06-20 17:24 - 000000408 _____ () C:\Users\Usuario\AppData\Roaming\CamShapes.ini
2014-06-20 17:23 - 2014-06-20 17:24 - 000004416 _____ () C:\Users\Usuario\AppData\Roaming\CamStudio.cfg
2012-10-20 16:20 - 2012-10-20 16:20 - 000000268 ___RH () C:\Users\Usuario\AppData\Roaming\HomePageService
2012-10-20 16:21 - 2012-10-20 16:21 - 000000268 ___RH () C:\Users\Usuario\AppData\Roaming\Horn Section
2012-10-20 16:20 - 2012-10-20 16:20 - 000000268 ___RH () C:\Users\Usuario\AppData\Roaming\Horns
2014-01-29 00:31 - 2015-04-08 07:53 - 000000163 _____ () C:\Users\Usuario\AppData\Roaming\WB.CFG
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-07-12 09:23
==================== End of FRST.txt ===========================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
Ran by Usuario (14-07-2019 17:21:11)
Running from C:\Users\Usuario\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-02-21 11:21:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-662850928-3325907665-2809455224-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-662850928-3325907665-2809455224-1006 - Limited - Enabled)
Invitado (S-1-5-21-662850928-3325907665-2809455224-501 - Limited - Disabled)
Usuario (S-1-5-21-662850928-3325907665-2809455224-1000 - Administrator - Enabled) => C:\Users\Usuario
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-662850928-3325907665-2809455224-1000\...\uTorrent) (Version: 3.5.3.44428 - BitTorrent Inc.)
7-Zip 9.25 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0925-000001000000}) (Version: 9.25.00.0 - Igor Pavlov)
Able2Extract Professional 12.0 (HKLM\...\{E88D0F02-2FC5-4D77-9A9D-289C05A4B28D}_is1) (Version: 12.0 - Investintech.com Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
AirParrot 2 (HKLM\...\{C00A9A38-3306-4F02-9C8A-4CF6CE232AA5}) (Version: 2.7.4.0 - Squirrels)
Apple Application Support (32 bits) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Ashampoo Movie Shrink & Burn 2.21 (HKLM-x32\...\Ashampoo Movie Shrink & Burn 2_is1) (Version: 2.2.1 - ashampoo GmbH & Co. KG)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.3 - Gobierno de España)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.6.3098 - AVG Technologies)
AVI/MPEG/RM/WMV Joiner 4.82 (HKLM-x32\...\AVI MPEG RM WMV Joiner_is1) (Version: - Boilsoft, Inc.)
Bejeweled 3 1.00 (HKLM-x32\...\Bejeweled 3 1.00) (Version: - )
Boilsoft Video Splitter 5.28 (HKLM-x32\...\Boilsoft Video Splitter_is1) (Version: - Boilsoft, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Capicom 2.1.0.2 FNMT-RCM (HKLM-x32\...\{E06DBD80-CD9B-4A3F-BD83-ED1AA4CB1E3A}) (Version: 1.00.0000 - FNMT-RCM)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Compresor WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.5 - FNMT-RCM)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Delicius - Emily's True Love 1.00 (HKLM-x32\...\Delicius - Emily's True Love 1.00) (Version: - )
Diamond Mine en Español (HKLM-x32\...\Diamond Mine en Español) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink Instal)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}) (Version: 4.4.11 - Seiko Epson Corporation)
EPSON XP-342 343 345 Series Printer Uninstall (HKLM\...\EPSON XP-342 343 345 Series) (Version: - Seiko Epson Corporation)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HD Video Converter Factory 14.2 (HKLM-x32\...\HD Video Converter Factory) (Version: 14.2 - WonderFox Soft, Inc.)
inSSIDer 2.0 (HKLM\...\{57019733-78E6-43DE-8E6D-55349F0FDE6F}) (Version: 2.0.7 - MetaGeek)
Instalable DNIe (HKLM\...\{B4A6EF31-AC22-4BE2-A714-581FC66DBFAF}) (Version: 13.1.0 - Cuerpo Nacional de Policía)
Instalable módulo criptográfico DNIe 2_5_1 (HKLM-x32\...\{C7B3EC99-DABA-4861-B496-DD428787B86C}) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iTunes (HKLM\...\{4699F245-9592-4D3A-A0A1-6D4152E9F49B}) (Version: 12.9.5.7 - Apple Inc.)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
K-Lite Codec Pack 7.1.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Manuales de EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_STANDARD_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_STANDARD_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_STANDARD_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_STANDARD_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 68.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0 (x64 es-ES)) (Version: 68.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 68.0.0.7125 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiCardSIM 1.0 (HKLM-x32\...\MultiCard SIM Device Driver_is1) (Version: - USBest, Inc.)
MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.300 - Logitech)
Nero 7.10.1.0 (HKLM-x32\...\Nero7_is1) (Version: 7.10.1.0 - Nero AG)
Opera Stable 62.0.3331.43 (HKU\S-1-5-21-662850928-3325907665-2809455224-1000\...\Opera 62.0.3331.43) (Version: 62.0.3331.43 - Opera Software)
PDF Image Extractor (HKLM-x32\...\{DDA48298-6C7E-47B3-B2FB-873483846EBA}) (Version: 2.5.0.0 - iWesoft)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.3.0 - Nikon)
Programas de Gestion (HKLM\...\Programas de Gestion) (Version: 5.0.1.0 - Grupo Banco Popular)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.243 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.119.615.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Solid Converter PDF (HKLM-x32\...\{56BFAA6E-2BCC-4AED-9233-84731E66B205}) (Version: 6.0.669.0 - SolidDocuments)
STFIC User Agent - SUA (HKLM-x32\...\PSINetSUA) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1254 - SUPERAntiSpyware.com)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{23BE4DF2-293D-4077-82F4-1FD8C269277C}) (Version: 10.0.2011.65 - TuneUp Software) Hidden
Types (HKLM\...\Types) (Version: 2.1.1 - E. Strunnikov)
Ultra MPEG-4 Converter 3.9.1120 (HKLM-x32\...\Ultra MPEG-4 Converter_is1) (Version: - Aone Software)
Ultra Video Joiner 6.3.0506 (HKLM-x32\...\Ultra Video Joiner_is1) (Version: - Aone Software)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.3 - Nikon)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard (12/15/2016 1.0.2.5) (HKLM\...\3A8235ACF0CF89B7EACE136B69B0B68ADC94D283) (Version: 12/15/2016 1.0.2.5 - Dirección General de la Policía)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [TakeOwnershipMenu] -> {659E506B-0AC2-410E-A94C-A326FF199883} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [TakeOwnershipMenu] -> {659E506B-0AC2-410E-A94C-A326FF199883} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-07-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Image Extractor\PDF Image Extractor Website.lnk -> hxxp://www.iwesoft.com/productinfo.php?id=2
==================== Loaded Modules (Whitelisted) ==============
2012-11-29 17:34 - 2010-03-15 12:28 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2013-05-06 15:36 - 2009-10-23 20:15 - 000024576 _____ () [File not signed] C:\Windows\System32\solidlocalmon.dll
2018-09-02 14:27 - 2015-02-27 14:38 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll
2011-09-16 20:35 - 2011-09-16 20:35 - 000082432 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-09-02 14:27 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\Newtonsoft.Json.dll
2014-11-14 10:25 - 2007-12-07 03:08 - 000108032 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_ILMCAE.DLL
2018-09-02 14:27 - 2017-03-21 11:19 - 000087552 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCollect.dll
2018-09-02 14:27 - 2017-03-21 11:19 - 000197632 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [188]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2018-12-03 17:31 - 000001314 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;C:\WINDOWS\SYSTEM32;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\WINDOWS\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES (X86)\WINDOWS LIVE\SHARED;C:\USERS\USUARIO\APPDATA\LOCAL\SMARTBAR\APPLICATION\;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\AutoFirma\AutoFirma;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-662850928-3325907665-2809455224-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 92.246.76.123
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{6CE522AD-4475-4694-B1BD-ADE8BFFCF19C}C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe] => (Allow) C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe No File
FirewallRules: [TCP Query User{F769B41D-21C3-4E83-8892-60E3FE694B1F}C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe] => (Allow) C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe No File
FirewallRules: [UDP Query User{8D23A77B-A292-40F1-9513-03731EF54DED}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [TCP Query User{74A4E352-65B5-4FA2-BEAD-856880ADFF4A}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [UDP Query User{851B4264-8C0C-45CB-AA86-623A025C210C}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{51BD2991-FCEA-4D88-993A-4989FF3D0BD5}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{BD0549FB-3122-48BA-A1DF-EF2B541BEA33}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{779D9EAE-E646-4F8B-B760-001B8906B307}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B9314B6F-64C1-468E-B911-699DD85A30CF}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BC1CA940-CAE3-4A00-BB3D-08C2E593BC9D}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B5438CC2-A45F-451B-8D1F-E683881FBF4E}] => (Allow) C:\Program Files\AirParrot 2\AirParrot2.exe (Squirrels LLC -> Squirrels) [File not signed]
FirewallRules: [{9E85DB1C-95EB-4BED-BB22-A02F987984CB}] => (Block) LPort=445
FirewallRules: [{F23CB6E6-5FC1-418E-AD1C-53EDFBBE27BE}] => (Block) LPort=445
FirewallRules: [{53C1B2F9-B420-4658-82C3-3F10606D1EFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3CF01286-E533-4216-9681-E510F0630309}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF4510BB-2E94-441C-95E8-9B72E63D9C54}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{58DFE228-3586-40C7-A56D-A3C655F378AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{723FD394-D114-46A1-9764-B3BFE59F97BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{64B02D3E-D4FC-4976-81A5-30BF5ECAF94E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1190CFEF-A78A-47E0-BFC1-179DACDDCC3F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5FE98899-38FA-42DF-8F12-16CF1C69CD09}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7314A5CB-38A4-4F5A-A080-B0492340EE9C}] => (Allow) C:\Users\Usuario\AppData\Local\Programs\Opera\60.0.3255.170\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6F8CA5F7-D7E0-4ECF-B5BE-A05BA74A2C13}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{63D0DC65-BF43-4D37-A44F-2C168B898FFA}] => (Allow) C:\Users\Usuario\AppData\Local\Programs\Opera\62.0.3331.43\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
01-07-2019 13:47:16 Punto de control programado
09-07-2019 09:32:33 Punto de control programado
10-07-2019 08:46:49 Windows Update
14-07-2019 09:42:32 Domingo
14-07-2019 10:03:01 Operación de restauración
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2019 02:47:48 PM) (Source: FirmwareService) (EventID: 0) (User: )
Description: No se puede iniciar el servicio. System.NullReferenceException: Referencia a objeto no establecida como instancia de un objeto.
en FirmwareService.FirmwareHelper.UpdateFirmwareData(String path)
en FirmwareService.FirmwareService.OnStart(String[] args)
en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (07/14/2019 02:47:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (07/14/2019 02:36:59 PM) (Source: FirmwareService) (EventID: 0) (User: )
Description: No se puede iniciar el servicio. System.NullReferenceException: Referencia a objeto no establecida como instancia de un objeto.
en FirmwareService.FirmwareHelper.UpdateFirmwareData(String path)
en FirmwareService.FirmwareService.OnStart(String[] args)
en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (07/14/2019 02:36:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (07/14/2019 11:36:28 AM) (Source: FirmwareService) (EventID: 0) (User: )
Description: No se puede iniciar el servicio. System.NullReferenceException: Referencia a objeto no establecida como instancia de un objeto.
en FirmwareService.FirmwareHelper.UpdateFirmwareData(String path)
en FirmwareService.FirmwareService.OnStart(String[] args)
en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (07/14/2019 11:36:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (07/14/2019 10:51:17 AM) (Source: FirmwareService) (EventID: 0) (User: )
Description: No se puede iniciar el servicio. System.NullReferenceException: Referencia a objeto no establecida como instancia de un objeto.
en FirmwareService.FirmwareHelper.UpdateFirmwareData(String path)
en FirmwareService.FirmwareService.OnStart(String[] args)
en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (07/14/2019 10:51:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
System errors:
=============
Error: (07/14/2019 03:23:03 PM) (Source: Schannel) (EventID: 4114) (User: NT AUTHORITY)
Description: El certificado recibido del servidor remoto lo emitió una entidad de certificación que no es de confianza. Por esta causa, no se puede validar ninguno de los datos contenidos en el certificado. Error de la solicitud de conexión SSL. Los datos adjuntos contienen el certificado del servidor.
Error: (07/14/2019 03:23:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Se generó la siguiente alerta irrecuperable: 48. El estado del error interno es 552.
Error: (07/14/2019 03:22:58 PM) (Source: Schannel) (EventID: 4114) (User: NT AUTHORITY)
Description: El certificado recibido del servidor remoto lo emitió una entidad de certificación que no es de confianza. Por esta causa, no se puede validar ninguno de los datos contenidos en el certificado. Error de la solicitud de conexión SSL. Los datos adjuntos contienen el certificado del servidor.
Error: (07/14/2019 03:22:58 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Se generó la siguiente alerta irrecuperable: 48. El estado del error interno es 552.
Error: (07/14/2019 03:22:57 PM) (Source: Schannel) (EventID: 4114) (User: NT AUTHORITY)
Description: El certificado recibido del servidor remoto lo emitió una entidad de certificación que no es de confianza. Por esta causa, no se puede validar ninguno de los datos contenidos en el certificado. Error de la solicitud de conexión SSL. Los datos adjuntos contienen el certificado del servidor.
Error: (07/14/2019 03:22:57 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Se generó la siguiente alerta irrecuperable: 48. El estado del error interno es 552.
Error: (07/14/2019 02:47:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
SASDIFSV
SASKUTIL
Error: (07/14/2019 02:47:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio FimwareService no respondió después de iniciar.
CodeIntegrity:
===================================
Date: 2018-09-17 09:17:11.576
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2018-09-17 09:17:11.342
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2018-09-17 09:05:45.018
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2018-09-17 09:05:44.768
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2018-06-08 14:39:57.496
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\btath_bus.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2018-06-08 14:39:57.324
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\btath_bus.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2018-06-08 08:13:42.028
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\btath_bus.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2018-06-08 08:13:41.856
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\btath_bus.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0803 09/26/2011
Motherboard: ASUSTeK Computer INC. P8H67-M
Processor: Intel(R) Pentium(R) CPU G630 @ 2.70GHz
Percentage of memory in use: 73%
Total physical RAM: 8104.32 MB
Available physical RAM: 2116.27 MB
Total Virtual: 16206.78 MB
Available Virtual: 10380.06 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:377.87 GB) NTFS
Drive f: (LACIE) (Fixed) (Total:149.01 GB) (Free:140.29 GB) FAT32
\\?\Volume{42a10403-194e-11e2-9588-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 2340C385)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 149.1 GB) (Disk ID: 0105ABDC)
Partition 1: (Not Active) - (Size=149 GB) - (Type=0C)
==================== End of Addition.txt =====Hola
MUY Importante 
Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe( en tu escritorio). -
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {17E518C5-F1F5-4287-B82A-BECAF384C4A9} - System32\Tasks\{B8EF9A02-BC90-428C-B603-DB36127584F8} => C:\Users\Usuario\PAPA\Programas\zzz\FreeRapid-0.9u4\frd.exe [35840 2014-05-18] (Vity) [File not signed]
Task: {46377963-C2B6-4BC1-ACC1-BDADB77E9E65} - System32\Tasks\ftcnytyzhhqcfmt => msiexec.exe /quiet /i "C:\Users\Usuario\AppData\Roaming\vbyyrnwiputz\sfbcyrcldrwygid.msi" WEBID=PP_MN_P3 TKNME=ftcnytyzhhqcfmt
Task: {7432DA14-E1F3-45BD-9992-5C69D112BA37} - System32\Tasks\{5AF48EB2-CAE1-4C7E-8B8F-D3FCFC0802B5} => C:\Users\Usuario\PAPA\Programas\zzz\FreeRapid-0.9u4\frd.exe [35840 2014-05-18] (Vity) [File not signed]
Task: {AFB2812E-41C5-4F0C-B529-89F4ACEE8B38} - \SidebarExecute -> No File <==== ATTENTION
Task: {F252D833-5E5B-43C4-B4F6-13392014487D} - System32\Tasks\{1795ED53-BA72-4594-BA7C-B30A349ECCFF} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\PAPA\Programas\Adaware\Adaware_Installer.exe -d C:\Users\Usuario\PAPA\Programas\Adaware
Tcpip\..\Interfaces\{90A8E6E6-3698-401D-9BE3-C351DB60532F}: [NameServer] 92.246.76.123,,116.203.6.218,
Tcpip\..\Interfaces\{B1C9B5E8-B4F0-4293-8260-A860A3EB4CEF}: [NameServer] 92.246.76.123,,116.203.6.218,
BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
FF NetworkProxy: Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 -> backup.ftp", "195.138.83.188"
FF HomepageOverride: Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 -> Enabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Muter) - C:\ProgramData\Extensions\[email protected] [2019-06-16] [Legacy] [not signed]
FF Extension: (iMacros for Firefox) - C:\ProgramData\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2019-06-16] [Legacy] [not signed]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed]
CHR HomePage: Default -> hxxp://www.ebay.es/
CHR StartupUrls: Default -> "hxxps://www.ebay.es/"
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
S1 SASDIFSV; \??\C:\Users\Usuario\Desktop\SASDIFSV64.SYS [X]
S1 SASKUTIL; \??\C:\Users\Usuario\Desktop\SASKUTIL64.SYS [X]
2019-07-14 09:54 - 2019-07-14 09:54 - 000000000 ____D C:\ProgramData\jQNJzOXEnOPr
2019-07-14 09:53 - 2019-07-14 09:53 - 000003242 _____ C:\Windows\System32\Tasks\ftcnytyzhhqcfmt
2019-07-14 09:53 - 2019-07-14 09:53 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vbyyrnwiputz
2019-07-14 09:52 - 2019-07-14 09:56 - 000000000 ____D C:\Program Files (x86)\InlogOptimizer
2019-07-14 09:52 - 2019-07-14 09:54 - 000000000 ____D C:\Users\Usuario\AppData\Local\Mail.Ru
2019-07-14 09:52 - 2019-07-14 09:52 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-06-16 17:50 - 2016-08-24 11:59 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\IObit
2019-06-16 17:50 - 2016-08-24 11:59 - 000000000 ____D C:\ProgramData\IObit
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [TakeOwnershipMenu] -> {659E506B-0AC2-410E-A94C-A326FF199883} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [TakeOwnershipMenu] -> {659E506B-0AC2-410E-A94C-A326FF199883} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [188]
FirewallRules: [UDP Query User{6CE522AD-4475-4694-B1BD-ADE8BFFCF19C}C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe] => (Allow) C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe No File
FirewallRules: [TCP Query User{F769B41D-21C3-4E83-8892-60E3FE694B1F}C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe] => (Allow) C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe No File
FirewallRules: [UDP Query User{8D23A77B-A292-40F1-9513-03731EF54DED}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [TCP Query User{74A4E352-65B5-4FA2-BEAD-856880ADFF4A}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{B5438CC2-A45F-451B-8D1F-E683881FBF4E}] => (Allow) C:\Program Files\AirParrot 2\AirParrot2.exe (Squirrels LLC -> Squirrels) [File not signed]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
- Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
- Presionar el botón FIX y aguardar a que termine.
- La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
Maravilloso !!! Ya funciona gmail y demás servicios de google en toso los navegadores que utilizo. Creo que el problema ha quedado resuelto, no obstante le adjunto el informe para que pueda opinar. Mil gracias por el tiempo empleado !!
Fix result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
Ran by Usuario (14-07-2019 19:52:30) Run:1
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario)
Boot Mode: Safe Mode (minimal)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {17E518C5-F1F5-4287-B82A-BECAF384C4A9} - System32\Tasks\{B8EF9A02-BC90-428C-B603-DB36127584F8} => C:\Users\Usuario\PAPA\Programas\zzz\FreeRapid-0.9u4\frd.exe [35840 2014-05-18] (Vity) [File not signed]
Task: {46377963-C2B6-4BC1-ACC1-BDADB77E9E65} - System32\Tasks\ftcnytyzhhqcfmt => msiexec.exe /quiet /i "C:\Users\Usuario\AppData\Roaming\vbyyrnwiputz\sfbcyrcldrwygid.msi" WEBID=PP_MN_P3 TKNME=ftcnytyzhhqcfmt
Task: {7432DA14-E1F3-45BD-9992-5C69D112BA37} - System32\Tasks\{5AF48EB2-CAE1-4C7E-8B8F-D3FCFC0802B5} => C:\Users\Usuario\PAPA\Programas\zzz\FreeRapid-0.9u4\frd.exe [35840 2014-05-18] (Vity) [File not signed]
Task: {AFB2812E-41C5-4F0C-B529-89F4ACEE8B38} - \SidebarExecute -> No File <==== ATTENTION
Task: {F252D833-5E5B-43C4-B4F6-13392014487D} - System32\Tasks\{1795ED53-BA72-4594-BA7C-B30A349ECCFF} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\PAPA\Programas\Adaware\Adaware_Installer.exe -d C:\Users\Usuario\PAPA\Programas\Adaware
Tcpip\..\Interfaces\{90A8E6E6-3698-401D-9BE3-C351DB60532F}: [NameServer] 92.246.76.123,,116.203.6.218,
Tcpip\..\Interfaces\{B1C9B5E8-B4F0-4293-8260-A860A3EB4CEF}: [NameServer] 92.246.76.123,,116.203.6.218,
BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
FF NetworkProxy: Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 -> backup.ftp", "195.138.83.188"
FF HomepageOverride: Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 -> Enabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\dn18mykk.default-1485788150329 -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Muter) - C:\ProgramData\Extensions\[email protected] [2019-06-16] [Legacy] [not signed]
FF Extension: (iMacros for Firefox) - C:\ProgramData\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2019-06-16] [Legacy] [not signed]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed]
CHR HomePage: Default -> hxxp://www.ebay.es/
CHR StartupUrls: Default -> "hxxps://www.ebay.es/"
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
S1 SASDIFSV; \??\C:\Users\Usuario\Desktop\SASDIFSV64.SYS [X]
S1 SASKUTIL; \??\C:\Users\Usuario\Desktop\SASKUTIL64.SYS [X]
2019-07-14 09:54 - 2019-07-14 09:54 - 000000000 ____D C:\ProgramData\jQNJzOXEnOPr
2019-07-14 09:53 - 2019-07-14 09:53 - 000003242 _____ C:\Windows\System32\Tasks\ftcnytyzhhqcfmt
2019-07-14 09:53 - 2019-07-14 09:53 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vbyyrnwiputz
2019-07-14 09:52 - 2019-07-14 09:56 - 000000000 ____D C:\Program Files (x86)\InlogOptimizer
2019-07-14 09:52 - 2019-07-14 09:54 - 000000000 ____D C:\Users\Usuario\AppData\Local\Mail.Ru
2019-07-14 09:52 - 2019-07-14 09:52 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-06-16 17:50 - 2016-08-24 11:59 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\IObit
2019-06-16 17:50 - 2016-08-24 11:59 - 000000000 ____D C:\ProgramData\IObit
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [TakeOwnershipMenu] -> {659E506B-0AC2-410E-A94C-A326FF199883} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [TakeOwnershipMenu] -> {659E506B-0AC2-410E-A94C-A326FF199883} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [188]
FirewallRules: [UDP Query User{6CE522AD-4475-4694-B1BD-ADE8BFFCF19C}C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe] => (Allow) C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe No File
FirewallRules: [TCP Query User{F769B41D-21C3-4E83-8892-60E3FE694B1F}C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe] => (Allow) C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe No File
FirewallRules: [UDP Query User{8D23A77B-A292-40F1-9513-03731EF54DED}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [TCP Query User{74A4E352-65B5-4FA2-BEAD-856880ADFF4A}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe No File
FirewallRules: [{B5438CC2-A45F-451B-8D1F-E683881FBF4E}] => (Allow) C:\Program Files\AirParrot 2\AirParrot2.exe (Squirrels LLC -> Squirrels) [File not signed]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Gu�rdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FFDS" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17E518C5-F1F5-4287-B82A-BECAF384C4A9} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17E518C5-F1F5-4287-B82A-BECAF384C4A9} => removed successfully
C:\Windows\System32\Tasks\{B8EF9A02-BC90-428C-B603-DB36127584F8} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B8EF9A02-BC90-428C-B603-DB36127584F8} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{46377963-C2B6-4BC1-ACC1-BDADB77E9E65}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46377963-C2B6-4BC1-ACC1-BDADB77E9E65}" => removed successfully
C:\Windows\System32\Tasks\ftcnytyzhhqcfmt => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ftcnytyzhhqcfmt" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7432DA14-E1F3-45BD-9992-5C69D112BA37} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7432DA14-E1F3-45BD-9992-5C69D112BA37} => removed successfully
C:\Windows\System32\Tasks\{5AF48EB2-CAE1-4C7E-8B8F-D3FCFC0802B5} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5AF48EB2-CAE1-4C7E-8B8F-D3FCFC0802B5} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AFB2812E-41C5-4F0C-B529-89F4ACEE8B38} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFB2812E-41C5-4F0C-B529-89F4ACEE8B38} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F252D833-5E5B-43C4-B4F6-13392014487D} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F252D833-5E5B-43C4-B4F6-13392014487D} => removed successfully
C:\Windows\System32\Tasks\{1795ED53-BA72-4594-BA7C-B30A349ECCFF} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1795ED53-BA72-4594-BA7C-B30A349ECCFF} => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{90A8E6E6-3698-401D-9BE3-C351DB60532F}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B1C9B5E8-B4F0-4293-8260-A860A3EB4CEF}\\NameServer" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => removed successfully
HKLM\Software\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\WSWSVCUchrome => removed successfully
Firefox Proxy settings were reset.
"Firefox HomepageOverride ([email protected]) " => removed successfully
"Firefox NewTabOverride ({a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}) " => removed successfully
C:\ProgramData\Extensions\[email protected] => moved successfully
C:\ProgramData\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer => removed successfully
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\SASDIFSV => removed successfully
SASDIFSV => service removed successfully
HKLM\System\CurrentControlSet\Services\SASKUTIL => removed successfully
SASKUTIL => service removed successfully
C:\ProgramData\jQNJzOXEnOPr => moved successfully
"C:\Windows\System32\Tasks\ftcnytyzhhqcfmt" => not found
C:\Users\Usuario\AppData\Roaming\vbyyrnwiputz => moved successfully
C:\Program Files (x86)\InlogOptimizer => moved successfully
C:\Users\Usuario\AppData\Local\Mail.Ru => moved successfully
C:\ProgramData\Mail.Ru => moved successfully
C:\Users\Usuario\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\TakeOwnershipMenu => removed successfully
HKLM\Software\Classes\CLSID\{659E506B-0AC2-410E-A94C-A326FF199883} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation => removed successfully
HKLM\Software\Classes\CLSID\{FEB746CA-95C2-485F-B386-C30D4E56D22E} => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\TakeOwnershipMenu => removed successfully
HKLM\Software\Classes\CLSID\{659E506B-0AC2-410E-A94C-A326FF199883} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6CE522AD-4475-4694-B1BD-ADE8BFFCF19C}C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F769B41D-21C3-4E83-8892-60E3FE694B1F}C:\users\usuario\papa\programas\zzz\emule0.51b\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8D23A77B-A292-40F1-9513-03731EF54DED}C:\program files (x86)\emule\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{74A4E352-65B5-4FA2-BEAD-856880ADFF4A}C:\program files (x86)\emule\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5438CC2-A45F-451B-8D1F-E683881FBF4E}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-662850928-3325907665-2809455224-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-662850928-3325907665-2809455224-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.
========= End of CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est ejecutando e intente la solicitud de nuevo.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est ejecutando e intente la solicitud de nuevo.
========= End of CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= End of CMD: =========
Gu�rdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante. => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16885485 B
Java, Flash, Steam htmlcache => 1185 B
Windows/system/drivers => 65748 B
Edge => 0 B
Chrome => 102939340 B
Firefox => 56990417 B
Opera => 20883083 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 65960 B
systemprofile32 => 33125 B
LocalService => 132244 B
NetworkService => 99331 B
Usuario => 293810315 B
RecycleBin => 2143030 B
EmptyTemp: => 471.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:53:20 ====
1 me gusta
Hola @Bfenix
Sigue estos pasos, para eliminar las herramientas utilizadas:
Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte 
Nos alegramos que se te haya resuelto 
Damos el tema por solucionado.
Solucionado
Un saludo
1 me gusta