# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-21.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-25-2018
# Duration: 00:00:14
# OS: Windows 7 Ultimate
# Scanned: 42056
# Detected: 6
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.WebBar C:\Program Files\WebDiscoverBrowser
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
PUP.Optional.QuickStart pelmeidfhdlhlbjimpabfcbnnojbboma
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########Hola @JM_Lagares
Falta el informe de JRT. 
Y para que puedas usar FRST debes descargarte la versión apropiada para tu equipo y esa seria la de 64bits.
Espero el resto de informes.
Saludos.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64
Ran by USUARIO (Administrator) on 25/11/2018 at 19:05:36,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 16
Successfully deleted: C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXVFH5MO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5FD3ZAL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQOGQRW6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWR411SK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXVFH5MO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5FD3ZAL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQOGQRW6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWR411SK (Temporary Internet Files Folder)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/11/2018 at 19:10:02,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.11.2018
Ran by USUARIO (administrator) on USUARIO-PC (25-11-2018 20:19:47)
Running from C:\Users\USUARIO\Desktop
Loaded Profiles: USUARIO (Available Profiles: USUARIO)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [290064 2018-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3882469008-2862763920-3897712888-1000\...\Run: [uTorrent] => C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe [1738936 2018-11-10] (BitTorrent Inc.)
HKU\S-1-5-21-3882469008-2862763920-3897712888-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd)
Startup: C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk [2017-07-22]
ShortcutTarget: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{278DE9B3-A0DE-4D96-8459-6A124526BA67}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{74626E18-987E-4108-B1DE-771F67618D9D}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3882469008-2862763920-3897712888-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24] (Microsoft Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @google.com/zxwebplugin -> C:\Windows\system32\npzxwebplugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.google.es/"
CHR Profile: C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default [2018-11-25]
CHR Extension: (Presentaciones) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Documentos) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-03]
CHR Extension: (MEGA) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2018-11-23]
CHR Extension: (YouTube) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-03]
CHR Extension: (Hojas de cálculo) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Stylish - temas a medida para cada sitio web.) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2018-11-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (AdBlock) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-18]
CHR Extension: (IE Tab) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2018-10-31]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-03]
CHR Extension: (Chrome Media Router) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-28]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [324048 2018-11-19] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [8237160 2018-11-19] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-04-21] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-21] (EasyAntiCheat Ltd)
S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2017-12-12] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-10-23] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [201504 2018-11-19] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [231104 2018-11-19] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [202528 2018-11-19] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [346840 2018-11-19] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [59744 2018-11-19] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [46648 2018-11-19] (AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42552 2018-11-19] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [163496 2018-11-19] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [112040 2018-11-19] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87680 2018-11-19] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1028920 2018-11-19] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [469520 2018-11-19] (AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [208712 2018-11-19] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [380704 2018-11-19] (AVG Technologies CZ, s.r.o.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-25] (Malwarebytes)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12464 2018-11-18] (Macrovision Europe Ltd) [File not signed]
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-25 20:19 - 2018-11-25 20:20 - 000012983 _____ C:\Users\USUARIO\Desktop\FRST.txt
2018-11-25 20:18 - 2018-11-25 20:19 - 000000000 ____D C:\FRST
2018-11-25 20:17 - 2018-11-25 20:18 - 002416640 _____ (Farbar) C:\Users\USUARIO\Desktop\FRST64.exe
2018-11-25 19:10 - 2018-11-25 19:10 - 000003469 _____ C:\Users\USUARIO\Desktop\JRT.txt
2018-11-25 19:02 - 2018-11-25 18:57 - 000001694 _____ C:\Users\USUARIO\Desktop\AdwCleaner[C00].txt
2018-11-25 19:02 - 2018-11-25 18:56 - 000001622 _____ C:\Users\USUARIO\Desktop\AdwCleaner[S00].txt
2018-11-25 18:58 - 2018-11-25 18:58 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-11-25 18:55 - 2018-11-25 18:56 - 000000000 ____D C:\AdwCleaner
2018-11-25 18:52 - 2018-11-25 18:52 - 000002360 _____ C:\Users\USUARIO\Desktop\informe malwarebytes.txt
2018-11-25 18:46 - 2018-11-25 19:00 - 000000000 ____D C:\Users\USUARIO\AppData\LocalLow\uTorrent
2018-11-25 18:38 - 2018-11-25 18:38 - 000000000 ____D C:\Users\USUARIO\AppData\Local\mbamtray
2018-11-25 18:38 - 2018-11-25 18:38 - 000000000 ____D C:\Users\USUARIO\AppData\Local\mbam
2018-11-25 18:37 - 2018-11-25 18:37 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-25 18:37 - 2018-11-25 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-25 18:37 - 2018-11-25 18:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-25 18:37 - 2018-10-18 08:44 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-11-25 18:36 - 2018-11-25 18:36 - 000015400 _____ C:\Users\USUARIO\Desktop\cc_20181125_183652.reg
2018-11-24 14:52 - 2018-11-24 14:52 - 001790024 _____ (Malwarebytes) C:\Users\USUARIO\Desktop\JRT.exe
2018-11-24 14:51 - 2018-11-24 14:52 - 007592144 _____ (Malwarebytes) C:\Users\USUARIO\Desktop\adwcleaner_7.2.4.0.exe
2018-11-19 18:10 - 2018-11-19 18:10 - 000378640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-11-18 20:04 - 2018-11-18 20:04 - 000012464 _____ (Macrovision Europe Ltd) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2018-11-17 05:32 - 2018-11-17 05:32 - 000000000 ____D C:\Windows\SysWOW64\Adobe
2018-11-17 03:38 - 2018-11-25 08:53 - 000004332 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-17 03:38 - 2018-11-23 03:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-17 03:38 - 2018-11-23 03:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-17 03:38 - 2018-11-23 03:19 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-14 18:57 - 2018-11-14 18:57 - 000001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-11-14 18:57 - 2018-11-14 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-11-14 18:57 - 2018-11-14 18:57 - 000000000 ____D C:\Program Files\iTunes
2018-11-14 18:57 - 2018-11-14 18:57 - 000000000 ____D C:\Program Files\iPod
2018-11-14 18:37 - 2018-10-18 03:48 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-14 18:37 - 2018-10-18 03:17 - 020281344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-14 18:36 - 2018-11-11 02:29 - 005551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-14 18:36 - 2018-11-11 02:28 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-11-14 18:36 - 2018-11-11 02:28 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-11-14 18:36 - 2018-11-11 02:28 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-14 18:36 - 2018-11-11 02:28 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-14 18:36 - 2018-11-11 02:27 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-14 18:36 - 2018-11-11 02:27 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-11-14 18:36 - 2018-11-11 02:26 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-11-14 18:36 - 2018-11-11 02:26 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-11-14 18:36 - 2018-11-11 02:26 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-11-14 18:36 - 2018-11-11 02:26 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-11-14 18:36 - 2018-11-11 02:26 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-11-14 18:36 - 2018-11-11 02:26 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-14 18:36 - 2018-11-11 02:26 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-11-14 18:36 - 2018-11-11 02:26 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-11-14 18:36 - 2018-11-11 02:26 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-11-14 18:36 - 2018-11-11 02:26 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-14 18:36 - 2018-11-11 02:26 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-11-14 18:36 - 2018-11-11 02:25 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:14 - 004054248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-11-14 18:36 - 2018-11-11 02:14 - 003960040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-11-14 18:36 - 2018-11-11 02:12 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-11-14 18:36 - 2018-11-11 02:11 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-11-14 18:36 - 2018-11-11 02:11 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-14 18:36 - 2018-11-11 02:11 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-14 18:36 - 2018-11-11 02:11 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-11-14 18:36 - 2018-11-11 02:11 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-11-14 18:36 - 2018-11-11 02:11 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-11-14 18:36 - 2018-11-11 02:11 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-11-14 18:36 - 2018-11-11 02:11 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-11-14 18:36 - 2018-11-11 02:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-11-14 18:36 - 2018-11-11 02:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 01:53 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-11-14 18:36 - 2018-11-11 01:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-11-14 18:36 - 2018-11-11 01:53 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-11-14 18:36 - 2018-11-11 01:52 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-11-14 18:36 - 2018-11-11 01:48 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-11-14 18:36 - 2018-11-11 01:48 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-11-14 18:36 - 2018-11-11 01:47 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-11-14 18:36 - 2018-11-11 01:47 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-11-14 18:36 - 2018-11-11 01:45 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-11-14 18:36 - 2018-11-11 01:44 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-11-14 18:36 - 2018-11-11 01:44 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-11-14 18:36 - 2018-11-11 01:44 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-11-14 18:36 - 2018-11-11 01:43 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-11-14 18:36 - 2018-11-11 01:43 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-11-14 18:36 - 2018-11-11 01:43 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-11-14 18:36 - 2018-11-11 01:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-11-14 18:36 - 2018-11-11 01:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-11-14 18:36 - 2018-11-11 01:43 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-14 18:36 - 2018-11-11 01:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-11-14 18:36 - 2018-11-11 01:41 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-11-14 18:36 - 2018-11-11 01:41 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-11-14 18:36 - 2018-11-11 01:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-11-14 18:36 - 2018-11-11 01:40 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-11-14 18:36 - 2018-11-11 01:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 01:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 01:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-14 18:36 - 2018-11-11 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-11-14 18:36 - 2018-10-27 04:42 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-14 18:36 - 2018-10-27 04:42 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-14 18:36 - 2018-10-27 04:42 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-14 18:36 - 2018-10-27 04:42 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2018-11-14 18:36 - 2018-10-27 04:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-14 18:36 - 2018-10-27 04:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2018-11-14 18:36 - 2018-10-27 04:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-14 18:36 - 2018-10-27 04:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-11-14 18:36 - 2018-10-27 04:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-14 18:36 - 2018-10-27 04:11 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-14 18:36 - 2018-10-27 04:05 - 003227648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-14 18:36 - 2018-10-27 04:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-11-14 18:36 - 2018-10-27 04:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-11-14 18:36 - 2018-10-27 04:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2018-11-14 18:36 - 2018-10-27 04:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dispex.dll
2018-11-14 18:36 - 2018-10-18 20:49 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-14 18:36 - 2018-10-18 19:51 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-11-14 18:36 - 2018-10-12 21:36 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-11-14 18:36 - 2018-10-12 21:26 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-14 18:36 - 2018-10-12 21:25 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-11-14 18:36 - 2018-10-12 21:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-11-14 18:36 - 2018-10-12 21:25 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-11-14 18:36 - 2018-10-12 21:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-11-14 18:36 - 2018-10-12 21:22 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-14 18:36 - 2018-10-12 21:20 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-11-14 18:36 - 2018-10-12 21:20 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-11-14 18:36 - 2018-10-12 21:18 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-11-14 18:36 - 2018-10-12 21:17 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-14 18:36 - 2018-10-12 21:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-11-14 18:36 - 2018-10-12 21:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-11-14 18:36 - 2018-10-12 21:11 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-11-14 18:36 - 2018-10-12 21:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-11-14 18:36 - 2018-10-12 21:07 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-11-14 18:36 - 2018-10-12 21:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-11-14 18:36 - 2018-10-12 21:05 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-11-14 18:36 - 2018-10-12 21:04 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-11-14 18:36 - 2018-10-12 21:03 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-14 18:36 - 2018-10-12 21:03 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-11-14 18:36 - 2018-10-12 21:02 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-11-14 18:36 - 2018-10-12 20:59 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-14 18:36 - 2018-10-12 20:57 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-14 18:36 - 2018-10-12 20:56 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-14 18:36 - 2018-10-12 20:55 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-11-14 18:36 - 2018-10-12 20:55 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-11-14 18:36 - 2018-10-12 20:42 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-14 18:36 - 2018-10-12 20:38 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-14 18:36 - 2018-10-12 20:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-14 18:36 - 2018-10-12 03:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-11-14 18:36 - 2018-10-12 03:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-11-14 18:36 - 2018-10-12 03:12 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-14 18:36 - 2018-10-12 03:11 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-11-14 18:36 - 2018-10-12 03:10 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-14 18:36 - 2018-10-12 03:10 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-11-14 18:36 - 2018-10-12 03:10 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-11-14 18:36 - 2018-10-12 03:10 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-11-14 18:36 - 2018-10-12 03:04 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-11-14 18:36 - 2018-10-12 03:03 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-11-14 18:36 - 2018-10-12 03:01 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-14 18:36 - 2018-10-12 03:00 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-11-14 18:36 - 2018-10-12 03:00 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-11-14 18:36 - 2018-10-12 02:59 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-14 18:36 - 2018-10-12 02:59 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-14 18:36 - 2018-10-12 02:59 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-14 18:36 - 2018-10-12 02:54 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-11-14 18:36 - 2018-10-12 02:51 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-11-14 18:36 - 2018-10-12 02:46 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-11-14 18:36 - 2018-10-12 02:45 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-11-14 18:36 - 2018-10-12 02:44 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-11-14 18:36 - 2018-10-12 02:42 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-11-14 18:36 - 2018-10-12 02:42 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-11-14 18:36 - 2018-10-12 02:40 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-11-14 18:36 - 2018-10-12 02:38 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-11-14 18:36 - 2018-10-12 02:30 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-14 18:36 - 2018-10-12 02:27 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-14 18:36 - 2018-10-12 02:27 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-14 18:36 - 2018-10-12 02:26 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-11-14 18:36 - 2018-10-12 02:26 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-11-14 18:36 - 2018-10-12 02:25 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-14 18:36 - 2018-10-12 02:19 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-14 18:36 - 2018-10-12 02:06 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-14 18:36 - 2018-10-12 01:55 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-14 18:36 - 2018-10-06 17:02 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-14 18:36 - 2018-10-06 14:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-11-14 18:36 - 2018-10-06 14:05 - 002565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-14 18:36 - 2018-09-23 03:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-14 18:36 - 2018-09-23 03:54 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-14 18:36 - 2018-09-23 03:54 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-14 18:36 - 2018-09-23 03:54 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-14 18:36 - 2018-09-23 03:54 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-14 18:36 - 2018-09-23 03:54 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-11-14 18:36 - 2018-09-23 03:54 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-14 18:36 - 2018-09-23 03:54 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-11-14 18:36 - 2018-09-23 03:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-11-14 18:36 - 2018-09-23 03:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-14 18:36 - 2018-09-23 03:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-14 18:36 - 2018-09-23 03:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-14 18:36 - 2018-09-23 03:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-11-14 18:36 - 2018-09-23 03:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2018-11-14 18:36 - 2018-09-23 03:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2018-11-14 18:36 - 2018-09-23 03:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2018-11-14 18:36 - 2018-09-23 03:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2018-11-14 18:36 - 2018-09-23 03:34 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-14 18:36 - 2018-09-23 03:34 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-14 18:36 - 2018-09-23 03:33 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-14 18:36 - 2018-09-23 03:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-14 18:36 - 2018-09-23 03:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-14 18:36 - 2018-09-23 03:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-11-14 18:36 - 2018-09-23 03:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2018-11-14 18:36 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2018-11-14 18:36 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\system32\locale.nls
2018-11-07 18:17 - 2018-09-19 09:08 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2018-11-07 18:17 - 2018-09-09 02:02 - 001680072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-11-07 18:17 - 2018-09-09 02:02 - 000986824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-07 18:17 - 2018-09-09 02:02 - 000265416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-07 18:17 - 2018-09-09 01:59 - 002851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2018-11-07 18:17 - 2018-09-09 01:59 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-11-07 18:17 - 2018-09-09 01:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-11-07 18:17 - 2018-09-09 01:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-11-07 18:17 - 2018-09-09 01:57 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2018-11-07 18:17 - 2018-09-09 01:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2018-11-07 18:17 - 2018-09-09 01:44 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-11-07 18:17 - 2018-09-09 01:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-11-07 18:17 - 2018-09-09 01:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-11-07 18:17 - 2018-08-28 07:24 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-11-07 18:17 - 2018-08-28 07:24 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-11-07 18:17 - 2018-08-28 07:24 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-11-07 18:17 - 2018-08-28 07:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-11-07 18:17 - 2018-08-28 07:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-11-07 18:17 - 2018-08-28 07:09 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-11-07 18:17 - 2018-08-28 07:09 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-11-07 18:17 - 2018-08-28 06:52 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-11-07 18:17 - 2018-08-28 06:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-11-07 18:17 - 2018-08-28 06:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-11-07 18:17 - 2018-08-16 03:18 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2018-11-07 18:17 - 2018-08-13 22:49 - 001391856 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-11-07 18:17 - 2018-08-13 16:54 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2018-11-07 18:17 - 2018-08-12 21:32 - 000140976 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-11-07 18:17 - 2018-08-12 21:27 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-11-07 18:17 - 2018-08-08 16:54 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-11-07 18:17 - 2018-08-08 16:54 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-11-07 18:17 - 2018-08-08 16:40 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-11-07 18:17 - 2018-08-08 16:40 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-10-31 20:45 - 2018-10-31 20:46 - 000000000 ____D C:\Users\USUARIO\Desktop\Insidious Capitulo 4 La Ultima llave (HD DOLBY S) (2018)
2018-10-31 18:42 - 2018-10-31 18:42 - 000000227 _____ C:\Users\USUARIO\Desktop\Cambiar Windows.url
2018-10-26 17:04 - 2018-11-14 18:21 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-26 17:04 - 2018-11-14 18:21 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-26 16:22 - 2018-11-19 18:10 - 000042552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-25 19:07 - 2018-01-03 02:28 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-11-25 19:07 - 2017-08-14 01:00 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-11-25 19:00 - 2017-07-20 23:37 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\uTorrent
2018-11-25 18:58 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-25 18:57 - 2017-07-03 22:37 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-11-25 18:56 - 2009-07-14 05:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-25 18:56 - 2009-07-14 05:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-25 18:38 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-11-25 18:35 - 2018-07-16 14:27 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\FileZilla
2018-11-25 18:34 - 2018-07-27 03:13 - 000000000 ____D C:\Users\USUARIO\AppData\Local\CrashDumps
2018-11-25 17:23 - 2018-01-03 02:28 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-25 17:23 - 2018-01-03 02:28 - 000000000 ____D C:\Program Files\CCleaner
2018-11-25 08:54 - 2018-09-02 15:50 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-11-25 08:54 - 2018-07-01 02:03 - 000003154 _____ C:\Windows\System32\Tasks\{365A034B-7B8B-4540-959D-8951C992C2B8}
2018-11-25 08:54 - 2018-01-03 02:28 - 000002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-11-25 08:54 - 2017-11-05 21:34 - 000003430 _____ C:\Windows\System32\Tasks\SidebarExecute
2018-11-25 08:54 - 2017-07-03 22:20 - 000003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-25 08:54 - 2017-07-03 22:20 - 000003406 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-25 08:53 - 2017-07-14 11:29 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-24 15:02 - 2018-07-21 05:59 - 000705470 _____ C:\Windows\system32\prfh0416.dat
2018-11-24 15:02 - 2018-07-21 05:59 - 000147314 _____ C:\Windows\system32\prfc0416.dat
2018-11-24 15:02 - 2018-07-21 05:28 - 000720612 _____ C:\Windows\system32\prfh0816.dat
2018-11-24 15:02 - 2018-07-21 05:28 - 000152564 _____ C:\Windows\system32\prfc0816.dat
2018-11-24 15:02 - 2018-07-20 21:40 - 000675348 _____ C:\Windows\system32\perfh00E.dat
2018-11-24 15:02 - 2018-07-20 21:40 - 000170932 _____ C:\Windows\system32\perfc00E.dat
2018-11-24 15:02 - 2018-07-20 19:58 - 000731640 _____ C:\Windows\system32\perfh010.dat
2018-11-24 15:02 - 2018-07-20 19:58 - 000146504 _____ C:\Windows\system32\perfc010.dat
2018-11-24 15:02 - 2018-07-20 19:38 - 000737310 _____ C:\Windows\system32\perfh00C.dat
2018-11-24 15:02 - 2018-07-20 19:38 - 000149238 _____ C:\Windows\system32\perfc00C.dat
2018-11-24 15:02 - 2018-07-20 18:57 - 000688802 _____ C:\Windows\system32\perfh007.dat
2018-11-24 15:02 - 2018-07-20 18:57 - 000148774 _____ C:\Windows\system32\perfc007.dat
2018-11-24 15:02 - 2011-04-12 10:10 - 000747396 _____ C:\Windows\system32\perfh00A.dat
2018-11-24 15:02 - 2011-04-12 10:10 - 000158868 _____ C:\Windows\system32\perfc00A.dat
2018-11-24 15:02 - 2009-07-14 06:13 - 006850910 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-23 05:53 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-11-23 03:19 - 2017-07-04 21:04 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-19 18:10 - 2017-11-29 02:24 - 000201504 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-11-19 18:10 - 2017-08-14 01:00 - 001028920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-11-19 18:10 - 2017-08-14 01:00 - 000469520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-11-19 18:10 - 2017-08-14 01:00 - 000380704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-11-19 18:10 - 2017-08-14 01:00 - 000208712 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-11-19 18:10 - 2017-08-14 01:00 - 000163496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-11-19 18:10 - 2017-08-14 01:00 - 000112040 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-11-19 18:10 - 2017-08-14 01:00 - 000087680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-11-19 18:10 - 2017-08-14 01:00 - 000046648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-11-19 18:09 - 2017-08-14 01:00 - 000346840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-11-19 18:09 - 2017-08-14 01:00 - 000231104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-11-19 18:09 - 2017-08-14 01:00 - 000202528 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-11-19 18:09 - 2017-08-14 01:00 - 000059744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-11-18 19:22 - 2018-07-16 14:27 - 000000000 ____D C:\Users\USUARIO\AppData\Local\FileZilla
2018-11-18 16:19 - 2017-07-03 22:24 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Kodi
2018-11-17 05:34 - 2017-07-12 20:33 - 000000000 ____D C:\Users\USUARIO\AppData\LocalLow\Adobe
2018-11-17 05:32 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2018-11-17 03:38 - 2017-12-12 21:01 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Macromedia
2018-11-17 03:38 - 2017-07-12 20:33 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Adobe
2018-11-14 19:02 - 2009-07-14 05:45 - 000414632 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-14 18:41 - 2017-07-03 15:44 - 006702974 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-11-14 18:23 - 2017-08-09 18:58 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-31 19:17 - 2017-07-04 21:20 - 000000000 ___HD C:\Program Files (x86)\FX Uninstall Information
2018-10-26 17:04 - 2017-07-03 22:20 - 000000000 ____D C:\Program Files (x86)\Google
2018-10-26 16:19 - 2017-11-29 02:24 - 000001968 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2018-10-26 16:15 - 2017-07-03 15:41 - 000000000 ____D C:\Users\USUARIO
2018-10-26 16:13 - 2017-12-22 04:06 - 000000000 ____D C:\Windows\System32\Tasks\AVG
2018-10-26 16:12 - 2011-04-12 10:20 - 000000000 ___RD C:\Users\Public\Recorded TV
2018-10-26 16:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2017-12-04 20:33] - [2018-01-03 01:03] - 001008640 _____ (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E
C:\Windows\SysWOW64\User32.dll
[2018-01-03 01:10] - [2018-01-03 01:10] - 000833024 _____ (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-11-25 18:16
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.11.2018
Ran by USUARIO (25-11-2018 20:20:34)
Running from C:\Users\USUARIO\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-07-03 14:41:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-3882469008-2862763920-3897712888-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3882469008-2862763920-3897712888-1003 - Limited - Enabled)
Invitado (S-1-5-21-3882469008-2862763920-3897712888-501 - Limited - Disabled)
USUARIO (S-1-5-21-3882469008-2862763920-3897712888-1000 - Administrator - Enabled) => C:\Users\USUARIO
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Antivirus (Disabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3882469008-2862763920-3897712888-1000\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{A5B6B786-2D6F-4B75-940F-42B32D01D146}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{669EB263-0AFE-4FCB-A068-DB082CA6273C}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-042D-0000-0000000FF1CE}_ENTERPRISE_{042190ED-F17C-4A8D-95D8-87A37B4095BD}) (Version: - ) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0456-0000-0000000FF1CE}_ENTERPRISE_{D3064ADE-5D4C-4AA4-8F71-C63D87D4A263}) (Version: - ) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0C0A-1000-0000000FF1CE}_ENTERPRISE_{35B14BD6-6042-4A55-B326-58309DC8C72A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0044-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{35B14BD6-6042-4A55-B326-58309DC8C72A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2CC8520D-6A74-4CCA-9539-8E774E2B50D1}) (Version: - Microsoft) Hidden
2Tware Fat32Format Free version 1.03 (HKLM-x32\...\{91D55D14-668E-4F5D-877D-72C75E57C83F}_is1) (Version: 1.03 - 2Tware Tech Development Co., Ltd.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.153 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{04E14C12-EAB9-9B07-5A25-CAF2D10B2579}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.8.3071 - AVG Technologies)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Constructor (HKLM-x32\...\Constructor_is1) (Version: - GOG.com)
Crusader Kings II versión 2.1 (HKLM-x32\...\{80E3935C-FDBC-4F99-9F9B-B470DA63FBC1}_is1) (Version: 2.1 - Torenico@Repack)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.33.0 (HKLM-x32\...\FileZilla Client) (Version: 3.33.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HiP2P Client (HKLM-x32\...\{2F3762A1-58CA-43A8-9854-88BCC34C6D2F}) (Version: 6.0.0.0 - Hi)
Imperivm Online (HKLM-x32\...\Imperivm Online) (Version: - FX Interactive)
iTunes (HKLM\...\{AD1C6D89-91BE-43C3-B8FB-01D27E56E7DB}) (Version: 12.9.1.4 - Apple Inc.)
K-Lite Mega Codec Pack 10.9.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.2 - )
Kodi (HKU\S-1-5-21-3882469008-2862763920-3897712888-1000\...\Kodi) (Version: - XBMC-Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Los SIMS (HKLM-x32\...\{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}_is1) (Version: - )
Macromedia Dreamweaver 8 (HKLM-x32\...\{117E076F-5EB0-408D-B7A9-D94511FE834D}) (Version: 8.0.0.2766 - )
Macromedia Extension Manager (HKLM-x32\...\{F443F171-B49B-4645-915C-580E7ED79992}) (Version: 1.7.277 - Nombre de su organización)
Macromedia Fireworks MX 2004 (HKLM-x32\...\{E583ED6F-BD99-4066-A420-C815BF692B69}) (Version: 7 - Macromedia)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET-keretrendszer 4.7.2 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{D9559CE2-9C58-F414-43EA-F908FEA13BB8}) (Version: 1.00.0000 - Nombre de su organización) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Screenshot Pilot version 1.46.01 (HKLM-x32\...\Screenshot Pilot (full)_is1) (Version: - )
SimCity 4 (HKLM-x32\...\{01339AE5-04D4-43F8-008E-13AD788DC4F7}) (Version: - )
SimCity™ Societies (HKLM-x32\...\{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}) (Version: 1.0.0.0 - Electronic Arts) Hidden
SimCity™ Societies (HKLM-x32\...\{9B0F9788-3141-4009-846E-52E59843E963}) (Version: 1.0.0.0 - Electronic Arts)
SimCity™ Societies Destinations (HKLM-x32\...\{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}) (Version: 1.0.0.1 - Electronic Arts)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Sims 4 Deluxe Edition version 1.41.42.1020 (HKLM-x32\...\The Sims 4 Deluxe Edition_is1) (Version: 1.41.42.1020 - Mr DJ)
Update for Outlook 2007 Junk Email Filter (kb947945) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E397056B-7AE5-4FF1-8B13-276BF8201847}) (Version: - Microsoft)
web control version 3.0.5.9 (HKLM-x32\...\{F88ED86C-0010-4943-BA16-72E4184E31ED}_is1) (Version: 3.0.5.9 - )
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-11-19] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-16] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-16] (Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-07-21] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-11-19] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-16] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-16] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043B4368-DBD1-4A71-A21C-18FBDC690711} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-03] (Google Inc.)
Task: {0C22BE45-29A9-4DC3-AD76-ED2CE28E5788} - System32\Tasks\{365A034B-7B8B-4540-959D-8951C992C2B8} => C:\Windows\system32\pcalua.exe -a C:\Users\USUARIO\Downloads\GameRangerSetup.exe -d C:\Users\USUARIO\Downloads
Task: {0EE83661-CDB9-4A27-8783-9EF460B82884} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-11-19] (AVG Technologies CZ, s.r.o.)
Task: {180F32EE-5429-406A-8C89-B7568B6B3F4A} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-28] (AVG Technologies CZ, s.r.o.)
Task: {38D36BB2-F776-4A1B-977A-D7D835CFF934} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {762A4506-D6EE-428C-AA5C-72F861405041} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {7E56B638-D241-4732-926F-C539FEB5E166} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {9DE7D906-B514-43B7-8E94-9583E0D6B302} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {D002A519-0A33-4FAC-84E3-117D4F709014} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {F20E01C4-7A19-4439-9A20-1C77F831BD69} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-23] (Adobe Systems Incorporated)
Task: {F85C4033-1B4A-4304-AECC-4BB1D4EBF70B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-03] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-05-07 09:56 - 2018-05-07 09:56 - 000054440 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-07-21 20:37 - 2015-07-21 20:37 - 000214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 000817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 003650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2018-10-21 02:17 - 2018-10-21 02:17 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-05-15 17:59 - 2018-05-15 17:59 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-11-25 18:37 - 2018-10-18 08:44 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-11-14 18:21 - 2018-11-08 23:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll
2018-11-14 18:21 - 2018-11-08 23:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll
2018-11-19 18:10 - 2018-11-19 18:10 - 000919312 _____ () C:\Program Files (x86)\AVG\Antivirus\anen.dll
2018-11-19 18:10 - 2018-11-19 18:10 - 000594192 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-11-19 18:10 - 2018-11-19 18:10 - 000496400 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll
2018-11-19 18:10 - 2018-11-19 18:10 - 001112336 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2018-11-25 19:17 - 2018-11-25 19:17 - 005736136 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18112504\algo.dll
2018-03-14 20:47 - 2018-03-14 20:47 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3882469008-2862763920-3897712888-1000\...\localhost -> localhost
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2018-11-16 03:12 - 000000921 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3882469008-2862763920-3897712888-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{6928BA3E-F015-411F-9846-39D096D61494}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{C9D5D9C9-AE52-4EDD-A3B6-7CC8491A749C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{774BB6DF-9AF9-413C-B980-123C552EDB9F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{46B845D9-EF64-4AC2-8B39-579BA7B063A5}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{F314DD13-2F37-46EB-96CB-6749CBB04008}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AA654A0D-C97F-4D69-9D7E-4D1621FC6510}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{893BE838-30FC-4BF2-811E-CBE348DB9410}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{22D549B2-8141-49E3-BB04-AB8D81568B46}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{859305C6-06FC-4406-8263-CD65D745A527}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B6237DE6-2121-4E79-BFC7-B98F5B5408D1}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{2E057F34-7664-48A6-BACB-D022CFF1DDC8}C:\program files (x86)\gog.com\constructor\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\constructor\dosbox\dosbox.exe
FirewallRules: [UDP Query User{0642CA15-D4E0-4DCE-A10D-45154C5C645C}C:\program files (x86)\gog.com\constructor\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\constructor\dosbox\dosbox.exe
FirewallRules: [{8CB58847-D338-4543-87FB-7FCECF0AAAE7}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B308E555-70C7-4C0E-8A5F-C5161B7B18E5}] => (Allow) C:\Users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{64A58EB4-A7DD-43C6-9177-5CDCB1D7CC46}] => (Allow) C:\Program Files (x86)\Mr DJ\The Sims 4 Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{2DC8CC5B-6047-4D8F-ABEA-B3566DA0D55E}] => (Allow) C:\Program Files (x86)\Mr DJ\The Sims 4 Deluxe Edition\Game\Bin\TS4_x64.exe
FirewallRules: [{A85CB579-D9D9-491A-B28F-81E0F56E8BC5}] => (Allow) C:\Program Files (x86)\Mr DJ\The Sims 4 Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [{389A0133-A50E-4AE8-A75A-34C44AD32173}] => (Allow) C:\Program Files (x86)\Mr DJ\The Sims 4 Deluxe Edition\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{EAD908C7-61BB-4A1E-884E-358BB8BC0CD7}C:\program files (x86)\hip2p client\p2pclient.exe] => (Allow) C:\program files (x86)\hip2p client\p2pclient.exe
FirewallRules: [UDP Query User{0929C3E0-C680-4EB4-BEBD-9AEF4F4BC8AE}C:\program files (x86)\hip2p client\p2pclient.exe] => (Allow) C:\program files (x86)\hip2p client\p2pclient.exe
FirewallRules: [{35D26F49-FE43-417F-922B-DB09CE777FE8}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{4FF241B3-F774-451A-ADDD-86D97DE09350}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60399C52-92C9-444F-8B55-D6D3C9920DD2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{134CB2BA-D84A-4ABE-8176-DF98171F6603}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{67588971-7CC1-411E-8B5B-EFFB717B1E6C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{135DE2DA-A49D-42F8-9ED0-AD933A62864B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2A2C29DC-6F6B-4A71-AD9E-B0F05A3BC9B5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7A6B8639-DB65-4344-BB5C-994998BE206A}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{AA164764-63F3-4627-8258-1FDA8F193D3C}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{2DB348AE-4113-4BD2-9A46-4AED334E6B12}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{693C3625-9B97-490B-9038-677AFD96DE2F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
==================== Restore Points =========================
23-11-2018 05:52:54 Punto de control programado
25-11-2018 19:05:39 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/25/2018 06:58:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (11/25/2018 06:58:00 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.
Error: (11/25/2018 06:46:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (11/25/2018 06:45:28 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.
Error: (11/25/2018 06:33:31 PM) (Source: ESENT) (EventID: 485) (User: )
Description: DllHost (4732) WebCacheLocal: Al intentar eliminar el archivo "C:\Users\USUARIO\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log" se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación de eliminación de archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (11/25/2018 05:18:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (11/25/2018 05:17:34 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.
Error: (11/25/2018 05:23:22 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.
System errors:
=============
Error: (11/25/2018 07:31:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Servicio de notificación de SSP se cerró con el siguiente error:
Acceso denegado.
Error: (11/25/2018 06:58:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
cdrom
Error: (11/25/2018 06:56:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD FUEL Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (11/25/2018 06:56:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
Error: (11/25/2018 06:56:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Instalador de módulos de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
Error: (11/25/2018 06:56:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
Error: (11/25/2018 06:56:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servicio del iPod se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (11/25/2018 06:56:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Apple Mobile Device Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.
CodeIntegrity:
===================================
Date: 2018-11-25 20:17:54.854
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-11-25 19:20:23.251
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-11-25 19:11:59.520
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-11-25 18:57:59.193
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-11-25 18:45:27.059
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-11-25 18:43:25.862
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-11-25 18:32:53.634
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
Date: 2018-11-25 17:17:30.088
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\user32.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.
==================== Memory info ===========================
Processor: AMD A6-6400K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 39%
Total physical RAM: 7124.47 MB
Available physical RAM: 4293.39 MB
Total Virtual: 14247.09 MB
Available Virtual: 11412.67 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:792.03 GB) NTFS
Drive h: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:209.94 GB) NTFS
\\?\Volume{aad781ce-5ff2-11e7-9673-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: EB09D97F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: C8278FAB)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================Bien… y ahora sigue estos pasos, 
MUY Importante 
Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe(en tu escritorio). -
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla
Create registry backup, las demás casillas NO. 
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Y ahora inicia tu equipo desde el Modo Seguro – con funciones de Red, de Windows
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {0C22BE45-29A9-4DC3-AD76-ED2CE28E5788} - System32\Tasks\{365A034B-7B8B-4540-959D-8951C992C2B8} => C:\Windows\system32\pcalua.exe -a C:\Users\USUARIO\Downloads\GameRangerSetup.exe -d C:\Users\USUARIO\Downloads
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
FF Plugin-x32: @google.com/zxwebplugin -> C:\Windows\system32\npzxwebplugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.google.es/"
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12464 2018-11-18] (Macrovision Europe Ltd) [File not signed]
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
-
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
-
Presionar el botón FIX y aguardar a que termine.
-
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta. 
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Buenas tardes, he seguido todos los pasos y de momento el windows inicio bien, y rapido, pero me ha vuelto a salir el error del registro que era habitual a los minutos de iniciar sesion.
Fix result of Farbar Recovery Scan Tool (x64) Version: 21.11.2018
Ran by USUARIO (26-11-2018 20:54:06) Run:1
Running from C:\Users\USUARIO\Desktop
Loaded Profiles: USUARIO (Available Profiles: USUARIO)
Boot Mode: Safe Mode (with Networking)
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {0C22BE45-29A9-4DC3-AD76-ED2CE28E5788} - System32\Tasks\{365A034B-7B8B-4540-959D-8951C992C2B8} => C:\Windows\system32\pcalua.exe -a C:\Users\USUARIO\Downloads\GameRangerSetup.exe -d C:\Users\USUARIO\Downloads
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
FF Plugin-x32: @google.com/zxwebplugin -> C:\Windows\system32\npzxwebplugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.google.es/"
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12464 2018-11-18] (Macrovision Europe Ltd) [File not signed]
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C22BE45-29A9-4DC3-AD76-ED2CE28E5788}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C22BE45-29A9-4DC3-AD76-ED2CE28E5788}" => removed successfully
C:\Windows\System32\Tasks\{365A034B-7B8B-4540-959D-8951C992C2B8} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{365A034B-7B8B-4540-959D-8951C992C2B8}" => removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/zxwebplugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"Chrome StartupUrls" => removed successfully
HKLM\System\CurrentControlSet\Services\secdrv => removed successfully
secdrv => service removed successfully
HKLM\System\CurrentControlSet\Services\AsrSetupDrv => removed successfully
AsrSetupDrv => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3882469008-2862763920-3897712888-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3882469008-2862763920-3897712888-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
========= End of RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= End of CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Adaptador de Ethernet Conexi¢n de rea local:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::c052:a9c2:69d6:6bc2%11
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.103
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.0.1
Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{74626E18-987E-4108-B1DE-771F67618D9D}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
========= End of CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= End of CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.
========= End of CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= End of CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23191190 B
Java, Flash, Steam htmlcache => 1155 B
Windows/system/drivers => 618922062 B
Edge => 0 B
Chrome => 142969117 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66088 B
LocalService => 0 B
NetworkService => 0 B
USUARIO => 1666179 B
RecycleBin => 0 B
EmptyTemp: => 750.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:54:21 ====Perdona…que error de registro era el que tenias.??
Buenas noches el mensaje es este creo que es del registro por lo del .dll, un saludo “CCC.EXE” en el mensaje del mismo me dice: No se encuentra el punto de entrada del procedimiento nextafterf en la biblioteca de vinculos dinamicos MSVCR120_CLR0400.DLL
Cuando compraste el equipo vino acompañado de algún CD/DVD para instalar los componentes/drivers propios de la tarjeta gráfica.??
Alguno que viniera etiquetado como “Catalyst Software Suite” o similar.??
Buenas tardes si que viene un dvd con los drivers he estado mirando el contenido y no veo lo de catalyst por ningun lado, nose de que puede ser el dichoso error que me sale, y el porque me sigue iniciando a veces, con windows clasico, siento el trabajo que les estoy dando, pero mi ignorancia con este tema es total, y si lo llevo al sitio donde lo compre todo lo solucionan con formatear. Un saludo.
Hola.
El mensaje hace referencia a la aplicacion “CCC.EXE” esa aplicacion es la que se encarga de la tarjeta grafica que tienes instalada y ese programa se instala o actualiza con el programa que te decia “Catalyst Software Suite” de AMD :
Debes descargarte la versión que veras en el apartado que hace referencia a tu sistema operativo “Windows 7 - 64-Bit Edition” pulsando en el botón Download y guardar el instalador en tu escritorio.
Lo ejecutas pulsando sobre el ejecutable “whql-win8.1-win7-catalyst-15.7.1-oct30.exe” con botón derecho y “Ejecutar como Administrador” sigues los pasos de instalación y al terminar REINICIAS el equipo.
Luego nos comentas como sigue el problema.
Saludos.
Buenas instale los drivers que me dijo, en el proceso de instalacion me salio un aviso que me decia estos componentes no se encuentran instalados en el equipo, luego se instalo todo y me decia que se habia instalado con exito, reinicie el equipo y cuando se encendio me volvio a salir el mensaje de error y inicio con windows clasico de nuevo, le adjunto una captura, gracias.
Bien… pues ahora vamos a usar esta herramienta, para ver si nos ayuda a arreglar tu equipo. 
Descarga en tu escritorio 
Windows Repair all in one, hazlo con la versión portable suele estar la última de todas donde veas que pone 
◄
Es un fichero ZIP con este nombre 
tweaking.com_windows_repair_aio.zip, lo descomprimes y ejecutas desde la carpeta que se habrá generado en tu escritorio.
Haces doble clic sobre el archivo Repair_Windows.exe.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona Ejecutar como Administrador.- )
Aceptas en la primera pantalla la licencia de uso pulsando en I Agree y a continuación veras la pantalla inicial del programa, donde debes seguir estos pasos :
Repairs - Main.
Open Repairs.
Inmediatamente aparecerá esta nueva ventana, donde debes seguir pulsando en :
Start Repairs.
El proceso ira realizando todos los pasos establecidos y cuando termine ya Reinicias TU el equipo.
Nos comentas como funciona tu equipo, en relación al problema planteado.
Saludos.
Buenas noches, el error del registro por fin ha desaparecido, lo unico que me volvio a reiniciar con el windows en modo clasico, nose si esto ultimo se puede solucionar, aun asi gracias por toda la ayuda hasta el momento.
Bien, pues ahora sigue estos pasos :
Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Descarga la herramienta 
ComboFix y guárdala en el escritorio. 
Muy Importante.
PASO 1:
- Ejecutar el archivo ComboFix.exe
- Aceptar los términos de licencia.
- Si ComboFix avisa que hay una versión nueva del programa deberás descargala.
- Si ComboFix pide instalar la Consola de Recuperación (Recovery Console) hay que instalarla.
PASO 2:
- Copiar y pegar el reporte que ComboFix generó. Si no aparece lo encontraras en C:\ComboFix.txt
- Comentar cómo sigue su sistema, en relación al problema planteado.
Importante :
- Mientras esté trabajando ComboFix no ejecutar ningún software hasta que termine.
- No reiniciar su PC, ComboFix lo hará de ser necesario.
- Mientras ComboFix esté trabajando, no mover el mouse ya que pararía su proceso.
Saludos, Javier.
Buenas, le copio el informe que Combofix ha generado, decir que el pc va mas rapido en general, y que no volvio a aparecer mas el mensaje de error del registro, ya por 2º dia consecutivo, lo de windows clasico hoy el pc me inicio normal, pero como eso pasa 1 dia si otro no no se decirle, si se ha solucionado, hoy inició normal.
ComboFix 18-08-08.01 - USUARIO 04/12/2018 23:33:29.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.3082.18.7124.5202 [GMT 1:00]
Running from: c:\users\USUARIO\Desktop\ComboFix.exe
AV: AVG Antivirus *Disabled/Updated* {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
SP: AVG Antivirus *Disabled/Updated* {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2018-11-04 to 2018-12-04 )))))))))))))))))))))))))))))))
.
.
2018-12-04 22:40 . 2018-12-04 22:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-12-03 22:51 . 2018-12-03 22:59 -------- d-----w- c:\windows\system32\catroot2
2018-12-03 22:31 . 2018-12-03 22:31 -------- d-----w- c:\windows\SysWow64\wbem\Performance
2018-12-03 22:16 . 2018-12-03 22:16 -------- d-----w- C:\RegBackup
2018-11-30 19:02 . 2018-11-30 19:02 -------- d-----w- c:\programdata\ATI
2018-11-30 19:02 . 2018-11-30 19:02 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2018-11-30 18:55 . 2018-11-30 18:55 -------- d-----w- C:\AMD
2018-11-26 19:38 . 2018-11-26 19:38 -------- d-----w- c:\windows\ERUNT
2018-11-25 19:18 . 2018-11-26 19:55 -------- d-----w- C:\FRST
2018-11-25 17:55 . 2018-11-25 17:56 -------- d-----w- C:\AdwCleaner
2018-11-25 17:38 . 2018-11-25 17:38 -------- d-----w- c:\users\USUARIO\AppData\Local\mbam
2018-11-19 17:10 . 2018-11-19 17:10 378640 ----a-w- c:\windows\system32\avgBoot.exe
2018-11-18 19:04 . 2018-11-18 19:04 12464 ----a-w- c:\windows\SysWow64\drivers\SECDRV.SYS
2018-11-17 04:32 . 2018-11-17 04:32 -------- d-----w- c:\windows\SysWow64\Adobe
2018-11-17 02:38 . 2018-11-23 02:19 842240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2018-11-17 02:38 . 2018-11-23 02:19 175104 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2018-11-17 02:38 . 2018-11-23 02:19 -------- d-----w- c:\windows\system32\Macromed
2018-11-14 17:57 . 2018-11-14 17:57 -------- d-----w- c:\program files\iPod
2018-11-14 17:57 . 2018-11-14 17:57 -------- d-----w- c:\program files\iTunes
2018-11-14 17:37 . 2018-10-18 02:48 25737728 ----a-w- c:\windows\system32\mshtml.dll
2018-11-07 17:17 . 2018-08-28 06:24 14637568 ----a-w- c:\windows\system32\wmp.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-12-04 00:15 . 2017-07-03 21:37 65536 ----a-w- c:\windows\system32\spu_storage.bin
2018-11-19 17:10 . 2017-08-14 00:00 208712 ----a-w- c:\windows\system32\drivers\avgStm.sys
2018-11-19 17:10 . 2017-08-14 00:00 469520 ----a-w- c:\windows\system32\drivers\avgSP.sys
2018-11-19 17:10 . 2017-08-14 00:00 380704 ----a-w- c:\windows\system32\drivers\avgVmm.sys
2018-11-19 17:10 . 2017-08-14 00:00 87680 ----a-w- c:\windows\system32\drivers\avgRvrt.sys
2018-11-19 17:10 . 2017-08-14 00:00 46648 ----a-w- c:\windows\system32\drivers\avgHwid.sys
2018-11-19 17:10 . 2017-08-14 00:00 163496 ----a-w- c:\windows\system32\drivers\avgMonFlt.sys
2018-11-19 17:10 . 2017-11-29 01:24 201504 ----a-w- c:\windows\system32\drivers\avgArPot.sys
2018-11-19 17:10 . 2017-08-14 00:00 112040 ----a-w- c:\windows\system32\drivers\avgRdr2.sys
2018-11-19 17:10 . 2018-10-26 15:22 42552 ----a-w- c:\windows\system32\drivers\avgKbd.sys
2018-11-19 17:10 . 2017-08-14 00:00 1028920 ----a-w- c:\windows\system32\drivers\avgSnx.sys
2018-11-19 17:09 . 2017-08-14 00:00 59744 ----a-w- c:\windows\system32\drivers\avgbuniva.sys
2018-11-19 17:09 . 2017-08-14 00:00 346840 ----a-w- c:\windows\system32\drivers\avgbloga.sys
2018-11-19 17:09 . 2017-08-14 00:00 231104 ----a-w- c:\windows\system32\drivers\avgbidsdrivera.sys
2018-11-19 17:09 . 2017-08-14 00:00 202528 ----a-w- c:\windows\system32\drivers\avgbidsha.sys
2018-11-11 01:09 . 2018-11-14 17:36 44544 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2018-01-03 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2018-01-03 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2016-11-10 . 3CB074875AC88A7C1010A2A7F9881A8C . 833024 . . [6.1.7601.23594] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23594_none_35e609f7d1bb80db\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\USUARIO\AppData\Roaming\uTorrent\uTorrent.exe" [2018-11-10 1738936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176]
.
c:\users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Recorte de pantalla e Inicio rápido de OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2007-8-24 101784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 avgStm;avgStm;c:\windows\system32\drivers\avgStm.sys;c:\windows\SYSNATIVE\drivers\avgStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 avgbIDSAgent;avgbIDSAgent;c:\program files (x86)\AVG\Antivirus\x64\aswidsagenta.exe;c:\program files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [x]
R3 avgHwid;avgHwid;c:\windows\system32\drivers\avgHwid.sys;c:\windows\SYSNATIVE\drivers\avgHwid.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 avgbidsh;avgbidsh;c:\windows\system32\drivers\avgbidsha.sys;c:\windows\SYSNATIVE\drivers\avgbidsha.sys [x]
S0 avgblog;avgblog;c:\windows\system32\drivers\avgbloga.sys;c:\windows\SYSNATIVE\drivers\avgbloga.sys [x]
S0 avgbuniv;avgbuniv;c:\windows\system32\drivers\avgbuniva.sys;c:\windows\SYSNATIVE\drivers\avgbuniva.sys [x]
S0 avgRvrt;avgRvrt;c:\windows\system32\drivers\avgRvrt.sys;c:\windows\SYSNATIVE\drivers\avgRvrt.sys [x]
S0 avgVmm;avgVmm;c:\windows\system32\drivers\avgVmm.sys;c:\windows\SYSNATIVE\drivers\avgVmm.sys [x]
S1 avgArPot;avgArPot;c:\windows\system32\drivers\avgArPot.sys;c:\windows\SYSNATIVE\drivers\avgArPot.sys [x]
S1 avgbidsdriver;avgbidsdriver;c:\windows\system32\drivers\avgbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\avgbidsdrivera.sys [x]
S1 avgKbd;avgKbd;c:\windows\system32\drivers\avgKbd.sys;c:\windows\SYSNATIVE\drivers\avgKbd.sys [x]
S1 avgRdr;avgRdr;c:\windows\system32\drivers\avgRdr2.sys;c:\windows\SYSNATIVE\drivers\avgRdr2.sys [x]
S1 avgSnx;avgSnx;c:\windows\system32\drivers\avgSnx.sys;c:\windows\SYSNATIVE\drivers\avgSnx.sys [x]
S1 avgSP;avgSP;c:\windows\system32\drivers\avgSP.sys;c:\windows\SYSNATIVE\drivers\avgSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 AVG Antivirus;AVG Antivirus;c:\program files (x86)\AVG\Antivirus\AVGSvc.exe;c:\program files (x86)\AVG\Antivirus\AVGSvc.exe [x]
S2 avgMonFlt;avgMonFlt;c:\windows\system32\drivers\avgMonFlt.sys;c:\windows\SYSNATIVE\drivers\avgMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2018-09-20 06:32 327664 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-29 13513288]
"AVGUI.exe"="c:\program files (x86)\AVG\Antivirus\AvLaunch.exe" [2018-11-19 290064]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2018-10-22 301880]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: localhost
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-MBAMService
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_31_0_0_153_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_31_0_0_153_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_31_0_0_153_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_31_0_0_153_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_153.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.31"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_153.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_153.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_153.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2018-12-04 23:44:13
ComboFix-quarantined-files.txt 2018-12-04 22:44
.
Pre-Run: 845.834.444.800 bytes libres
Post-Run: 845.294.043.136 bytes libres
.
- - End Of File - - 498B91FA8A14912B2747F420982A013E
A36C5E4F47E84449FF07ED3517B43A31Hola.
Perfecto… de momento esperaremos otras 48 horas para ver si el problema del modo clásico persiste. 
No realices pasos/acciones que NOSOTROS no te hayamos indicado.
No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
No instales NADA (programas/software/complementos/extensiones del navegador…)
No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…)
No realices por tu cuenta otros procedimientos.
Usa tu equipo EXCLUSIVAMENTE para desinfectarlo/arreglarlo siguiendo nuestras indicaciones.
Depuse de las 48 horas nos comentas, o en cuanto se reproduzca el problema.
Saludos.
Buenos dias, windows volvio a iniciarse como clasico, un saludo.
Hola.
Cuando se inicia como clásico no sale ningún mensaje.??
Que haces en ese caso, APAGAS y vuelves a encender directamente.??