Probé todo y no lo puedo quitar


#1

Hola! Mi nombre es Luciano, soy nuevo y no puedo quitar publicidad-

En Youtube me aparecen videos con imágenes de señoritas con poca ropa. y el link es “EDITADA URL”

Utilizo Chrome y probé quitar EXTENSIONES, restablecer y limpiar, MALWAREBYTES, CCLINER, y spyhunter 5 pero no logro quitar esas publicidades

por favor, me podrán ayudar?

Muchas gracias


#2

Hola y [email protected] al nuevo Forospyware

Primeramente, si todavía lo tienes , elimina Spyhunter, pues es un falso antivirus :-1:

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware,

Manual Malwarebytes, para que sepas usarlo y configurarlo.

  • Realiza un Análisis Personalizado,marcando Todas las casillas de la derecha y de la Izquierda actualizando si te lo pide.
  • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
  • Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles, y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) - Realiza una analisis según el manual con:

Me pegas los logs de Malwarebytes , Adwcleaner y ZHpcleaner y comentas como va el problema


#4
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del evento de protección: 12/10/18
Hora del evento de protección: 18:46
Archivo de registro: 3d32a902-ce68-11e8-b6be-5820b16926b9.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.463
Versión del paquete de actualización: 1.0.7321
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.345)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Detalles del malware bloqueado-
Archivo: 1
PUP.Optional.SpyHunter, C:\Users\Usuario\Downloads\sh-remover.exe, En cuarentena, [3921], [552698],1.0.7321


(end)
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 12/10/18
Hora del análisis: 18:13
Archivo de registro: adf4ca12-ce63-11e8-9e83-5820b16926b9.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.463
Versión del paquete de actualización: 1.0.7321
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.345)
CPU: x64
Sistema de archivos: NTFS
Usuario: HPLUCIANO\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 336187
Amenazas detectadas: 67
Amenazas en cuarentena: 67
Tiempo transcurrido: 6 min, 12 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 17
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\System Table_is1, En cuarentena, [398], [492739],1.0.7321
Adware.SmartApplicationController.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\CheckControllerUpdatesUA, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CE979E4E-217E-438F-B27F-892140658513}, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{CE979E4E-217E-438F-B27F-892140658513}, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController.TskLnk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{A6AE177E-D46B-4463-AA69-B9F818E0DC4A}_is1, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CheckControllerUpdatesUA, En cuarentena, [5505], [-1],0.0.0
Adware.SmartApplicationController.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE979E4E-217E-438F-B27F-892140658513}, En cuarentena, [5505], [-1],0.0.0
Adware.SmartApplicationController.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CE979E4E-217E-438F-B27F-892140658513}, En cuarentena, [5505], [-1],0.0.0
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, En cuarentena, [251], [440037],1.0.7321
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, En cuarentena, [251], [440037],1.0.7321
PUP.Optional.SearchManager, HKU\S-1-5-21-3162186387-75124398-1704654916-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, [251], [440037],1.0.7321
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En cuarentena, [251], [183362],1.0.7321
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, En cuarentena, [251], [183362],1.0.7321
PUP.Optional.SearchManager, HKU\S-1-5-21-3162186387-75124398-1704654916-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En cuarentena, [251], [183362],1.0.7321
PUP.Optional.WinYahoo, HKU\S-1-5-21-3162186387-75124398-1704654916-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}, En cuarentena, [230], [182757],1.0.7321
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En cuarentena, [7248], [252393],1.0.7321
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En cuarentena, [7248], [252393],1.0.7321

Valor del registro: 3
PUP.Optional.WinYahoo, HKU\S-1-5-21-3162186387-75124398-1704654916-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, En cuarentena, [230], [182757],1.0.7321
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En cuarentena, [7248], [252393],1.0.7321
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En cuarentena, [7248], [252393],1.0.7321

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 11
Adware.SmartApplicationController, C:\USERS\USUARIO\APPDATA\ROAMING\SMART APPLICATION CONTROLLER, En cuarentena, [4273], [470282],1.0.7321
Trojan.Agent, C:\USERS\USUARIO\APPDATA\ROAMING\WIDMODULE, En cuarentena, [398], [492739],1.0.7321
PUP.Optional.SystemTable.Generic, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0\icon, En cuarentena, [4620], [509531],1.0.7321
PUP.Optional.SystemTable.Generic, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0\js, En cuarentena, [4620], [509531],1.0.7321
PUP.Optional.SystemTable.Generic, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0, En cuarentena, [4620], [509531],1.0.7321
PUP.Optional.SystemTable.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\SYSTEMTABLE, En cuarentena, [4620], [509531],1.0.7321
Adware.SmartApplicationController.TskLnk, C:\PROGRAM FILES (X86)\SMART APPLICATION CONTROLLER, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SMART APPLICATION CONTROLLER, En cuarentena, [4273], [471427],1.0.7321
Trojan.Zpevdo, C:\USERS\USUARIO\APPDATA\LOCAL\WSERVICES, En cuarentena, [2685], [578958],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\USERS\USUARIO\APPDATA\LOCAL\{C02AF676-E482-9ACE-891A-BF26AD7243BE}, En cuarentena, [3722], [542290],1.0.7321

Archivo: 36
Adware.SmartApplicationController, C:\USERS\USUARIO\APPDATA\ROAMING\SMART APPLICATION CONTROLLER\SETTINGS.INI, En cuarentena, [4273], [470282],1.0.7321
Trojan.Agent, C:\USERS\USUARIO\APPDATA\ROAMING\WIDMODULE\DATA.TXT, En cuarentena, [398], [492739],1.0.7321
Trojan.Agent, C:\Users\Usuario\AppData\Roaming\WidModule\unins000.dat, En cuarentena, [398], [492739],1.0.7321
Trojan.Agent, C:\Users\Usuario\AppData\Roaming\WidModule\unins000.exe, En cuarentena, [398], [492739],1.0.7321
Trojan.Agent.E.Generic, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\CONNECT.LNK, En cuarentena, [3706], [465864],1.0.7321
PUP.Optional.SystemTable.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\SYSTEMTABLE\1.2_0\manifest.json, En cuarentena, [4620], [509531],1.0.7321
PUP.Optional.SystemTable.Generic, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0\icon\icon128.png, En cuarentena, [4620], [509531],1.0.7321
PUP.Optional.SystemTable.Generic, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0\icon\icon16.png, En cuarentena, [4620], [509531],1.0.7321
PUP.Optional.SystemTable.Generic, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0\icon\icon24.png, En cuarentena, [4620], [509531],1.0.7321
PUP.Optional.SystemTable.Generic, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0\icon\icon32.png, En cuarentena, [4620], [509531],1.0.7321
PUP.Optional.SystemTable.Generic, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\SystemTable\1.2_0\js\background.js, En cuarentena, [4620], [509531],1.0.7321
Adware.SmartApplicationController.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\CheckControllerUpdatesUA, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController.TskLnk, C:\PROGRAM FILES (X86)\SMART APPLICATION CONTROLLER\SMAPPSCONTROLLER.EXE, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController.TskLnk, C:\Program Files (x86)\Smart Application Controller\smappscontroller_update.exe, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController.TskLnk, C:\Program Files (x86)\Smart Application Controller\software_update.ico, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController.TskLnk, C:\Program Files (x86)\Smart Application Controller\unins000.dat, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController.TskLnk, C:\Program Files (x86)\Smart Application Controller\unins000.exe, En cuarentena, [5505], [470279],1.0.7321
Adware.SmartApplicationController.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\CheckControllerUpdatesUA, En cuarentena, [5505], [-1],0.0.0
Adware.SmartApplicationController, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SMART APPLICATION CONTROLLER\SMART APPLICATION CONTROLLER.LNK, En cuarentena, [4273], [471427],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\USERS\USUARIO\APPDATA\LOCAL\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HOWTOREMOVE\HOWTOREMOVE.HTML, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\chromium-min.jpg, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\control panel-min-min.JPG, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\down.png, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\ff menu.JPG, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\ff search engine-min.png, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\hp-min ff.png, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\hp-min ie.png, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\search engine.gif, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\setup pages.gif, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\sp-min.png, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\start-min.jpg, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\HowToRemove\up.png, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\cedonilat, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\norisomi, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\uninst.exe, En cuarentena, [3722], [542290],1.0.7321
PUP.Optional.WinYahoo.TskLnk, C:\Users\Usuario\AppData\Local\{C02AF676-E482-9ACE-891A-BF26AD7243BE}\uninstp.dat, En cuarentena, [3722], [542290],1.0.7321

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#5
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-10-12.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-13-2018
# Duration: 00:00:02
# OS:       Windows 10 Home
# Cleaned:  5
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\ByteFence

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\csastats
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

#6

No me permite pegar el otro LOG


#7

Subelo directamente con el símbolo de flecha arriba que tienes en las respuestas


#9
~ ZHPCleaner v2018.10.9.181 by Nicolas Coolman (2018/10/09)
~ Run by Usuario (Administrator)  (13/10/2018 19:25:21)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\Usuario\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Usuario\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 17134)

---\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados. (ADS)

---\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados. (Servicio)

---\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados. (Navegador)

---\  Hosts carpeta (1)
~ El archivo hosts es legítimo (71)

---\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados. (Tarea)

---\  Explorador ( Archivos, Carpetas ) (2)
MOVIDO carpeta: C:\Windows\SECOH-QAD.dll    =>HackTool.KMSpico
MOVIDO carpeta: C:\Windows\SECOH-QAD.exe    =>HackTool.KMSpico

---\  Registro ( Claves, Valores, Datos) (1)
BORRADOS clave*: HKCU\Software\undefined []  =>.SUP.Downloader

---\  Resumen de elementos en su estación de trabajo (2)
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/  =>HackTool.KMSpico
https://nicolascoolman.eu/2017/12/22/sup-downloader/  =>.SUP.Downloader

---\ Limpieza adicional. (9)
~ Clave de registro Tracing borrados (9)
~ Quitar los antiguos informes de ZHPCleaner. (0)

---\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ falta este navegador! (Mozilla Firefox)
~ falta este navegador! (Opera Software)

---\ STATISTIQUES
~ Items escaneado : 788
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 0/7
~ Ahorro de espacio (bytes) : 0
~ End of clean in 00h00mn07s

---\  Reporte (2)
ZHPCleaner-[S]-13102018-19_24_41.txt
ZHPCleaner-[R]-13102018-19_25_28.txt

#10

Ahora el MalwareBytes me abre un alerta de eluxer.net

Me recomiendan quitar el otro antivirus y pagar por MalwareBytes?


#11

Malwarebytes es un complemento de los antivirus y normalmente se usa con uno de ellos, pero al final del tema veremos recomendaciones

Que antivirus usas?

Dime que pone la ventana exactamente de Malwarebytes o vete a Informes y busca un log que ponga protección y mira si pone lo de la ventana y me lo pegas


#12

Malwarebytes

-Detalles del registro- Fecha del evento de protección: 16/10/18 Hora del evento de protección: 19:37 Archivo de registro: 00a12606-d194-11e8-9bfe-5820b16926b9.json

-Información del software- Versión: 3.6.1.2711 Versión de los componentes: 1.0.463 Versión del paquete de actualización: 1.0.7387 Licencia: Prueba

-Información del sistema- SO: Windows 10 (Build 17134.345) CPU: x64 Sistema de archivos: NTFS Usuario: System

-Detalles del sitio web bloqueado- Sitio web malicioso: 1 , , Bloqueado, [-1], [-1],0.0.0

-Datos de sitio web- Categoría: Troyano Dominio: eluxer.net Dirección IP: 5.45.77.188 Puerto: [61512] Tipo: Saliente Archivo: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(end)


#13
  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.



#14

Algo está bloqueando la imagen del último párrafo… MUY IMPORTANTE envuelve… y no me permite leer qué debe decir la etiqueta inicial y la etiqueta final.

Estas etiquetas deben ir al comienzo y al final de cada de cada respuesta que deba realizar para que entren los reportes?


#15

Si, eso es. pegas el log y escribes al inicio y al fina lo que pone…

Mira si lo ves ahora…si no lo ves , mira si algun bloqueador de publi que tengas lo impide

Hay que poner [code] al inicio y

[/code] al final


#17
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Usuario (administrator) on HPLUCIANO (17-10-2018 11:23:10)
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario & postgres)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(SA International) C:\Windows\SysWOW64\SAiAdmin.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20168.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20168.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files (x86)\Connect (1000THVVLJLMNJ2UPSU7JJBBPHNLCN8LKGsaicloud)\messenger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2018-05-14] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3784512 2018-10-09] (Dropbox, Inc.)
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3162186387-75124398-1704654916-1001\...\Run: [Chromium] => c:\users\usuario\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-3162186387-75124398-1704654916-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{232ef2aa-53b2-4278-8838-907f6e9c7a6f}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3162186387-75124398-1704654916-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asistar.donweb-homeip.net/ser/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2018-05-21] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2018-05-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2018-05-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2018-05-21] (Oracle Corporation)
DPF: HKLM-x32 {4DCB6A2B-C3AE-11D5-9C24-00104B307242} hxxp://asistar.donweb-homeip.net/ser/wconfigurador.CAB
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2018-05-21] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2018-05-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2018-05-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2018-05-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2011-12-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2018-05-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2018-05-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2018-10-17]
CHR Extension: (Slides) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-21]
CHR Extension: (Docs) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-21]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-21]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-21]
CHR Extension: (Dropbox for Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2018-05-22]
CHR Extension: (Sheets) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-21]
CHR Extension: (Google Docs Offline) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (360 Internet Protection) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2018-09-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-21]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-21]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-13]
CHR HKLM\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3162186387-75124398-1704654916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-18] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-22] (Dropbox, Inc.)
S3 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-10-09] (Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-08-18] (EasyAntiCheat Ltd)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel Corporation)
S3 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2017-01-13] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [932416 2018-05-14] (QIHU 360 SOFTWARE CO. LIMITED)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-01-28] (Realtek Semiconductor)
R2 SAiAdmin; C:\Windows\SysWOW64\SAiAdmin.exe [77824 2015-04-21] (SA International) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644144 2018-07-23] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
S2 Key Symbols Notifier; "C:\Users\Usuario\AppData\Local\WServices\svb98s12e.exe" /srv [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [192176 2018-05-14] (360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2018-05-14] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2018-05-14] (360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2018-05-14] (360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2018-05-14] (360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [443992 2018-05-14] (360.cn)
R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [96424 2018-05-14] (360.cn)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP)
R3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [60488 2013-08-01] (SafeNet Inc.)
R3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [63944 2013-08-01] (SafeNet Inc.)
R3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [296576 2012-06-15] (SafeNet Inc.)
S1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [219760 2018-05-14] (360.cn)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [72584 2017-01-12] (Intel Corporation)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [199192 2018-05-11] (Intel Corporation)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
R3 Mkbus; C:\WINDOWS\System32\drivers\Mkbus.sys [54304 2016-12-31] (mail2backupkey)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_9172c4e962e5b3ee\nvlddmkm.sys [17200384 2018-07-04] (NVIDIA Corporation)
R3 Optitex; C:\WINDOWS\System32\drivers\Optitex.sys [288760 2015-10-10] (Akshasp)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Realtek )
S2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
R3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP)
U3 aspnet_state; no ImagePath
U3 aswbdisk; no ImagePath
S2 multikey; \SystemRoot\System32\drivers\multikey.sys [X]
==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-17 11:23 - 2018-10-17 11:23 - 000018581 _____ C:\Users\Usuario\Desktop\FRST.txt
2018-10-17 11:22 - 2018-10-17 11:23 - 000000000 ____D C:\FRST
2018-10-17 11:21 - 2018-10-17 11:21 - 002414592 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2018-10-17 09:33 - 2018-10-17 09:33 - 000000789 _____ C:\Users\Usuario\Desktop\troyano.txt
2018-10-16 16:05 - 2018-10-16 16:05 - 000033633 _____ C:\Users\Usuario\Downloads\WhatsApp Image 2018-10-16 at 3.49.35 PM.jpeg
2018-10-13 19:24 - 2018-10-13 19:29 - 000002102 _____ C:\Users\Usuario\Desktop\ZHPCleaner.txt
2018-10-13 19:16 - 2018-10-13 19:25 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\ZHP
2018-10-13 19:16 - 2018-10-13 19:16 - 000000877 _____ C:\Users\Usuario\Desktop\ZHPCleaner.lnk
2018-10-13 19:16 - 2018-10-13 19:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\ZHP
2018-10-13 19:15 - 2018-10-13 19:15 - 003281280 _____ C:\Users\Usuario\Downloads\ZHPCleaner.exe
2018-10-13 19:13 - 2018-10-13 19:13 - 000001669 _____ C:\Users\Usuario\Desktop\AdwCleaner[C00].txt
2018-10-13 19:02 - 2018-10-13 19:03 - 000000000 ____D C:\AdwCleaner
2018-10-13 18:59 - 2018-10-13 18:59 - 007592144 _____ (Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_7.2.4.0.exe
2018-10-12 18:22 - 2018-10-12 18:28 - 016898104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-12 18:12 - 2018-10-12 18:12 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2018-10-12 18:12 - 2018-10-12 18:12 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2018-10-12 18:11 - 2018-10-12 18:11 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-12 18:11 - 2018-10-12 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-12 18:11 - 2018-10-12 18:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-12 18:11 - 2018-10-12 18:11 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-12 18:11 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-12 18:09 - 2018-10-12 18:10 - 080022264 _____ (Malwarebytes ) C:\Users\Usuario\Downloads\mb3-setup-35891.35891-3.6.1.2711-1.0.463-1.0.6913.exe
2018-10-12 17:52 - 2018-10-12 17:52 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-10-12 17:52 - 2018-10-12 17:52 - 000002862 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-10-12 17:52 - 2018-10-12 17:52 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-10-12 17:52 - 2018-10-12 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-10-12 17:52 - 2018-10-12 17:52 - 000000000 ____D C:\Program Files\CCleaner
2018-10-12 17:50 - 2018-10-12 17:51 - 016796856 _____ (Piriform Ltd) C:\Users\Usuario\Downloads\ccsetup547.exe
2018-10-10 18:21 - 2018-10-10 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-10 08:40 - 2018-10-10 08:40 - 000135606 _____ C:\Users\Usuario\Downloads\TF33674675.xlsx
2018-10-10 08:10 - 2018-09-21 06:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-10 08:10 - 2018-09-21 00:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 08:10 - 2018-09-20 06:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-10 08:10 - 2018-09-20 05:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 08:10 - 2018-09-20 01:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 08:10 - 2018-09-20 01:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-10 08:10 - 2018-09-20 01:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 08:10 - 2018-09-20 01:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 08:10 - 2018-09-20 01:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 08:10 - 2018-09-20 01:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 08:10 - 2018-09-20 01:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-10 08:10 - 2018-09-20 01:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-10 08:10 - 2018-09-20 00:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 08:10 - 2018-09-20 00:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 08:10 - 2018-09-20 00:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 08:10 - 2018-09-20 00:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 08:10 - 2018-09-20 00:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-10 08:10 - 2018-09-20 00:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-10 08:10 - 2018-09-20 00:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-10 08:10 - 2018-09-08 05:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-10 08:10 - 2018-09-08 00:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-10 08:10 - 2018-09-08 00:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-10 08:10 - 2018-09-08 00:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-10 08:10 - 2018-09-08 00:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-10 08:10 - 2018-09-08 00:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-10 08:09 - 2018-09-21 06:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-10 08:09 - 2018-09-21 05:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-10 08:09 - 2018-09-21 05:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-10 08:09 - 2018-09-21 01:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-10 08:09 - 2018-09-21 01:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-10 08:09 - 2018-09-21 01:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-10 08:09 - 2018-09-21 01:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-10 08:09 - 2018-09-21 01:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-10 08:09 - 2018-09-21 01:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-10 08:09 - 2018-09-21 01:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-10 08:09 - 2018-09-21 01:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-10 08:09 - 2018-09-21 01:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-10 08:09 - 2018-09-21 01:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-10 08:09 - 2018-09-21 01:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-10 08:09 - 2018-09-21 01:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-10 08:09 - 2018-09-21 01:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-10 08:09 - 2018-09-21 01:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-10 08:09 - 2018-09-21 01:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-10 08:09 - 2018-09-21 01:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-10 08:09 - 2018-09-21 01:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-10 08:09 - 2018-09-21 01:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-10 08:09 - 2018-09-21 01:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-10 08:09 - 2018-09-21 01:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-10 08:09 - 2018-09-21 00:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-10 08:09 - 2018-09-21 00:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-10 08:09 - 2018-09-21 00:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-10 08:09 - 2018-09-21 00:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-10 08:09 - 2018-09-21 00:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-10 08:09 - 2018-09-21 00:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-10 08:09 - 2018-09-21 00:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-10 08:09 - 2018-09-21 00:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-10 08:09 - 2018-09-21 00:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-10 08:09 - 2018-09-21 00:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-10 08:09 - 2018-09-21 00:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-10 08:09 - 2018-09-21 00:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-10 08:09 - 2018-09-21 00:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-10 08:09 - 2018-09-21 00:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 08:09 - 2018-09-21 00:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-10 08:09 - 2018-09-21 00:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-10 08:09 - 2018-09-21 00:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-10 08:09 - 2018-09-21 00:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-10 08:09 - 2018-09-21 00:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-10 08:09 - 2018-09-21 00:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-10 08:09 - 2018-09-21 00:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-10 08:09 - 2018-09-21 00:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-10 08:09 - 2018-09-21 00:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-10 08:09 - 2018-09-21 00:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-10 08:09 - 2018-09-20 06:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 08:09 - 2018-09-20 06:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 08:09 - 2018-09-20 06:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 08:09 - 2018-09-20 06:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 08:09 - 2018-09-20 06:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 08:09 - 2018-09-20 06:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 08:09 - 2018-09-20 06:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 08:09 - 2018-09-20 06:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 08:09 - 2018-09-20 06:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 08:09 - 2018-09-20 06:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 08:09 - 2018-09-20 05:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 08:09 - 2018-09-20 05:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-10 08:09 - 2018-09-20 05:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-10 08:09 - 2018-09-20 05:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 08:09 - 2018-09-20 05:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 08:09 - 2018-09-20 05:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 08:09 - 2018-09-20 05:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-10 08:09 - 2018-09-20 03:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 08:09 - 2018-09-20 02:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 08:09 - 2018-09-20 01:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 08:09 - 2018-09-20 01:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 08:09 - 2018-09-20 01:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-10 08:09 - 2018-09-20 01:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-10 08:09 - 2018-09-20 01:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-10 08:09 - 2018-09-20 01:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-10 08:09 - 2018-09-20 01:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-10 08:09 - 2018-09-20 01:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-10 08:09 - 2018-09-20 01:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 08:09 - 2018-09-20 01:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 08:09 - 2018-09-20 01:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-10 08:09 - 2018-09-20 01:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-10 08:09 - 2018-09-20 01:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-10 08:09 - 2018-09-20 01:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-10 08:09 - 2018-09-20 01:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-10 08:09 - 2018-09-20 01:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 08:09 - 2018-09-20 01:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-10 08:09 - 2018-09-20 01:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-10 08:09 - 2018-09-20 01:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 08:09 - 2018-09-20 01:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-10 08:09 - 2018-09-20 01:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 08:09 - 2018-09-20 01:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-10 08:09 - 2018-09-20 01:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-10 08:09 - 2018-09-20 01:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 08:09 - 2018-09-20 01:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 08:09 - 2018-09-20 01:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 08:09 - 2018-09-20 01:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 08:09 - 2018-09-20 01:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 08:09 - 2018-09-20 01:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-10 08:09 - 2018-09-20 01:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 08:09 - 2018-09-20 01:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 08:09 - 2018-09-20 01:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 08:09 - 2018-09-20 01:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 08:09 - 2018-09-20 01:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 08:09 - 2018-09-20 00:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-10 08:09 - 2018-09-20 00:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-10 08:09 - 2018-09-20 00:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-10 08:09 - 2018-09-20 00:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 08:09 - 2018-09-20 00:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 08:09 - 2018-09-20 00:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 08:09 - 2018-09-20 00:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 08:09 - 2018-09-20 00:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 08:09 - 2018-09-20 00:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 08:09 - 2018-09-20 00:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 08:09 - 2018-09-20 00:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 08:09 - 2018-09-20 00:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 08:09 - 2018-09-20 00:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 08:09 - 2018-09-20 00:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-10 08:09 - 2018-09-19 23:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-10 08:09 - 2018-09-19 22:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-10 08:09 - 2018-09-08 05:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-10 08:09 - 2018-09-08 05:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-10 08:09 - 2018-09-08 05:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-10 08:09 - 2018-09-08 05:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-10 08:09 - 2018-09-08 05:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-10 08:09 - 2018-09-08 05:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-10 08:09 - 2018-09-08 05:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-10 08:09 - 2018-09-08 05:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-10 08:09 - 2018-09-08 05:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-10 08:09 - 2018-09-08 05:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-10 08:09 - 2018-09-08 04:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-10 08:09 - 2018-09-08 04:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-10 08:09 - 2018-09-08 04:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-10 08:09 - 2018-09-08 04:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-10 08:09 - 2018-09-08 04:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-10 08:09 - 2018-09-08 04:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-10 08:09 - 2018-09-08 04:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-10 08:09 - 2018-09-08 04:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-10 08:09 - 2018-09-08 04:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-10 08:09 - 2018-09-08 04:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-10 08:09 - 2018-09-08 04:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-10 08:09 - 2018-09-08 04:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-10 08:09 - 2018-09-08 04:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-10 08:09 - 2018-09-08 04:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-10 08:09 - 2018-09-08 04:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-10 08:09 - 2018-09-08 04:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-10 08:09 - 2018-09-08 04:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-10 08:09 - 2018-09-08 04:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-10 08:09 - 2018-09-08 04:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-10 08:09 - 2018-09-08 04:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-10 08:09 - 2018-09-08 04:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-10 08:09 - 2018-09-08 04:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-10 08:09 - 2018-09-08 04:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-10 08:09 - 2018-09-08 04:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-10 08:09 - 2018-09-08 04:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-10 08:09 - 2018-09-08 04:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-10 08:09 - 2018-09-08 04:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-10 08:09 - 2018-09-08 04:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-10 08:09 - 2018-09-08 04:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-10 08:09 - 2018-09-08 04:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-10 08:09 - 2018-09-08 04:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-10 08:09 - 2018-09-08 04:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-10 08:09 - 2018-09-08 04:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-10 08:09 - 2018-09-08 04:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-10 08:09 - 2018-09-08 04:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-10 08:09 - 2018-09-08 03:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-10 08:09 - 2018-09-08 03:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-10 08:09 - 2018-09-08 03:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-10 08:09 - 2018-09-08 03:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-10 08:09 - 2018-09-08 03:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-10 08:09 - 2018-09-08 03:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-10 08:09 - 2018-09-08 03:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-10 08:09 - 2018-09-08 03:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-10 08:09 - 2018-09-08 03:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-10 08:09 - 2018-09-08 03:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-10 08:09 - 2018-09-08 03:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-10 08:09 - 2018-09-08 03:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-10 08:09 - 2018-09-08 01:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-10 08:09 - 2018-09-08 00:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-10 08:09 - 2018-09-08 00:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-10 08:09 - 2018-09-08 00:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-10 08:09 - 2018-09-08 00:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-10 08:09 - 2018-09-08 00:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-10 08:09 - 2018-09-08 00:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-10 08:09 - 2018-09-08 00:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-10 08:09 - 2018-09-08 00:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-10 08:09 - 2018-09-08 00:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-10 08:09 - 2018-09-08 00:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-10 08:09 - 2018-09-08 00:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-10 08:09 - 2018-09-08 00:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-10 08:09 - 2018-09-08 00:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-10 08:09 - 2018-09-08 00:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-10 08:09 - 2018-09-08 00:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-10 08:09 - 2018-09-08 00:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-10 08:09 - 2018-09-08 00:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-10 08:09 - 2018-09-08 00:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-10 08:09 - 2018-09-08 00:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-10 08:09 - 2018-09-08 00:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-10 08:09 - 2018-09-08 00:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-10 08:09 - 2018-09-08 00:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-10 08:09 - 2018-09-08 00:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-10 08:09 - 2018-09-08 00:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-10 08:09 - 2018-09-08 00:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-10 08:09 - 2018-09-08 00:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-10 08:09 - 2018-09-08 00:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-10 08:09 - 2018-09-08 00:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-10 08:09 - 2018-09-08 00:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-10 08:09 - 2018-09-08 00:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-10 08:09 - 2018-09-08 00:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-10 08:09 - 2018-09-08 00:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-10 08:09 - 2018-09-08 00:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-10 08:09 - 2018-09-08 00:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-10 08:09 - 2018-09-08 00:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-10 08:09 - 2018-09-08 00:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-10 08:09 - 2018-09-08 00:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-10 08:09 - 2018-09-08 00:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-10 08:09 - 2018-09-08 00:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-10 08:09 - 2018-09-08 00:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-10 08:09 - 2018-09-08 00:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-10 08:09 - 2018-09-08 00:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-10 08:09 - 2018-09-08 00:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-10 08:09 - 2018-09-08 00:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-10 08:09 - 2018-09-08 00:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-10 08:09 - 2018-09-08 00:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-10 08:09 - 2018-09-08 00:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-10 08:09 - 2018-09-08 00:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-10 08:09 - 2018-09-08 00:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-10 08:09 - 2018-09-08 00:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-10 08:09 - 2018-09-08 00:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-10 08:09 - 2018-09-08 00:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-10 08:09 - 2018-09-08 00:24 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-10-10 08:09 - 2018-09-08 00:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-10 08:09 - 2018-09-08 00:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-10 08:09 - 2018-09-08 00:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-10 08:09 - 2018-09-08 00:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-10 08:09 - 2018-09-08 00:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-10 08:09 - 2018-09-08 00:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-10 08:09 - 2018-09-08 00:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-10 08:09 - 2018-09-08 00:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-09 08:53 - 2018-10-09 08:53 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-10-09 08:53 - 2018-10-09 08:53 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-10-09 08:53 - 2018-10-09 08:53 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-10-09 08:53 - 2018-10-09 08:53 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-10-03 11:48 - 2018-10-03 11:48 - 000000000 ____D C:\WINDOWS\4D
2018-10-03 08:35 - 2018-10-03 11:30 - 050049971 _____ C:\Users\Usuario\Downloads\PROGRAMAS EXTRA.rar
2018-10-03 08:35 - 2018-10-03 11:30 - 008228878 _____ C:\Users\Usuario\Downloads\BREVE VIDEO MANUAL DE OPERACION DEL PROGRAMA. GYM.mp4
2018-10-03 08:35 - 2018-10-03 11:30 - 006501746 _____ () C:\Users\Usuario\Downloads\INSTALAR DEMO GYM.exe
2018-10-03 08:30 - 2018-10-03 08:34 - 064819530 _____ C:\Users\Usuario\Downloads\wetransfer-373c0b.zip
2018-10-02 17:32 - 2018-10-02 17:32 - 000000218 _____ C:\Users\Usuario\.recently-used.xbel
2018-10-02 17:29 - 2018-10-02 17:29 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\gtk-2.0
2018-10-02 17:03 - 2018-10-12 18:15 - 000000000 ____D C:\Users\postgres
2018-10-02 16:58 - 2018-10-02 16:59 - 047702770 _____ C:\Users\Usuario\Downloads\GymMaster_Lite_Installer_4.0.5.exe
2018-10-02 16:33 - 2018-10-02 16:33 - 047702770 _____ C:\Users\Usuario\Downloads\file
2018-10-01 17:19 - 2018-10-01 17:19 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Temp
2018-10-01 17:18 - 2018-10-01 17:18 - 000285367 _____ C:\Users\Usuario\Downloads\resumen (2).pdf
2018-10-01 17:17 - 2018-10-01 17:17 - 000285367 _____ C:\Users\Usuario\Downloads\resumen (1).pdf
2018-10-01 16:59 - 2018-10-01 16:59 - 000008136 _____ C:\Users\Usuario\Downloads\Credencial_23231950079 (201811).pdf
2018-10-01 11:54 - 2018-10-01 11:54 - 001490064 _____ C:\Users\Usuario\Downloads\PRESUPUESTO ENDURANCE (2).pdf
2018-10-01 11:30 - 2018-10-01 11:30 - 000002630 _____ C:\Users\Usuario\Downloads\operationsResult.xls
2018-10-01 11:16 - 2018-10-01 11:16 - 000017035 _____ C:\Users\Usuario\Downloads\resumen.pdf
2018-09-29 11:03 - 2018-09-29 11:03 - 000021777 _____ C:\Users\Usuario\Downloads\SI_JTP_Pedido1_PV2019_27_9.xlsx
2018-09-29 11:01 - 2018-09-29 11:01 - 000035468 _____ C:\Users\Usuario\Downloads\fac_00001_00000199 (1).pdf
2018-09-29 11:00 - 2018-09-29 11:00 - 000035468 _____ C:\Users\Usuario\Downloads\fac_00001_00000199.pdf
2018-09-24 08:18 - 2018-09-24 08:18 - 001490064 _____ C:\Users\Usuario\Downloads\PRESUPUESTO ENDURANCE (1).pdf
2018-09-23 20:35 - 2018-09-23 20:35 - 000010603 _____ C:\Users\Usuario\Downloads\Gestiona_tus_deudas_Marta_Emerson.xlsx
2018-09-23 20:33 - 2018-09-23 20:33 - 000051635 _____ C:\Users\Usuario\Downloads\Calendario_Editorial___Plantilla___Marta_Emerson.03.xlsx
2018-09-20 17:48 - 2018-09-20 17:48 - 001490064 _____ C:\Users\Usuario\Downloads\PRESUPUESTO ENDURANCE.pdf
2018-09-20 16:47 - 2018-09-20 16:47 - 000083728 _____ C:\Users\Usuario\Downloads\INV00935436.pdf
2018-09-20 12:11 - 2018-09-20 12:11 - 001097608 _____ C:\Users\Usuario\Downloads\PRESENTACION IN.pdf
2018-09-17 16:20 - 2018-09-17 16:20 - 000085493 _____ C:\Users\Usuario\Downloads\WhatsApp Image 2018-09-17 at 4.12.29 PM.jpeg

#19

Pega lo que falta…y vemos

No te hace falta ponerlos en tantas respuestas…como ves los he unido y todos lo que habias puesto se podía poner en una


#20
==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-17 10:43 - 2018-07-30 17:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-17 09:47 - 2018-05-21 16:36 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\360WD
2018-10-17 08:04 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-17 08:04 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-17 08:01 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-17 07:34 - 2018-07-30 18:06 - 000004220 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C2DDA575-E092-472A-805A-8202627C340F}
2018-10-16 18:53 - 2018-08-08 08:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\PlaceholderTileLogoFolder
2018-10-16 12:23 - 2018-08-28 13:46 - 000000000 ____D C:\Users\Usuario\AppData\Local\GoToMeeting
2018-10-15 23:20 - 2018-05-21 10:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Packages
2018-10-15 23:18 - 2018-05-22 09:29 - 000000000 ____D C:\Users\Usuario\Documents\Archivos de Outlook
2018-10-15 19:11 - 2018-07-30 18:37 - 000000000 ____D C:\ProgramData\Packages
2018-10-14 18:02 - 2018-05-22 17:31 - 000000000 ____D C:\Users\Usuario\Documents\WKO4
2018-10-14 18:02 - 2018-05-22 17:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\WKO4
2018-10-14 12:35 - 2018-05-21 10:57 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-14 12:00 - 2018-05-21 17:38 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\360DrvMgr
2018-10-14 11:36 - 2018-08-28 13:46 - 000003824 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3162186387-75124398-1704654916-1001
2018-10-14 11:36 - 2018-08-28 13:46 - 000003728 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3162186387-75124398-1704654916-1001
2018-10-14 11:36 - 2018-08-28 13:46 - 000000666 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3162186387-75124398-1704654916-1001.job
2018-10-14 11:36 - 2018-08-28 13:46 - 000000570 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3162186387-75124398-1704654916-1001.job
2018-10-13 19:04 - 2018-07-30 18:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-13 19:04 - 2018-05-21 16:35 - 000000000 _RSHD C:\360SANDBOX
2018-10-13 19:04 - 2018-04-11 18:04 - 002359296 _____ C:\WINDOWS\system32\config\BBI
2018-10-13 13:45 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-13 09:37 - 2018-08-24 20:10 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2018-10-12 18:22 - 2018-05-22 10:05 - 000000984 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-10-12 17:59 - 2018-04-11 20:38 - 000000000 __SHD C:\Program Files\Windows Sidebar
2018-10-12 17:59 - 2018-04-11 20:38 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2018-10-12 17:53 - 2018-05-22 16:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-10-12 17:53 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-12 17:53 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-12 17:18 - 2018-07-29 14:20 - 000000000 ___DC C:\WINDOWS\Panther
2018-10-12 17:18 - 2018-05-22 16:20 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\TeamViewer
2018-10-12 17:18 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-10-12 17:17 - 2018-07-30 18:06 - 000003558 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-10-12 17:17 - 2018-07-30 18:06 - 000003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-12 08:04 - 2018-08-01 10:35 - 000000000 __SHD C:\ProgramData\360Quarant
2018-10-12 08:04 - 2018-08-01 10:35 - 000000000 __SHD C:\$360Section
2018-10-10 21:16 - 2018-07-30 17:42 - 001875226 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-10 21:16 - 2018-04-12 13:18 - 000821948 _____ C:\WINDOWS\system32\perfh00A.dat
2018-10-10 21:16 - 2018-04-12 13:18 - 000172036 _____ C:\WINDOWS\system32\perfc00A.dat
2018-10-10 21:15 - 2018-05-21 22:54 - 000000000 ___RD C:\Users\Usuario\3D Objects
2018-10-10 21:15 - 2018-05-21 10:50 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-10 21:15 - 2018-05-21 10:50 - 000000000 __SHD C:\Users\Usuario\IntelGraphicsProfiles
2018-10-10 21:15 - 2016-04-27 03:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-10 21:07 - 2018-04-11 20:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-10 21:07 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-10 21:07 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-10 21:07 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-10 21:07 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-10-10 21:07 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-10 18:22 - 2018-05-22 10:04 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-10-08 08:33 - 2018-05-22 10:05 - 000000980 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-10-03 12:05 - 2015-10-30 04:24 - 000000194 _____ C:\WINDOWS\win.ini
2018-10-02 17:32 - 2018-07-30 17:43 - 000000000 ____D C:\Users\Usuario
2018-09-24 08:33 - 2018-08-28 15:26 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vlc
2018-09-23 12:25 - 2018-07-30 18:06 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3162186387-75124398-1704654916-1001
2018-09-23 12:25 - 2018-07-30 17:43 - 000002401 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-23 12:21 - 2018-05-21 10:47 - 000000000 ___RD C:\Users\Usuario\OneDrive
2018-09-21 18:08 - 2018-07-30 18:06 - 000003812 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-09-19 20:10 - 2018-05-24 10:40 - 000000000 ____D C:\ProgramData\boost_interprocess

==================== Files in the root of some directories =======

2018-08-06 20:02 - 2018-08-14 11:53 - 000000132 _____ () C:\Users\Usuario\AppData\Roaming\Prefs. de formato PNG de Adobe CS6

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION

LastRegBack: 2018-07-30 17:33

==================== End of FRST.txt ============================

#21
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Usuario (17-10-2018 11:24:30)
Running from C:\Users\Usuario\Desktop
Windows 10 Home Version 1803 17134.345 (X64) (2018-07-30 21:07:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3162186387-75124398-1704654916-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3162186387-75124398-1704654916-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-3162186387-75124398-1704654916-503 - Limited - Disabled)
Invitado (S-1-5-21-3162186387-75124398-1704654916-501 - Limited - Enabled)
postgres (S-1-5-21-3162186387-75124398-1704654916-1003 - Limited - Enabled) => C:\Users\postgres
Usuario (S-1-5-21-3162186387-75124398-1704654916-1001 - Administrator - Enabled) => C:\Users\Usuario
WDAGUtilityAccount (S-1-5-21-3162186387-75124398-1704654916-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 9.6.0.1367 - 360 Security Center)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\{BD09A75D-86C0-4BBE-869D-2724DA1F9579}) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Reader XI (11.0.23) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{39EA6AA6-F891-4D70-867D-839DA49948D2}) (Version: 12.2.9.199 - Adobe Systems, Inc)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
Connect (HKLM-x32\...\Connect ***unknown variable build_number***) (Version: ***unknown variable build_number*** - ArtifyLabs)
Corel Graphics - Windows Shell Extension (HKLM\...\_{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.0.633 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C0408619-0431-4B54-B63C-C3AB18B1E4B4}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{4DD94E1E-998D-414B-953C-9BAC44E4CCDD}) (Version: 17.1.572 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.8.364 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - ES (x64) (HKLM\...\{AF2C3573-F52E-4B52-AED8-58F14E626002}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.0.0.633 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (HKLM\...\{67D57366-EFCC-46DA-BB1F-BBE89B377177}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (HKLM\...\{300DB480-7301-436A-A312-B695B2BC6D71}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (HKLM\...\{43C4A17D-93D9-41C6-8ACA-370EA390ED2A}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (HKLM\...\{A67AEE14-0435-4B8C-A367-F5EDE6CAF9F6}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (HKLM\...\{4AA43BE3-D21B-44D7-B9CD-86692DEF3706}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (HKLM\...\{A0845CAD-ED13-46A4-A050-5ACE4631FDEC}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (HKLM\...\{B1452C41-DC90-4B58-8320-ABB515E87FFB}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (HKLM\...\{0A182180-3BAF-4B94-BFD0-CF082CC5FF0D}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (HKLM\...\{8285FEBA-D373-493F-BC78-934F84A0A298}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (HKLM\...\{F5A1D3E4-416E-4723-AD35-86A372B99174}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (HKLM\...\{A7922CC8-0EBD-497B-B381-5B3992905327}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (HKLM\...\{6F03D92C-48DB-4182-8A51-BEF8FE64B72C}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (HKLM\...\{B83D220A-33AB-4AF5-963A-887BD971270E}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.448 - Corel Corporation)
CorelDRAW Graphics Suite X8 (HKLM\...\{ECFAF1D6-342D-4AE2-B6BF-82B22F9FE8DE}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (HKLM\...\{ACC8C1B0-E560-4B42-AA52-9CAD14883B29}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Capture (HKLM-x32\...\{8CCD62D0-57BB-44E9-9C93-330A68E3BD5B}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Common (HKLM-x32\...\{BD30CB1C-0180-4153-80ED-B5AE197BE234}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Connect (HKLM-x32\...\{62360B9B-4B45-4068-8D88-9DA12E0FB268}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Custom Data (HKLM-x32\...\{3A665B39-A5A8-47FD-8C4C-D8D06D2BE102}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - DrawHome (HKLM-x32\...\{CE5BE087-7B19-43F4-950F-CE4BC6BBD4A3}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - ES (HKLM-x32\...\{9569BD01-502D-4286-BB4E-7FBF635030F8}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Filters (HKLM-x32\...\{8DCF04B5-AE81-4070-BA78-6255A80069E3}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - FontNav (HKLM-x32\...\{6AAB0055-3642-434A-A0F6-842A9AFB1FE2}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - IPM (HKLM-x32\...\{C4C6CC00-3D4B-4006-A11B-FC2E4EB9672E}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - IPM Content (HKLM-x32\...\{8E09BAC6-D27D-49EB-B88D-FCE818E5476D}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - PPHome (HKLM-x32\...\{263B9543-61A9-4B0C-894F-088258AD2ED9}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Redist (HKLM-x32\...\{AF2508E5-E1FC-49E2-97EE-3423521B930D}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Setup Files (HKLM-x32\...\{39212C63-B2E9-4ECB-8F91-6E41990093E1}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - VideoBrowser (HKLM-x32\...\{E8B97713-99F8-4503-9644-83192ADB9357}) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 - Writing Tools (HKLM-x32\...\{155E8961-3C9B-4BEF-B638-4AA1955435A2}) (Version: 17.1 -  Corel Corporation) Hidden
CorelDRAW Home & Student Suite X7 (HKLM-x32\...\_{39212C63-B2E9-4ECB-8F91-6E41990093E1}) (Version: 17.1.0.572 - Corel Corporation)
CorelDRAW Home & Student Suite X7 (HKLM-x32\...\{2D800669-1238-4C6B-AC3B-7DB71FD63CF2}) (Version: 17.1 - Corel Corporation) Hidden
Cutting Master 3 (HKLM-x32\...\{90456261-238E-49D7-8DF7-F8EF5F5509F4}) (Version: 2.2.1243 - Graphtec Corporation)
Cutting Master 4 (HKLM-x32\...\{E519D459-92A4-44F9-817B-A4D031B17CFC}) (Version: 2.20 - SA International)
Dropbox (HKLM-x32\...\Dropbox) (Version: 59.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Eines de correcció del Microsoft Office 2016: català (HKLM-x32\...\{90160000-001F-0403-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{8B0EE26B-3CDC-4EF1-9002-F2C8EC767635}) (Version: 1.1.163.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON T1110 Series Printer Uninstall (HKLM\...\EPSON T1110 Series) (Version:  - SEIKO EPSON Corporation)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM-x32\...\{90160000-001F-0456-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{0FC4261B-F502-48B3-B1CF-60021C8F7D22}) (Version: 1.0.481 - LogMeIn, Inc.)
GoToMeeting 8.36.0.10831 (HKU\S-1-5-21-3162186387-75124398-1704654916-1001\...\GoToMeeting) (Version: 8.36.0.10831 - LogMeIn, Inc.)
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
IPM_Installer (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.1 - Your Company Name) Hidden
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3162186387-75124398-1704654916-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Nero (HKLM-x32\...\Nero) (Version:  - )
Nesting Pack (HKLM-x32\...\{170848F6-2C86-43EC-832A-9F3EE2033B34}) (Version: 1.00.0000 - Optitex)
NVIDIA Controlador de gráficos 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
Optitex12 (HKLM-x32\...\{AFF679F5-A678-43A6-8E33-CF520855B530}) (Version: 12 - Optitex LTD)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.36 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Polar FlowSync versión 2.6.2 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.6.2 - Polar Electro Oy)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7730 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM-x32\...\{90160000-001F-0416-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Spotify (HKU\S-1-5-21-3162186387-75124398-1704654916-1001\...\Spotify) (Version: 1.0.87.491.ge2a121fc - Spotify AB)
StopUpdates10 version 1.0.7 (HKLM-x32\...\{C186B659-50F8-4F40-9822-2B1163AAAEF2}_is1) (Version: 1.0.7 - Greatis Software)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.5287 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{54228DC1-0B27-4215-B2BE-4D07C521F242}) (Version: 2.33.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WKO4 version 4.0 (HKLM-x32\...\{E8C8F765-2A8C-4677-AFC8-4800234C697C}_is1) (Version: 4.0 - TrainingPeaks)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3162186387-75124398-1704654916-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3162186387-75124398-1704654916-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Usuario\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3162186387-75124398-1704654916-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Usuario\AppData\Local\GoToMeeting\9250\G2MOutlookAddin64.dll => No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-05-14] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-05-14] ()
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-01-13] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2018-05-14] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AA30267-E52E-46E0-B604-E226689E41DA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)
Task: {39B72C1D-5777-46EC-9030-B4D1D83B4087} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {444A886D-16E1-40AB-AB40-62C860DF1745} - System32\Tasks\G2MUploadTask-S-1-5-21-3162186387-75124398-1704654916-1001 => C:\Users\Usuario\AppData\Local\GoToMeeting\10831\g2mupload.exe [2018-10-14] (LogMeIn, Inc.)
Task: {4499114B-8B1E-4A97-BB37-D92967608850} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {6E4E7DA7-0D01-4413-9675-6602B1569454} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {79CE34A3-9550-4102-AF0C-EAEE4CAE3A59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {7F00E87A-98C1-4626-A345-305A918DD7A4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {865C25A2-72FE-464B-8DEB-E26351194359} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-05-22] (Dropbox, Inc.)
Task: {8A1FE7DA-B670-47BF-93BB-F0CB524B6BCE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-05-22] (Dropbox, Inc.)
Task: {A6D2BBD7-C1F8-487B-92D6-14A90CD223E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {D3EAA038-BDA6-4BCF-B33D-842263A7F980} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-16] (AVAST Software)
Task: {D483768B-0F78-4EFD-8449-2A759D86A8ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {DD8FF6D1-FA97-47AD-9217-61F30C3A83C2} - System32\Tasks\G2MUpdateTask-S-1-5-21-3162186387-75124398-1704654916-1001 => C:\Users\Usuario\AppData\Local\GoToMeeting\10831\g2mupdate.exe [2018-10-14] (LogMeIn, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3162186387-75124398-1704654916-1001.job => C:\Users\Usuario\AppData\Local\GoToMeeting\10831\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3162186387-75124398-1704654916-1001.job => C:\Users\Usuario\AppData\Local\GoToMeeting\10831\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-04 18:03 - 2018-04-04 18:03 - 000173760 _____ () C:\WINDOWS\system32\IntelWifiIhv04.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-05-21 10:57 - 2018-06-24 12:31 - 000138128 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-05-21 16:35 - 2018-05-14 08:25 - 000818784 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2018-10-10 08:09 - 2018-09-20 00:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-06 16:39 - 2018-10-06 16:39 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-30 18:43 - 2018-07-30 18:43 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 16:39 - 2018-10-06 16:39 - 001689088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-10-15 19:09 - 2018-10-15 19:09 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-10-15 19:09 - 2018-10-15 19:09 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-10-15 19:09 - 2018-10-15 19:09 - 010968576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-10-15 19:09 - 2018-10-15 19:11 - 002807808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\skypert.dll
2018-10-15 19:09 - 2018-10-15 19:11 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-10-15 19:09 - 2018-10-15 19:10 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-10-15 19:09 - 2018-10-15 19:11 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-07-28 10:15 - 2018-07-28 10:15 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-09-25 19:03 - 2018-09-25 19:05 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-25 19:03 - 2018-09-25 19:05 - 069128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-07-28 10:30 - 2018-07-28 10:40 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-08-31 09:07 - 2018-08-31 09:08 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-07-28 10:30 - 2018-07-28 10:38 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-09-25 19:03 - 2018-09-25 19:05 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-08-31 09:07 - 2018-08-31 09:10 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-16 21:38 - 2018-08-16 21:40 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-16 21:38 - 2018-08-16 21:40 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-07-28 10:30 - 2018-07-28 10:40 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-09-25 19:03 - 2018-09-25 19:05 - 014171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-08-31 09:07 - 2018-08-31 09:08 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-09-25 19:03 - 2018-09-25 19:03 - 002866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 09:07 - 2018-08-31 09:10 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-28 10:30 - 2018-07-28 10:39 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-25 19:03 - 2018-09-25 19:05 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\SKU.dll
2018-10-15 19:09 - 2018-10-15 19:12 - 001409312 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20168.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-05-31 14:59 - 2018-02-07 20:38 - 002540568 _____ () C:\Program Files (x86)\Connect (1000THVVLJLMNJ2UPSU7JJBBPHNLCN8LKGsaicloud)\messenger.exe
2018-06-25 16:30 - 2018-06-22 16:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-25 16:30 - 2018-06-22 16:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-10-10 18:21 - 2018-10-09 08:53 - 001140552 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-10-10 18:21 - 2018-10-09 08:53 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-22 10:09 - 2018-10-09 08:58 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:55 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000142312 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 001953640 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:53 - 000117720 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-05-22 10:09 - 2018-10-09 08:53 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:53 - 000418264 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-05-22 10:09 - 2018-10-09 08:53 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:55 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000118760 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:53 - 000023704 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000064992 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:55 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000032408 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:57 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-08-01 16:28 - 2018-10-09 08:58 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:53 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:57 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:53 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-10-10 18:21 - 2018-10-09 08:56 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:53 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-05-22 10:09 - 2018-10-09 08:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-22 10:09 - 2018-10-09 08:58 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-10-10 18:21 - 2018-10-09 08:56 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-22 10:09 - 2018-10-09 08:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-09-11 18:16 - 2018-10-09 08:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-05-22 10:09 - 2018-10-09 08:58 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-10-10 18:21 - 2018-10-09 08:56 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-05-31 14:59 - 2015-10-12 16:37 - 000686080 _____ () C:\Program Files (x86)\Connect (1000THVVLJLMNJ2UPSU7JJBBPHNLCN8LKGsaicloud)\QtQuick\Controls\qtquickcontrolsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 04:24 - 2018-08-25 09:30 - 000003252 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   192.150.14.69
127.0.0.1                   192.150.18.101
127.0.0.1                   192.150.18.108
127.0.0.1                   192.150.22.40
127.0.0.1                   192.150.8.100
127.0.0.1                   192.150.8.118
127.0.0.1                   209-34-83-73.ood.opsource.net
127.0.0.1                   3dns-1.adobe.com
127.0.0.1                   3dns-2.adobe.com
127.0.0.1                   3dns-3.adobe.com
127.0.0.1                   3dns-4.adobe.com
127.0.0.1                   3dns.adobe.com
127.0.0.1                   activate-sea.adobe.com
127.0.0.1                   activate-sjc0.adobe.com
127.0.0.1                   activate.wip.adobe.com
127.0.0.1                   activate.wip1.adobe.com
127.0.0.1                   activate.wip2.adobe.com
127.0.0.1                   activate.wip3.adobe.com
127.0.0.1                   activate.wip4.adobe.com
127.0.0.1                   adobe-dns-1.adobe.com
127.0.0.1                   adobe-dns-2.adobe.com
127.0.0.1                   adobe-dns-3.adobe.com
127.0.0.1                   adobe-dns-4.adobe.com
127.0.0.1                   adobe-dns.adobe.com
127.0.0.1                   adobe.activate.com
127.0.0.1                   adobeereg.com
127.0.0.1                   crl.verisign.net
127.0.0.1                   CRL.VERISIGN.NET.*

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3162186387-75124398-1704654916-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\ronda 3.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-3162186387-75124398-1704654916-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3162186387-75124398-1704654916-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3162186387-75124398-1704654916-1001\...\StartupApproved\Run: => "Chromium"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8F9251B8-AF25-4F44-B167-241A497C9667}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D933B9A7-3368-48C3-AFB4-3CDDEA73F4BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{059CD3C9-E80D-4165-B609-F637068F016D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{84FB355B-B115-4FD2-9C5C-E5C8D1B2AE45}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{869E2AA3-3908-4082-944C-8F996EB575FB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{04C0F04A-FB4F-40ED-B87C-4C63935F71A3}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{51EF6145-F98C-40E9-9E74-FFC95E4B3066}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{828BA925-BE43-4C82-B561-E09FE6650703}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{E7F4625A-9C14-4CD4-BE1C-44861134CEC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{88F8B846-CF8E-4871-96F6-A180ED83D7EC}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1A8AF337-914C-4AA6-8B1A-1558808A177D}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1C3A4010-37C1-4E92-A623-7477BA638B43}] => (Allow) C:\Program Files (x86)\Graphtec\Cutting Master 4\Program\App.exe
FirewallRules: [{53C82BAA-9878-4AA0-AA62-81ED275132AC}] => (Allow) C:\Program Files (x86)\Graphtec\Cutting Master 4\Program\App.exe
FirewallRules: [{5169333B-8E86-41BA-8277-40DCD3947196}] => (Allow) C:\Program Files (x86)\Graphtec\Cutting Master 4\Program\App2.exe
FirewallRules: [{41EF0AB8-B4D0-495F-A513-A3C1E59F9CCE}] => (Allow) C:\Program Files (x86)\Graphtec\Cutting Master 4\Program\App2.exe
FirewallRules: [{D3CA8699-C032-4F20-984E-317696D8894D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{69E22840-62B4-4DA2-A142-25FFE968721D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E415D82A-DDA5-4A94-AAD3-F67B359B28F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{63CE5703-CF01-4B03-8F02-567208F71BEA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ECAC5328-CDFC-4EE4-9DE3-19D03FC2B1CF}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe
FirewallRules: [{7DD7FCCC-2B4D-48F9-8A87-6998F16DE2A7}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe
FirewallRules: [{0B517E37-FF0B-4FF8-9DD9-E90F0BE310CC}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
FirewallRules: [{5C234710-FACA-4E68-8092-437441099DBD}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
FirewallRules: [{1FBDC49A-69B8-4656-B4C8-AAE4C980C324}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X7\Programs\DrawHome.exe
FirewallRules: [{74C2CDD8-AC6D-456B-A91B-33296E151CBB}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X7\Programs\PPHome.exe
FirewallRules: [{1EEDE2E3-57C3-4270-AB30-CB1B113A5C11}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{0D0E3E1B-E8B4-42B2-9608-92E725F779C9}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{3E5AAB6E-8323-4535-8898-A7919493CA33}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{D0AEB9B8-6D05-43D8-8587-B7443FD3B200}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{608AF3DE-023C-4B16-808A-43336654ED49}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{193EA8D8-958C-41B1-AF15-48A52BBF8BAC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{BE5AC9CC-16E6-4CD4-BC7B-4A2971B69E85}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5F13C7AB-B684-4257-BA42-4165A35AFCFE}] => (Allow) LPort=5354
FirewallRules: [{8BBC6E4B-FE6B-42BB-B394-8986D1C4B229}] => (Allow) LPort=5354
FirewallRules: [{141FA3DF-B358-41B2-8296-419485868E84}] => (Allow) LPort=5354
FirewallRules: [{4F1E2079-86F9-41F8-8465-8985F7F95F4B}] => (Allow) LPort=5354
FirewallRules: [{4CCAD31C-B947-443C-AE73-5E962DD1B4C1}] => (Allow) LPort=5432
FirewallRules: [{28578EDE-5293-4DB9-ADB2-64A79EDC646B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{979E4313-4415-474D-B73F-84DAE5764A0D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{59CC98FA-1688-4EEF-9E5E-820876018C53}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6DDE6821-6F38-4918-9C3B-F8B78BB16D67}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{7B8F8065-93CC-47AD-B5A4-AFFB83088053}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Restore Points =========================

29-09-2018 11:08:09 Punto de control programado
02-10-2018 17:01:56 Installed PostgreSQL 8.3
10-10-2018 08:08:37 Windows Update
12-10-2018 17:56:42 Removed PostgreSQL 8.3

==================== Faulty Device Manager Devices =============

Name: Controladora de adquisición de datos y procesamiento de señal PCI
Description: Controladora de adquisición de datos y procesamiento de señal PCI
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/17/2018 10:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1641

Error: (10/17/2018 10:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1641

Error: (10/17/2018 10:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/17/2018 10:15:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\Usuario\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (10/17/2018 10:07:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\Usuario\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (10/17/2018 09:34:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2718

Error: (10/17/2018 09:34:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2718

Error: (10/17/2018 09:34:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (10/17/2018 10:09:14 AM) (Source: DCOM) (EventID: 10016) (User: HPLUCIANO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario HPLUCIANO\Usuario con SID (S-1-5-21-3162186387-75124398-1704654916-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (10/17/2018 09:31:06 AM) (Source: DCOM) (EventID: 10016) (User: HPLUCIANO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario HPLUCIANO\Usuario con SID (S-1-5-21-3162186387-75124398-1704654916-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (10/17/2018 07:34:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (10/17/2018 07:33:53 AM) (Source: DCOM) (EventID: 10016) (User: HPLUCIANO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario HPLUCIANO\Usuario con SID (S-1-5-21-3162186387-75124398-1704654916-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (10/17/2018 07:33:49 AM) (Source: DCOM) (EventID: 10016) (User: HPLUCIANO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario HPLUCIANO\Usuario con SID (S-1-5-21-3162186387-75124398-1704654916-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (10/16/2018 09:01:41 PM) (Source: DCOM) (EventID: 10016) (User: HPLUCIANO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario HPLUCIANO\Usuario con SID (S-1-5-21-3162186387-75124398-1704654916-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (10/16/2018 02:08:19 PM) (Source: DCOM) (EventID: 10016) (User: HPLUCIANO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario HPLUCIANO\Usuario con SID (S-1-5-21-3162186387-75124398-1704654916-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (10/16/2018 08:28:53 AM) (Source: DCOM) (EventID: 10016) (User: HPLUCIANO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario HPLUCIANO\Usuario con SID (S-1-5-21-3162186387-75124398-1704654916-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

#25
Windows Defender:
===================================
Date: 2018-08-03 09:33:06.827
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.A&threatid=2147726953&enterprise=0
Nombre: HackTool:Win32/AutoKMS.A
Id.: 2147726953
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\WINDOWS\SECOH-QAD.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.273.781.0, AS: 1.273.781.0, NIS: 1.273.781.0
Versión de motor: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-08-03 08:57:31.700
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {80811EE1-B15B-49FB-B372-0F4B05CE5F65}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-08-03 08:50:52.774
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {84F8A8F7-8A3A-4489-8CE4-4BE9FF697845}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-08-02 20:34:48.174
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {A4199A9A-90F3-4B1D-BDA8-A9ED396953E7}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-08-02 18:27:36.587
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {6A1514CA-8F9B-41DD-A31A-3BB5BEE848D3}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-08-03 08:58:30.814
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.273.665.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15100.1
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2018-08-02 17:00:50.580
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.273.665.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15100.1
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2018-08-02 16:12:05.634
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.273.665.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15100.1
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2018-08-01 11:12:40.737
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.273.665.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.15100.1
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2018-08-01 11:02:40.529
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.263.48.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.14600.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

CodeIntegrity:
===================================

Date: 2018-08-25 08:23:50.268
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-25 08:23:50.254
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-25 08:23:50.239
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-25 08:23:50.225
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-25 08:23:45.161
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-25 08:23:45.143
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-25 08:23:45.105
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-08-25 08:23:45.086
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 24%
Total physical RAM: 16304.67 MB
Available physical RAM: 12295.56 MB
Total Virtual: 18736.67 MB
Available Virtual: 14604.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.14 GB) (Free:588.54 GB) NTFS

\\?\Volume{869fe05d-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{869fe05d-0000-0000-0000-00a8e8000000}\ () (Fixed) (Total:0.89 GB) (Free:0.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 869FE05D)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=907 MB) - (Type=27)

==================== End of Addition.txt ============================

Eso es lo último… no me permitía enviar mensajes… decía que había excedido los mensajes para un día.


#26

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-13]
CHR HKLM\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3162186387-75124398-1704654916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
S2 Key Symbols Notifier; "C:\Users\Usuario\AppData\Local\WServices\svb98s12e.exe" /srv [X]
U3 aspnet_state; no ImagePath
U3 aswbdisk; no ImagePath
S2 multikey; \SystemRoot\System32\drivers\multikey.sys [X]
testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION



HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema


#27

Hola! Muchas gracias por todo lo que está haciendo por mi.

Noto que la computadora está lenta El disco duro no para de girar (se oye) En google, cuando tira los resultados de la búsqueda, primero lo muestra como debe ser y luego agrega publicidades antes de los resultados (no son los de Google Ads) En youtube, reemplaza las imágenes de las miniaturas de los videos por las fotos de señoritas y les cambia el nombre a los videos. Cuando reproduzco un video de Youtube, no permite saltar la publicidad (debo esperar que finalice) y además muestra sobre el video un rectángulo con la imágen de las señoritas y no permite cerrarlo.

MalwareBytes abre a cada rato una ventanita que dice sitio web bloqueado debido a troyano.

Para poder adjuntar un archivo en mi webmail, debí desactivar MalwareBytes porque no permitía hacerlo.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Usuario (18-10-2018 14:22:04) Run:1
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario & postgres)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-13]
CHR HKLM\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3162186387-75124398-1704654916-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
S2 Key Symbols Notifier; "C:\Users\Usuario\AppData\Local\WServices\svb98s12e.exe" /srv [X]
U3 aspnet_state; no ImagePath
U3 aswbdisk; no ImagePath
S2 multikey; \SystemRoot\System32\drivers\multikey.sys [X]
testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION



HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-13] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\pdpcpceofkopegffcdnffeenbfdldock => removed successfully
HKU\S-1-5-21-3162186387-75124398-1704654916-1001\SOFTWARE\Google\Chrome\Extensions\pdpcpceofkopegffcdnffeenbfdldock => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\glcimepnljoholdmjchkloafkggfoijh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pdpcpceofkopegffcdnffeenbfdldock => removed successfully
HKLM\System\CurrentControlSet\Services\Key Symbols Notifier => removed successfully
Key Symbols Notifier => service removed successfully
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\multikey => removed successfully
multikey => service removed successfully

=========================  bcdedit ========================


La operaci�n se complet� correctamente.

========= End of bcdedit =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3162186387-75124398-1704654916-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3162186387-75124398-1704654916-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 285917993 B
Java, Flash, Steam htmlcache => 1102 B
Windows/system/drivers => 222680 B
Edge => 16367 B
Chrome => 450326904 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 1521 B
LocalService => 13652 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Usuario => 16397720 B
postgres => 0 B

RecycleBin => 136603 B
EmptyTemp: => 726.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:23:48 ====

Otra vez, muchas gracias