Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.\OpenWithList] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bif] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bif\OpenWithList] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cbr] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cbr\OpenWithList] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lic] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lic\OpenWithList] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.php] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.php\OpenWithList] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.Spanish] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.Spanish\OpenWithList] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ssa] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ssa\OpenWithList] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttml2] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttml2\OpenWithList] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vivaldi_reporting_data] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vivaldi_reporting_data\OpenWithList] [HKEY_CLASSES_ROOT\malwarebytes\DefaultIcon] @="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\assistant.exe,0" [HKEY_CLASSES_ROOT\malwarebytes\shell\open] [HKEY_CLASSES_ROOT\malwarebytes\shell\open\command] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\assistant.exe\" -uri \"%1\"" [HKEY_CLASSES_ROOT\receiver\shell\open] [HKEY_CLASSES_ROOT\receiver\shell\open\command] @="\"C:\\Program Files (x86)\\Citrix\\ICA Client\\WebHelper.exe\" \"%1\"" [HKEY_CLASSES_ROOT\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04}] @="PSFactoryBuffer" [HKEY_CLASSES_ROOT\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04}\InProcServer32] @="C:\\Program Files (x86)\\Google\\Update\\1.3.35.442\\psmachine.dll" "ThreadingModel"="Both" [HKEY_CLASSES_ROOT\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}] @="Scanner Class" [HKEY_CLASSES_ROOT\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}\TypeLib] @="{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" [HKEY_CLASSES_ROOT\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}] @="CleanController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\ProgID] @="MB.CleanController.1" [HKEY_CLASSES_ROOT\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\TypeLib] @="{A82129F1-32E1-4D79-A39F-EBFEE53A70BF}" [HKEY_CLASSES_ROOT\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\VersionIndependentProgID] @="MB.CleanController" [HKEY_CLASSES_ROOT\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}] @="CustomScanParameters Class" [HKEY_CLASSES_ROOT\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\TypeLib] @="{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" [HKEY_CLASSES_ROOT\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}] @="NormalScanParameters Class" [HKEY_CLASSES_ROOT\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\TypeLib] @="{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" [HKEY_CLASSES_ROOT\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}] @="LogController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\ProgID] @="MB.LogController.1" [HKEY_CLASSES_ROOT\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\TypeLib] @="{C731375E-3199-4C88-8326-9F81D3224DAD}" [HKEY_CLASSES_ROOT\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\VersionIndependentProgID] @="MB.LogController" [HKEY_CLASSES_ROOT\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}] @="ArwController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\ProgID] @="MB.ArwController.1" [HKEY_CLASSES_ROOT\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\TypeLib] @="{A23C190D-C714-42C7-BDBB-F4E1DE65AF27}" [HKEY_CLASSES_ROOT\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\VersionIndependentProgID] @="MB.ArwController" [HKEY_CLASSES_ROOT\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}] @="SPController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\ProgID] @="MB.SPController.1" [HKEY_CLASSES_ROOT\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\TypeLib] @="{59DBD1B8-A7BD-4322-998F-41B0D2516FA0}" [HKEY_CLASSES_ROOT\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\VersionIndependentProgID] @="MB.SPController" [HKEY_CLASSES_ROOT\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}] @="UpdateController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\ProgID] @="MB.UpdateController.1" [HKEY_CLASSES_ROOT\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\TypeLib] @="{74630AE8-C170-4A8F-A90A-F42D63EFE1E8}" [HKEY_CLASSES_ROOT\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\VersionIndependentProgID] @="MB.UpdateController" [HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}] @="MBAMShlExt Class" [HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32] @="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\mbshlext.dll" "ThreadingModel"="Apartment" [HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID] @="MBAMExt.MBAMShlExt.1" [HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib] @="{AFF1A83B-6C83-4342-8E68-1648DE06CB65}" [HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID] @="MBAMExt.MBAMShlExt" [HKEY_CLASSES_ROOT\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}] @="LicenseController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\ProgID] @="MB.LicenseController.1" [HKEY_CLASSES_ROOT\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\TypeLib] @="{332AFEBA-9341-4CEC-8EA6-DB155A99DF63}" [HKEY_CLASSES_ROOT\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\VersionIndependentProgID] @="MB.LicenseController" [HKEY_CLASSES_ROOT\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}] @="MWACController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\ProgID] @="MB.MWACController.1" [HKEY_CLASSES_ROOT\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\TypeLib] @="{49F6AC60-2104-42C6-8F71-B3916D5AA732}" [HKEY_CLASSES_ROOT\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\VersionIndependentProgID] @="MB.MWACController" [HKEY_CLASSES_ROOT\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}] @="PoliciesController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\ProgID] @="MB.PoliciesController.1" [HKEY_CLASSES_ROOT\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\TypeLib] @="{0E2822AB-0447-4F28-AF4C-FFDB1E8595AE}" [HKEY_CLASSES_ROOT\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\VersionIndependentProgID] @="MB.PoliciesController" [HKEY_CLASSES_ROOT\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}] @="CloudController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\ProgID] @="MB.CloudController.1" [HKEY_CLASSES_ROOT\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\TypeLib] @="{F5BCAC7E-75E7-4971-B3F3-B197A510F495}" [HKEY_CLASSES_ROOT\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\VersionIndependentProgID] @="MB.CloudController" [HKEY_CLASSES_ROOT\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}] @="ScanController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\ProgID] @="MB.ScanController.1" [HKEY_CLASSES_ROOT\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\TypeLib] @="{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" [HKEY_CLASSES_ROOT\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\VersionIndependentProgID] @="MB.ScanController" [HKEY_CLASSES_ROOT\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}] @="TelemetryController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\ProgID] @="MB.TelemetryController.1" [HKEY_CLASSES_ROOT\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\TypeLib] @="{226C1698-A075-4315-BB5D-9C164A96ACE7}" [HKEY_CLASSES_ROOT\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\VersionIndependentProgID] @="MB.TelemetryController" [HKEY_CLASSES_ROOT\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04}] @="PSFactoryBuffer" [HKEY_CLASSES_ROOT\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04}\InProcServer32] @="C:\\Program Files (x86)\\Google\\Update\\1.3.35.442\\psmachine_64.dll" "ThreadingModel"="Both" [HKEY_CLASSES_ROOT\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}] @="RTPController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\ProgID] @="MB.RTPController.1" [HKEY_CLASSES_ROOT\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\TypeLib] @="{FFB94DF8-FC15-411C-B443-E937085E2AC1}" [HKEY_CLASSES_ROOT\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\VersionIndependentProgID] @="MB.RTPController" [HKEY_CLASSES_ROOT\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}] @="MinimalScanParameters Class" [HKEY_CLASSES_ROOT\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\TypeLib] @="{5709DEEB-F05E-4D5C-8DC4-3B0D924EE08F}" [HKEY_CLASSES_ROOT\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}] @="MBAMServiceController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\ProgID] @="MB.MBAMServiceController.1" [HKEY_CLASSES_ROOT\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\TypeLib] @="{783B187E-360F-419C-B6DA-592892764A01}" [HKEY_CLASSES_ROOT\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\VersionIndependentProgID] @="MB.MBAMServiceController" [HKEY_CLASSES_ROOT\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}] @="AEController Class" "AppID"="{1F7896AD-8886-42CD-8ABD-7A1315A3A5F2}" [HKEY_CLASSES_ROOT\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\ProgID] @="MB.AEController.1" [HKEY_CLASSES_ROOT\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\TypeLib] @="{2446F405-83F0-460F-B837-F04540BB330C}" [HKEY_CLASSES_ROOT\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\Version] @="1.0" [HKEY_CLASSES_ROOT\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\VersionIndependentProgID] @="MB.AEController" [HKEY_CLASSES_ROOT\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}] @="ExploitRecord Class" [HKEY_CLASSES_ROOT\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}\LocalServer32] @="\"C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe\"" "ServerExecutable"="C:\\Users\\Admin\\Desktop\\Nueva carpeta (2)\\MBAMService.exe" [HKEY_CLASSES_ROOT\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}\Programmable] [HKEY_CLASSES_ROOT\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}\TypeLib] @="{226C1698-A075-4315-BB5D-9C164A96ACE7}" [HKEY_CLASSES_ROOT\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}\Version] @="1.0" [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\\Users\\Admin\\Desktop\\MBSetup-0009996.0009996-consumer.exe"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\\Users\\Admin\\Desktop\\bitdefender_online.exe"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\\Users\\Admin\\Desktop\\MBSetup.exe"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\\Users\\Admin\\Desktop\\Revo Uninstaller Pro 4.2.3 Multilanguage + License {B4tman}\\RevoUninProSetup.exe"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\\Users\\Admin\\Desktop\\Bitdefender_2020_Uninstall_Tool.exe"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\\Users\\Admin\\Desktop\\FortiClientVPNSetup_6.2.6.0951_x64.exe"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\Configuration\\zh-CN\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\Configuration\\zh-TW\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\Configuration\\en-US\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\Configuration\\de-DE\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\Configuration\\es-ES\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\Configuration\\fr-FR\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\Configuration\\ja-JP\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\Configuration\\ko-KR\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\Configuration\\ru-RU\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\AuthManager\\x64\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\"="1" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\de\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\es\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\fr\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\ja\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\ko\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\ru\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\zh-CN\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\zh-TW\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\da\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\en\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\it\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\nl\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\pt\\"="" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders] "C:\\Program Files (x86)\\Citrix\\ICA Client\\SelfServicePlugin\\sv\\"="" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{38FD2838-9EB1-4FD3-BC99-E2DB5CEE2B58}C:\\users\\admin\\appdata\\local\\temp\\rarsfx0\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx0\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "UDP Query User{F1C3EB71-CDB5-4484-B392-BE424193A9DF}C:\\users\\admin\\appdata\\local\\temp\\rarsfx0\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx0\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{90F1E6FA-CB27-4AF4-A3BD-0BF1EE4602EC}C:\\users\\admin\\appdata\\local\\temp\\rarsfx1\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx1\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "UDP Query User{64480B74-74D2-494D-8A56-0BDE8ADA116C}C:\\users\\admin\\appdata\\local\\temp\\rarsfx1\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx1\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{6CC2A232-97E9-4177-8807-72992EDC4129}C:\\users\\admin\\appdata\\local\\temp\\rarsfx2\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx2\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "UDP Query User{BEB64D3D-A131-442A-B84F-C98FAE2A3318}C:\\users\\admin\\appdata\\local\\temp\\rarsfx2\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx2\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{38FD2838-9EB1-4FD3-BC99-E2DB5CEE2B58}C:\\users\\admin\\appdata\\local\\temp\\rarsfx0\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx0\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "UDP Query User{F1C3EB71-CDB5-4484-B392-BE424193A9DF}C:\\users\\admin\\appdata\\local\\temp\\rarsfx0\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx0\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{90F1E6FA-CB27-4AF4-A3BD-0BF1EE4602EC}C:\\users\\admin\\appdata\\local\\temp\\rarsfx1\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx1\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "UDP Query User{64480B74-74D2-494D-8A56-0BDE8ADA116C}C:\\users\\admin\\appdata\\local\\temp\\rarsfx1\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx1\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{6CC2A232-97E9-4177-8807-72992EDC4129}C:\\users\\admin\\appdata\\local\\temp\\rarsfx2\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx2\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "UDP Query User{BEB64D3D-A131-442A-B84F-C98FAE2A3318}C:\\users\\admin\\appdata\\local\\temp\\rarsfx2\\mipony.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\users\\admin\\appdata\\local\\temp\\rarsfx2\\mipony.exe|Name=mipony.exe|Desc=mipony.exe|Edge=TRUE|Defer=App|" [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\\Google\\Drive File Stream\\37.0.8.0\\GoogleDriveFS.exe"="Google Drive File Stream" [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\\AVAST Software\\Avast\\aswChLic.exe"="aswChLic component" [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\\Windows Journal\\Journal.exe"="Windows Journal" [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Users\\Admin\\Desktop\\Trabajo NO TOCAR\\Opera\\67.0.3575.79\\opera.exe"="Opera Internet Browser" [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\users\\admin\\appdata\\local\\temp\\rarsfx0\\mipony.exe"="Mipony" [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\users\\admin\\appdata\\local\\temp\\rarsfx1\\mipony.exe"="Mipony" [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Users\\Admin\\Desktop\\bitdefender_online.exe"="bitdefender_online" [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\users\\admin\\appdata\\local\\temp\\rarsfx2\\mipony.exe"="Mipony" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MBAMService] "Type"=dword:00000010 "Start"=dword:00000002 "ErrorControl"=dword:00000001 "ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,55,00,73,00,65,00,72,00,73,00,5c,\ 00,41,00,64,00,6d,00,69,00,6e,00,5c,00,44,00,65,00,73,00,6b,00,74,00,6f,00,\ 70,00,5c,00,4e,00,75,00,65,00,76,00,61,00,20,00,63,00,61,00,72,00,70,00,65,\ 00,74,00,61,00,20,00,28,00,32,00,29,00,5c,00,4d,00,42,00,41,00,4d,00,53,00,\ 65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,22,00,00,00 "DisplayName"="Malwarebytes Service" "DependOnService"=hex(7):52,00,50,00,43,00,53,00,53,00,00,00,57,00,49,00,4e,\ 00,4d,00,47,00,4d,00,54,00,00,00,00,00 "ObjectName"="LocalSystem" "Description"="Malwarebytes Service" "FailureActions"=hex:ff,ff,ff,ff,00,00,00,00,00,00,00,00,01,00,00,00,14,00,\ 00,00,01,00,00,00,88,13,00,00