• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 22

    Ayuda! Virus chino en mi escritorio

    Hola amigos! una vez más recurro a uds para que me ayuden con este tema. Mi pc no está funcionando bien, se cuelga y lo peor es que están desapareciendo programas de mi pc...como el ...

    1. #1
      Usuario Avatar de margabros
      Registrado
      feb 2012
      Ubicación
      Com Riv
      Mensajes
      35

      Ayuda! Virus chino en mi escritorio

      Hola amigos! una vez más recurro a uds para que me ayuden con este tema.

      Mi pc no está funcionando bien, se cuelga y lo peor es que están desapareciendo programas de mi pc...como el Google Earth, el Adobe Reader y otros.

      La única evidencia de virus la observo cuando en Explorador de Archivos => Acceso rápido, compruebo que entre los archivos recientes que se han abierto figura uno nombrado con ideogramas chinos y con ruta de acceso en Escritorio.

      Quedo a la espera de cualquier orientación que puedan brindarme.

      Saludos y que tengan excelente día.
      Marcos.

    2. #2
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.351

      Re: Ayuda! Virus chino en mi escritorio

      Hola Marcos

      Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

      1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

      • Realiza un Análisis Completo, actualizando si te lo pide.
      • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
      • En el apartado del manual "Historial" >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.



      2) Descargar Junkware Removal Tool

      • Desactiva temporalmente el Antivirus
      • Ejecuta JRT.exe, (en Windows 7 u 8 ejecutar como "Administrador")
      • Presiona cualquier tecla para continuar y espera pacientemente a que termine su proceso.
      • Al finalizar, un registro (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próximo mensaje de respuesta



      3) Descarga >> AdwCleaner | InfoSpyware en el escritorio.

      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Cierra también todos los programas que tengas abiertos.
      • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botónLimpiar.
      • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistemaAceptas.
      • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
      • El informe también se puede encontrar en "C:\AdwCleaner\AdwCleaner[C1].txt"



      4) Descarga CCleaner

      • Instala Ccleaner
      • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador
      • clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad
      • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.


      Pega los reportes de Malwarebytes, AdwCleaner y JRT y comentas como va el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de margabros
      Registrado
      feb 2012
      Ubicación
      Com Riv
      Mensajes
      35

      Re: Ayuda! Virus chino en mi escritorio

      Gracias por responder.
      El Malwarebytes no me generó un log, sólo el informe que aquí pego:
      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 1/9/17
      Hora del análisis: 12:56
      Archivo de registro: 288c6f1c-8f2e-11e7-a7b2-082e5f765a29.json
      Administrador: Sí

      -Información del software-
      Versión: 3.2.2.2018
      Versión de los componentes: 1.0.188
      Versión del paquete de actualización: 1.0.2704
      Licencia: Prueba

      -Información del sistema-
      SO: Windows 10 (Build 14393.1480)
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: Owner-HP\Owner

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 669328
      Amenazas detectadas: 0
      (No hay elementos maliciosos detectados)
      Amenazas en cuarentena: 0
      (No hay elementos maliciosos detectados)
      Tiempo transcurrido: 54 min, 52 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

      El log de JRT:
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 10 Home x64
      Ran by Owner (Administrator) on 01/09/2017 at 16:03:31,88
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 24

      Successfully deleted: C:\ProgramData\apn (Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{048B0130-3C78-4D6A-94C8-D0F8FEB11764} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{1B31B7FC-2869-49FA-B8FC-85DB6F71BFF3} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{36E928CA-8D64-4DAA-8873-AB7C959436FC} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{450B9BD7-1191-42E4-B4C3-1DF346D50F88} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{49C70F95-AF34-4D9D-A0F3-A04CC71B7EB9} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{582C79C4-3E6A-4ED9-935B-6B777FB9120B} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{6EFBFE32-A1AB-4E65-A566-CE62EF156D7C} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{7E06EBE8-DDB2-4F8F-AF4D-BB10AA511C0C} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{7E077892-267C-4FD9-9E81-D1A7AB44FCBE} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{9039F1ED-6490-4DEC-86D8-9A82BD943636} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{93F586D7-482A-432E-95C5-BE5030468B5A} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{AD3234B7-88A8-4ECD-90B8-241C2D526EBE} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{B535CDF3-1E9C-4156-8243-5C7AB6B11818} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{D01F4A8E-DB2E-41E2-834B-7AA4338FC07D} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{D476ABD2-8D0C-48E4-AA2E-8C826FEB7576} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{DAAD2D93-375B-4E1A-8481-A5EB3A04300A} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{E34AE498-CFC2-47CD-85F8-91FAB39AEB8C} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{E72D2B4D-07A3-403D-8868-A579C9AAC1F4} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{EB594880-B0B9-4563-96C4-7455DCC741C6} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{EE0251EB-4E1B-4204-A9E4-30424F1E2470} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{F6382F3F-2F07-41DC-84DE-9E532AE727EE} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{F6DBAFE7-83BE-477E-A7D0-45191FABFFAB} (Empty Folder)
      Successfully deleted: C:\Users\Owner\AppData\Local\{FD6C1049-7224-4A9E-9B83-0EBE12533754} (Empty Folder)



      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 01/09/2017 at 16:08:27,40
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      El log de ADW

      # AdwCleaner 7.0.2.1 - Logfile created on Fri Sep 01 20:27:17 2017
      # Updated on 2017/29/08 by Malwarebytes
      # Database: 09-01-2017.2
      # Running on Windows 10 Home (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      PUP.Optional.Legacy, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Converter
      PUP.Optional.Legacy, C:\Program Files (x86)\Free FLV Converter
      Rogue.ForcedExtension, C:\Users\Owner\AppData\Local\Temp\apn


      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownLite
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\Software\DownLite
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017125914366\Software\DownLite
      PUP.Optional.Legacy, [Key] - HKCU\Software\DownLite
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1000\Software\StartSearch
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017125913612\Software\StartSearch
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1000\Software\vShare.tv
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017125913612\Software\vShare.tv
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{DC97D932-ED6C-4AD3-A0D6-AA03C4C76A97}
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
      PUP.Optional.Solvusoft, [Key] - HKLM\SOFTWARE\Solvusoft
      PUP.Optional.Solvusoft, [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\Software\Solvusoft
      PUP.Optional.Solvusoft, [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017125914366\Software\Solvusoft
      PUP.Optional.Solvusoft, [Key] - HKCU\Software\Solvusoft


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************



      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

      En un par de días te cuento si hubo mejoría.
      Gracias y saludos

    4. #4
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.351

      Re: Ayuda! Virus chino en mi escritorio

      Hola

      El reporte de AdwCleaner es del escaneo, presionaste después en limpiar? Si no es así vuelve a ejecutarlo.

      Cuando compruebes como sigue tu PC nos comentas

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de margabros
      Registrado
      feb 2012
      Ubicación
      Com Riv
      Mensajes
      35

      Re: Ayuda! Virus chino en mi escritorio

      Gracias. Ahí pego el reporte clean de AdwCleaner:

      # AdwCleaner 7.0.2.1 - Logfile created on Fri Sep 01 20:56:34 2017
      # Updated on 2017/29/08 by Malwarebytes
      # Running on Windows 10 Home (X64)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Converter
      Deleted: C:\Program Files (x86)\Free FLV Converter
      Deleted: C:\Users\Owner\AppData\Local\Temp\apn


      ***** [ Files ] *****

      No malicious files deleted.

      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DownLite
      Deleted: [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\Software\DownLite
      Deleted: [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017125914366\Software\DownLite
      Deleted: [Key] - HKCU\Software\DownLite
      Deleted: [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1000\Software\StartSearch
      Deleted: [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017125913612\Software\StartSearch
      Deleted: [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1000\Software\vShare.tv
      Deleted: [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017125913612\Software\vShare.tv
      Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{DC97D932-ED6C-4AD3-A0D6-AA03C4C76A97}
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
      Deleted: [Key] - HKLM\SOFTWARE\Solvusoft
      Deleted: [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\Software\Solvusoft
      Deleted: [Key] - HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017125914366\Software\Solvusoft
      Deleted: [Key] - HKCU\Software\Solvusoft


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries deleted.

      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[S0].txt - [5572 B] - [2017/9/1 20:27:17]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

      Te comento mañana como sigue.
      Saludos

    6. #6
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.351

      Re: Ayuda! Virus chino en mi escritorio

      Hola

      De acuerdo

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de margabros
      Registrado
      feb 2012
      Ubicación
      Com Riv
      Mensajes
      35

      Re: Ayuda! Virus chino en mi escritorio

      Hola!,
      lamentablemente sigue actuando el virus. En la carpeta de acceso rápido, figura que estuvieron abriéndose archivos recientes con nombres chinos y localizados en el Escritorio.
      Un saludo

    8. #8
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.351

      Re: Ayuda! Virus chino en mi escritorio

      Hola

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de margabros
      Registrado
      feb 2012
      Ubicación
      Com Riv
      Mensajes
      35

      Re: Ayuda! Virus chino en mi escritorio

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
      Ran by Owner (administrator) on OWNER-HP (03-09-2017 21:46:52)
      Running from C:\Users\Owner\Desktop
      Loaded Profiles: UpdatusUser & Owner & (Available Profiles: UpdatusUser & Owner & DefaultAppPool)
      Platform: Windows 10 Home Version 1607 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
      (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
      (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
      (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
      (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
      () C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe
      (Microsoft Corporation) C:\Windows\System32\mqsvc.exe
      (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
      () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
      (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
      (Intel Corporation) C:\Windows\System32\igfxtray.exe
      (Intel Corporation) C:\Windows\System32\igfxpers.exe
      (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
      (Octoshape ApS) C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
      (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
      () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
      (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.587\SSScheduler.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
      (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
      (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
      (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
      (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
      (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
      (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
      (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
      (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
      (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
      (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

      ==================== Registry (Whitelisted) ====================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-06-14] (IDT, Inc.)
      HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-20] (Hewlett-Packard Development Company, L.P.)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
      HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated)
      HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-05] (Intel Corporation)
      HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
      HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
      HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
      HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe [729088 2003-11-25] (Corel Corporation)
      HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
      HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
      HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
      HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-02] (Avira Operations GmbH & Co. KG)
      HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [919032 2017-08-09] (Avira Operations GmbH & Co. KG)
      HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-08-22] (Dropbox, Inc.)
      Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214352570\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\...\Run: [MediaFire Tray] => C:\Users\Owner\AppData\Local\MediaFire Desktop\mf_watch.exe [4010496 2015-08-20] ()
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\...\Run: [Norton Download Manager{NS2250424-SHPD-FSD51083}] => C:\Users\Public\Downloads\Norton\{NS2250424-SHPD-FSD51083}\FSDUI_Custom.exe /m /SHOWONECLICK /WIN10_UPGRADE "C:\Users\Owner\AppData\Local\Temp\{03C1A93D-4A94-407C-BF71-F40EA2495354}\Upgrade.exe" <==== ATTENTION
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9832152 2017-08-03] (Piriform Ltd)
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299\...\Run: [Octoshape Streaming Services] => C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299\...\Run: [MediaFire Tray] => C:\Users\Owner\AppData\Local\MediaFire Desktop\mf_watch.exe [4010496 2015-08-20] ()
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299\...\Run: [Norton Download Manager{NS2250424-SHPD-FSD51083}] => C:\Users\Public\Downloads\Norton\{NS2250424-SHPD-FSD51083}\FSDUI_Custom.exe /m /SHOWONECLICK /WIN10_UPGRADE "C:\Users\Owner\AppData\Local\Temp\{03C1A93D-4A94-407C-BF71-F40EA2495354}\Upgrade.exe" <==== ATTENTION
      HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214354755\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-07-12]
      ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.587\SSScheduler.exe (McAfee, Inc.)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 186.56.4.10 192.168.1.1
      Tcpip\..\Interfaces\{a2cf02f6-c419-46ed-a84a-1812c0998985}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{db431495-e1e7-4fb8-b067-def91ba62499}: [DhcpNameServer] 186.56.4.10 192.168.1.1

      Internet Explorer:
      ==================
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.ar/
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.ar/
      HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
      SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-21-4181600625-2044144912-1258088631-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-21-4181600625-2044144912-1258088631-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214352570 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-11-14] (Oracle Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-14] (Oracle Corporation)
      BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
      BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
      BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
      Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      DPF: HKLM-x32 {A6B13EE4-A974-11d2-8DB7-00C04FB6E8F6} hxxps://km.pan-energy.com/eB-SAP/Common/eB.Control.Web.cab
      Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)

      FireFox:
      ========
      FF DefaultProfile: nu07hxdo.Marcos-Mariana
      FF ProfilePath: C:\Users\Owner\AppData\Roaming\TomTom\HOME\Profiles\xjia37e4.default [2014-04-30]
      FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected] [not found]
      FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\g5vs9o6l.default [2017-09-02]
      FF SelectedSearchEngine: Mozilla\Firefox\Profiles\g5vs9o6l.default -> Google
      FF Extension: (Avira Browser Safety) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\g5vs9o6l.default\Extensions\[email protected] [2016-03-10]
      FF Extension: (No Name) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\g5vs9o6l.default\extensions\{eb78c871-3d9d-433f-b49b-12468119be89}.xpi [not found]
      FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nu07hxdo.Marcos-Mariana [2017-09-03]
      FF Homepage: Mozilla\Firefox\Profiles\nu07hxdo.Marcos-Mariana -> Google
      FF Extension: (ImageShack right-click) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nu07hxdo.Marcos-Mariana\Extensions\[email protected] [2016-04-27]
      FF Extension: (YouTube™ Flash® Player) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nu07hxdo.Marcos-Mariana\Extensions\[email protected] [2017-08-12]
      FF Extension: (RefControl) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nu07hxdo.Marcos-Mariana\Extensions\{455D905A-D37C-4643-A9E2-F6FEFAA0424A}.xpi [2016-04-27]
      FF Extension: (Adblock Plus) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nu07hxdo.Marcos-Mariana\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
      FF Extension: (Bitdefender QuickScan) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nu07hxdo.Marcos-Mariana\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2016-11-09]
      FF Extension: (Firefox Screenshots) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\nu07hxdo.Marcos-Mariana\features\{2b3c0686-8a09-45a6-bdd4-a22dfb3caf9f}\[email protected] [2017-08-27]
      FF Extension: (TrueSuite Website Logon) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\[email protected] [2016-11-17] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] ()
      FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-14] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-14] (Oracle Corporation)
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
      FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin64.dll [2014-11-03] (Skype)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
      FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
      FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
      FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2013-06-07] ( HP)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
      FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
      FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
      FF Plugin HKU\S-1-5-21-4181600625-2044144912-1258088631-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape ApS)
      FF Plugin HKU\S-1-5-21-4181600625-2044144912-1258088631-1001: SkypePlugin -> C:\Users\Owner\AppData\Local\SkypePlugin\7.25.0.32\npGatewayNpapi.dll [2016-09-01] (Skype Technologies S.A.)
      FF Plugin HKU\S-1-5-21-4181600625-2044144912-1258088631-1001: SkypePlugin64 -> C:\Users\Owner\AppData\Local\SkypePlugin\7.25.0.32\npGatewayNpapi-x64.dll [2016-09-01] (Skype Technologies S.A.)
      FF Plugin HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Owner\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1702150-0-npoctoshape.dll [2017-02-15] (Octoshape ApS)
      FF Plugin HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299: SkypePlugin -> C:\Users\Owner\AppData\Local\SkypePlugin\7.25.0.32\npGatewayNpapi.dll [2016-09-01] (Skype Technologies S.A.)
      FF Plugin HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299: SkypePlugin64 -> C:\Users\Owner\AppData\Local\SkypePlugin\7.25.0.32\npGatewayNpapi-x64.dll [2016-09-01] (Skype Technologies S.A.)
      FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
      FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
      FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-29] (Octoshape ApS)

      Chrome:
      =======
      CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2017-09-02]
      CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-12]
      CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-12]
      CHR Extension: (Avira Navegación segura) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-07-12]
      CHR Extension: (Website Logon) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanflfepiobnpjbljmngfgegijhdpljm [2017-07-12]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-12]
      CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-12]
      CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [kanflfepiobnpjbljmngfgegijhdpljm] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2013-04-01]

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-08-09] (Avira Operations GmbH & Co. KG)
      R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-08-09] (Avira Operations GmbH & Co. KG)
      R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-08-09] (Avira Operations GmbH & Co. KG)
      S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-08-09] (Avira Operations GmbH & Co. KG)
      R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [389312 2017-08-02] (Avira Operations GmbH & Co. KG)
      S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-21] (Dropbox, Inc.)
      S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-21] (Dropbox, Inc.)
      R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-08-22] (Dropbox, Inc.)
      R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-06-07] (HP)
      R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
      R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
      S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.587\McCHSvc.exe [404376 2017-06-30] (McAfee, Inc.)
      R2 MF NTFS Monitor; C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe [456176 2015-08-20] ()
      R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2017-02-06] (NVIDIA Corporation)
      R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-11-06] (CyberLink)
      R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-28] (Synaptics Incorporated)
      S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-23] (Avira Operations GmbH & Co. KG)
      R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [173784 2017-08-09] (Avira Operations GmbH & Co. KG)
      R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-09] (Avira Operations GmbH & Co. KG)
      R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-28] (Avira Operations GmbH & Co. KG)
      R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-28] (Avira Operations GmbH & Co. KG)
      S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
      R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
      R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-01] (Malwarebytes)
      R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-01] (Malwarebytes)
      R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-01] (Malwarebytes)
      R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-01] (Malwarebytes)
      R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-03] (Malwarebytes)
      R2 mfmonitor; C:\WINDOWS\System32\DRIVERS\mfmonitor_x64.sys [20696 2015-08-20] (Windows (R) Win 7 DDK provider)
      S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
      R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
      R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_7c553af4468727c1\nvlddmkm.sys [14311352 2017-02-10] (NVIDIA Corporation)
      S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
      R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-28] (Synaptics Incorporated)
      S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
      R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2016-04-14] (HP)

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-09-03 21:46 - 2017-09-03 21:48 - 000030786 _____ C:\Users\Owner\Desktop\FRST.txt
      2017-09-03 21:46 - 2017-09-03 21:46 - 000000000 ____D C:\FRST
      2017-09-03 21:05 - 2017-09-03 21:44 - 002395648 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
      2017-09-02 10:59 - 2017-09-02 10:59 - 000000082 _____ C:\Users\Owner\Desktop\cc_20170902_105939.reg
      2017-09-02 10:58 - 2017-09-02 10:58 - 000000082 _____ C:\Users\Owner\Desktop\cc_20170902_105841.reg
      2017-09-02 10:57 - 2017-09-02 10:57 - 000000082 _____ C:\Users\Owner\Desktop\cc_20170902_105749.reg
      2017-09-02 10:56 - 2017-09-02 10:56 - 000026146 _____ C:\Users\Owner\Desktop\cc_20170902_105654.reg
      2017-09-02 10:55 - 2017-09-02 10:55 - 000579814 _____ C:\Users\Owner\Desktop\cc_20170902_105514.reg
      2017-09-01 23:04 - 2017-09-02 10:09 - 009791816 _____ (Piriform Ltd) C:\Users\Owner\Desktop\ccsetup533.exe
      2017-09-01 17:55 - 2017-09-01 17:55 - 000005572 _____ C:\Users\Owner\Desktop\AdwCleaner[S0].txt
      2017-09-01 17:21 - 2017-09-01 17:24 - 008182736 _____ (Malwarebytes) C:\Users\Owner\Desktop\adwcleaner_7.0.2.1.exe
      2017-09-01 16:39 - 2017-09-03 21:44 - 000000000 ____D C:\AdwCleaner
      2017-09-01 16:14 - 2017-09-01 16:39 - 008162248 _____ (Malwarebytes) C:\Users\Owner\Desktop\AdwCleaner.exe
      2017-09-01 16:08 - 2017-09-01 16:08 - 000003038 _____ C:\Users\Owner\Desktop\JRT.txt
      2017-09-01 15:59 - 2017-09-01 16:03 - 001790024 _____ (Malwarebytes) C:\Users\Owner\Desktop\JRT.exe
      2017-09-01 15:54 - 2017-09-01 15:54 - 000001561 _____ C:\Users\Owner\Desktop\MBAM.txt
      2017-09-01 12:46 - 2017-09-03 17:24 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
      2017-09-01 12:46 - 2017-09-01 18:01 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
      2017-09-01 12:46 - 2017-09-01 18:00 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
      2017-09-01 12:46 - 2017-09-01 12:46 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
      2017-09-01 12:46 - 2017-09-01 12:46 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-09-01 12:46 - 2017-09-01 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-09-01 12:46 - 2017-09-01 12:46 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-09-01 12:46 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
      2017-09-01 12:45 - 2017-09-01 12:45 - 000000000 ____D C:\ProgramData\MB2Migration
      2017-09-01 12:32 - 2017-09-01 12:45 - 066347240 _____ (Malwarebytes ) C:\Users\Owner\Desktop\mb3-setup-consumer-3.2.2.2018.exe
      2017-09-01 09:37 - 2017-09-01 09:37 - 000000000 ___HD C:\OneDriveTemp
      2017-08-24 17:35 - 2017-08-24 20:13 - 000000000 ____D C:\Users\Owner\AppData\Roaming\EPASWMM
      2017-08-24 17:22 - 2017-08-24 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Swmm 5 vE
      2017-08-24 17:22 - 2017-08-24 17:22 - 000000000 ____D C:\Program Files (x86)\Swmm 5 vE
      2017-08-24 17:20 - 1998-10-06 18:34 - 000327168 _____ (InstallShield Software Corporation, Inc.) C:\WINDOWS\IsUn040a.exe
      2017-08-24 09:24 - 2017-08-24 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
      2017-08-23 21:37 - 2017-08-23 21:37 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
      2017-08-23 21:37 - 2017-08-23 21:37 - 000002249 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
      2017-08-22 13:55 - 2017-08-22 13:55 - 000049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
      2017-08-22 13:55 - 2017-08-22 13:55 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
      2017-08-22 13:55 - 2017-08-22 13:55 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
      2017-08-22 13:55 - 2017-08-22 13:55 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
      2017-08-21 11:49 - 2017-08-21 11:49 - 000001209 _____ C:\Users\Public\Desktop\Avira Connect.lnk
      2017-08-18 00:17 - 2017-08-18 00:20 - 002208978 _____ C:\Users\Owner\Downloads\Dialnet-SensibilidadAmbientalALaDegradacionEnExtremaduraEs-3321222_1.pdf
      2017-08-13 23:16 - 2017-08-13 23:16 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
      2017-08-13 23:16 - 2017-08-13 23:16 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
      2017-08-11 21:36 - 2017-08-11 21:36 - 000000000 ____H C:\Users\Owner\Documents\Default.rdp
      2017-08-10 18:08 - 2017-08-10 18:24 - 000000000 ____D C:\Users\Owner\Desktop\AUTOS
      2017-08-04 18:12 - 2017-08-04 18:12 - 000000137 _____ C:\Users\Owner\Desktop\MENDOZA.txt

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-09-03 21:03 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\system32\NDF
      2017-09-03 20:30 - 2016-09-24 17:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2017-09-03 20:30 - 2013-04-06 20:19 - 000000000 ____D C:\Users\Owner\AppData\Roaming\vlc
      2017-09-03 16:44 - 2012-12-22 19:24 - 000000000 ____D C:\Users\Owner\AppData\Local\CrashDumps
      2017-09-03 09:26 - 2012-10-25 18:09 - 000000000 ____D C:\Users\Owner\AppData\LocalLow\AuthenTec
      2017-09-02 18:07 - 2016-07-16 08:45 - 000000000 ____D C:\WINDOWS\INF
      2017-09-02 16:31 - 2017-06-02 17:55 - 000003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForOwner
      2017-09-02 16:31 - 2017-06-02 17:55 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job
      2017-09-02 10:10 - 2016-11-08 19:18 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-09-01 21:42 - 2012-09-25 20:20 - 000000000 ____D C:\ProgramData\Norton
      2017-09-01 18:02 - 2016-05-19 09:58 - 000000000 ___RD C:\Users\Owner\OneDrive
      2017-09-01 18:01 - 2015-08-31 08:59 - 000000000 ___HD C:\Users\Owner\.mediafire
      2017-09-01 18:00 - 2015-01-18 12:25 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
      2017-09-01 17:58 - 2016-09-24 17:09 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-09-01 17:57 - 2016-09-24 17:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2017-09-01 17:57 - 2016-07-16 03:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
      2017-09-01 15:42 - 2012-10-25 18:13 - 000000000 ____D C:\Users\Owner\Documents\Youcam
      2017-09-01 12:46 - 2015-01-18 12:22 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-08-29 18:55 - 2016-05-20 15:44 - 000000000 ____D C:\Users\Owner\AppData\LocalLow\Temp
      2017-08-29 17:22 - 2015-06-14 18:37 - 000000000 ____D C:\ProgramData\Package Cache
      2017-08-29 17:20 - 2016-11-17 22:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2017-08-29 17:20 - 2013-01-14 16:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2017-08-28 16:02 - 2016-11-08 19:18 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-08-28 16:02 - 2016-11-08 19:18 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-08-24 20:18 - 2017-07-25 00:28 - 000000000 ____D C:\Users\Owner\Desktop\PELIS-MAXI
      2017-08-24 09:27 - 2016-05-21 18:54 - 000000000 ____D C:\Program Files (x86)\Dropbox
      2017-08-23 23:27 - 2016-11-19 20:50 - 000000000 ____D C:\Users\Owner\AppData\LocalLow\Mozilla
      2017-08-21 11:49 - 2016-03-10 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
      2017-08-20 22:56 - 2016-09-25 10:35 - 000000000 ____D C:\WINDOWS\Minidump
      2017-08-20 15:25 - 2016-09-24 17:16 - 000000000 ____D C:\Users\UpdatusUser
      2017-08-20 15:25 - 2016-09-24 17:16 - 000000000 ____D C:\Users\Owner
      2017-08-16 15:11 - 2014-04-03 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
      2017-08-13 11:00 - 2013-02-11 12:51 - 000000000 ____D C:\Users\Owner\Documents\Marcos Gabriel
      2017-08-11 21:26 - 2013-10-11 12:06 - 000000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics
      2017-08-09 18:28 - 2016-03-10 11:16 - 000173784 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
      2017-08-09 18:28 - 2016-03-10 11:16 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
      2017-08-09 16:29 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
      2017-08-09 16:29 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2017-08-05 22:27 - 2016-07-16 08:47 - 000000000 ____D C:\WINDOWS\Web

      ==================== Files in the root of some directories =======

      2013-02-25 21:22 - 2013-02-25 21:22 - 000000000 _____ () C:\Users\Owner\AppData\Roaming\gd.db
      2013-02-25 21:22 - 2013-02-25 21:40 - 000000301 _____ () C:\Users\Owner\AppData\Roaming\groovedown.settings
      2016-12-06 15:49 - 2016-12-06 15:49 - 000000132 _____ () C:\Users\Owner\AppData\Roaming\Prefs. de filtro IllExport de Adobe CC
      2014-07-04 21:08 - 2017-06-21 17:29 - 000000132 _____ () C:\Users\Owner\AppData\Roaming\Prefs. de formato PNG de Adobe CC
      2014-01-13 21:15 - 2014-01-13 21:15 - 142848334 _____ () C:\Users\Owner\AppData\Local\ACCCx2_3_0_322.zip.aamdownload
      2014-01-13 21:15 - 2014-01-13 21:15 - 000001796 _____ () C:\Users\Owner\AppData\Local\ACCCx2_3_0_322.zip.aamdownload.aamd
      2014-09-07 00:10 - 2016-12-06 16:24 - 000001456 _____ () C:\Users\Owner\AppData\Local\Adobe Guardar para Web 13.0 Prefs
      2016-11-23 10:48 - 2016-11-23 10:48 - 000000233 _____ () C:\ProgramData\geplugin.ini

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-08-26 23:52

      ==================== End of FRST.txt ============================

    10. #10
      Usuario Avatar de margabros
      Registrado
      feb 2012
      Ubicación
      Com Riv
      Mensajes
      35

      Re: Ayuda! Virus chino en mi escritorio

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
      Ran by Owner (03-09-2017 21:49:54)
      Running from C:\Users\Owner\Desktop
      Windows 10 Home Version 1607 (X64) (2016-09-24 21:01:06)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrator (S-1-5-21-4181600625-2044144912-1258088631-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-4181600625-2044144912-1258088631-503 - Limited - Disabled)
      Guest (S-1-5-21-4181600625-2044144912-1258088631-501 - Limited - Disabled)
      HomeGroupUser$ (S-1-5-21-4181600625-2044144912-1258088631-1005 - Limited - Enabled)
      Owner (S-1-5-21-4181600625-2044144912-1258088631-1001 - Administrator - Enabled) => C:\Users\Owner
      UpdatusUser (S-1-5-21-4181600625-2044144912-1258088631-1000 - Limited - Enabled) => C:\Users\UpdatusUser

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
      AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
      Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
      Adobe Reader X (10.1.8) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
      Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
      Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.82 - NVIDIA Corporation) Hidden
      Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
      Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
      AquaChem 2011.1 (HKLM-x32\...\{1F49A773-0DF2-4460-BAF5-066FB8A497B4}) (Version: 2011.1.40 - Schlumberger Water Services)
      aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
      AuthenTec TrueAPI 64-bit (HKLM\...\{EBC0CC3F-B7A1-4FC8-8014-4C7BFD3925E8}) (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
      Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.29.32 - Avira Operations GmbH & Co. KG)
      Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
      Avira Connect (HKLM-x32\...\{7990b9d3-2da3-4eef-bf20-73a05086fd12}) (Version: 1.2.92.32157 - Avira Operations GmbH & Co. KG)
      Avira Connect (HKLM-x32\...\{E972AE5C-71B3-4D35-8193-BC4CC2F1FA20}) (Version: 1.2.92.32157 - Avira Operations GmbH & Co. KG) Hidden
      Bejeweled 3 (HKLM-x32\...\WTA-2af87f29-482f-4adc-b499-a5303b67e16c) (Version: 2.2.0.97 - WildTangent) Hidden
      Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
      Blackhawk Striker 2 (HKLM-x32\...\WTA-5314cc13-949a-4995-bac4-69188ec318e4) (Version: 2.2.0.95 - WildTangent) Hidden
      Blio (HKLM-x32\...\{74A8E1BE-D438-4C35-ABFF-3A1EAF17526E}) (Version: 2.2.8530 - K-NFB Reading Technology, Inc.)
      Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
      CCleaner (HKLM\...\CCleaner) (Version: 5.33 - Piriform)
      Chuzzle Deluxe (HKLM-x32\...\WTA-09b98133-2c2e-45a7-8cd5-e90227b6f127) (Version: 2.2.0.95 - WildTangent) Hidden
      Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
      Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
      Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
      Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
      Cradle of Rome 2 (HKLM-x32\...\WTA-b625551c-2969-4490-9281-70156f246ed6) (Version: 2.2.0.98 - WildTangent) Hidden
      CyberLink PowerDirector 13 (HKLM-x32\...\{BA385AFC-00B1-417C-8C20-74B996EF3AF0}) (Version: 13.0.2307.0 - CyberLink Corp.)
      CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.2.4725 - CyberLink Corp.)
      D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      Dora's World Adventure (HKLM-x32\...\WTA-4e4c60ba-e425-4fe4-bdea-7422ee58b068) (Version: 2.2.0.95 - WildTangent) Hidden
      Dropbox (HKLM-x32\...\Dropbox) (Version: 33.4.23 - Dropbox, Inc.)
      Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
      ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{768A6276-5822-489C-8A2B-67190F745655}) (Version: 4.1.2 - Hewlett-Packard)
      Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
      Farm Frenzy (HKLM-x32\...\WTA-d8f74735-f0c2-42fe-93db-c45b8b63ecaf) (Version: 2.2.0.98 - WildTangent) Hidden
      Farmscapes (HKLM-x32\...\WTA-ac26455a-ccd1-4eb6-b597-88678295882d) (Version: 2.2.0.98 - WildTangent) Hidden
      FATE (HKLM-x32\...\WTA-d0b19407-8bbd-4875-b74a-bb22cf8a2918) (Version: 2.2.0.97 - WildTangent) Hidden
      Final Drive Fury (HKLM-x32\...\WTA-7e4e794f-ab9b-4e38-92c7-3f6ca01a3f0f) (Version: 2.2.0.95 - WildTangent) Hidden
      Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
      GlobalMapper 16 (64-bit) (HKLM\...\{FA296876-FBE2-406D-8E84-164E034605BC}) (Version: 16.00.0010 - Blue Marble Geographics)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
      Google Drive (HKLM-x32\...\{A90339B3-2C3F-492E-B3A7-0BDFC691E526}) (Version: 2.34.6425.2548 - Google, Inc.)
      Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      Groovedown (HKLM-x32\...\Groovedown) (Version: 1.0 - Groovedown.me)
      Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
      Hoyle Card Games (HKLM-x32\...\WTA-3b75e0f9-3038-4255-854d-0c164eef6728) (Version: 2.2.0.95 - WildTangent) Hidden
      HP 3D DriveGuard (HKLM\...\{E5D02167-DD50-4E8C-B9F9-992182E08D6B}) (Version: 4.2.9.1 - Hewlett-Packard Company)
      HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
      HP Documentation (HKLM-x32\...\{3F122044-172F-4DC6-96CA-0DD4300E9CD9}) (Version: 1.2.0.0 - Hewlett-Packard)
      HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
      HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
      HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21096.0 - Hewlett-Packard Company)
      HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
      HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
      HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
      HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)
      HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
      HP SimplePass (HKLM-x32\...\{4BACA3B8-F63A-44ED-9A8D-48B4D02AD268}) (Version: 6.0.100.276 - Hewlett-Packard)
      HP Software Framework (HKLM-x32\...\{1ED94A73-3206-4953-B75C-1E4BE1D22B8A}) (Version: 4.5.12.1 - Hewlett-Packard Company)
      HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.4.19.3 - Hewlett-Packard Company)
      HP Support Solutions Framework (HKLM-x32\...\{7B649B69-BE85-4011-AFAE-4767BC9D934A}) (Version: 12.7.27.15 - Hewlett-Packard Company)
      IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
      Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
      Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2626 - Intel Corporation)
      Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
      Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
      iTunes (HKLM\...\{A04DCB25-7040-4935-A30D-8E0A893ABF2D}) (Version: 11.1.2.32 - Apple Inc.)
      Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
      Jewel Match 3 (HKLM-x32\...\WTA-3692516a-4ab1-4e69-86ab-840eb4570b6c) (Version: 2.2.0.98 - WildTangent) Hidden
      Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-57297463-c5cb-43f4-81f1-7a5bdbb61d18) (Version: 2.2.0.98 - WildTangent) Hidden
      John Deere Drive Green (HKLM-x32\...\WTA-3a229607-a207-4c55-99b3-49d40e4619e3) (Version: 2.2.0.95 - WildTangent) Hidden
      Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      KML2KML (HKLM-x32\...\{26FB3098-40A8-43DC-AE95-CE1D7ECF087E}) (Version: 3.0.22 - GIS Center)
      Kodi (HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\...\Kodi) (Version: - XBMC-Foundation)
      Kodi (HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299\...\Kodi) (Version: - XBMC-Foundation)
      Letters from Nowhere 2 (HKLM-x32\...\WTA-c53a743b-38dd-41f1-9f0c-32d175458829) (Version: 2.2.0.97 - WildTangent) Hidden
      Luxor HD (HKLM-x32\...\WTA-2008aae8-3247-4c9c-996a-92df279539e5) (Version: 2.2.0.98 - WildTangent) Hidden
      Mah Jong Medley (HKLM-x32\...\WTA-86945a1c-3216-40dc-8b79-2e3dbb49d274) (Version: 2.2.0.95 - WildTangent) Hidden
      Malwarebytes versión 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
      McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.587.1 - McAfee, Inc.)
      MediaFire Desktop (HKLM-x32\...\MediaFire Desktop 1.6.16.10941) (Version: 1.6.16.10941 - MediaFire)
      Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
      Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM-x32\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation)
      Mozilla Firefox 55.0.3 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 es-ES)) (Version: 55.0.3 - Mozilla)
      Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
      MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
      MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
      NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
      NVIDIA Controlador de gráficos 376.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.82 - NVIDIA Corporation)
      NVIDIA Update 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)
      Octoshape Streaming Services (HKU\S-1-5-21-4181600625-2044144912-1258088631-1001\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
      Octoshape Streaming Services (HKU\S-1-5-21-4181600625-2044144912-1258088631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09012017214353299\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
      opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
      Panel de control de NVIDIA 376.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.82 - NVIDIA Corporation) Hidden
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
      Penguins! (HKLM-x32\...\WTA-8298b295-31d1-4ebe-af92-c9eaef67fbc0) (Version: 2.2.0.98 - WildTangent) Hidden
      Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-efcf219b-0c3a-4823-9328-31858acddbfd) (Version: 2.2.0.98 - WildTangent) Hidden
      PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
      Poker Superstars III (HKLM-x32\...\WTA-7e70ff53-355d-49c6-aea8-c000595508d5) (Version: 2.2.0.95 - WildTangent) Hidden
      Polar Bowler (HKLM-x32\...\WTA-75d0873d-e1fb-43d8-ba32-333f3ecbaa89) (Version: 2.2.0.97 - WildTangent) Hidden
      Polar Golfer (HKLM-x32\...\WTA-30d3e664-8a8e-4dde-be71-d56c96c85a15) (Version: 2.2.0.98 - WildTangent) Hidden
      Ralink RT5390R 802.11b/g/n Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.33.1 - Mediatek)
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
      Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
      Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation)
      RollerCoaster Tycoon 3: Platinum (HKLM-x32\...\WTA-a74d8ae4-ea48-4185-9afa-a46601a640ae) (Version: 2.2.0.98 - WildTangent) Hidden
      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
      SketchUp 2015 (HKLM-x32\...\{ED282C25-9E86-4075-AD51-3DEA515DB395}) (Version: 15.3.330 - Trimble Navigation Limited)
      Skype Web Plugin (HKLM-x32\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.)
      Skype Web Plugin (HKLM-x32\...\{D116C78B-2A53-4BF9-A089-5BE0E132C10C}) (Version: 7.25.0.32 - Skype Technologies S.A.)
      Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
      Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.2.201501291105 - Sony Mobile Communications Inc.)
      Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
      Surfer 10 (64-bit) (HKLM\...\{118F440A-6384-4763-85D4-4D1F08155DEF}) (Version: 10.1.561 - Golden Software, Inc.) Hidden
      Surfer 10 (64-bit) (HKLM-x32\...\Surfer 10 (64-bit)) (Version: - Golden Software)
      Swmm 5 vE (HKLM-x32\...\Swmm 5 vE) (Version: - )
      swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
      Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
      The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-97af48c9-6aab-4cb7-9668-8b8b5e067269) (Version: 2.2.0.98 - WildTangent) Hidden
      TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
      Torchlight (HKLM-x32\...\WTA-d03dfba3-2622-4f9b-beb1-20e0b29521a9) (Version: 2.2.0.98 - WildTangent) Hidden
      Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
      Validity WBF DDK (HKLM\...\{DA83578A-7DB2-4CF6-9453-CF24C7917AB8}) (Version: 4.3.301.0 - Validity Sensors, Inc.)
      Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-0cefc61f-bba2-4b8a-946a-ab3abcb620f6) (Version: 2.2.0.98 - WildTangent) Hidden
      Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
      VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
      Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
      WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.32 - WildTangent) Hidden
      Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
      Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
      Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
      WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
      Zuma's Revenge (HKLM-x32\...\WTA-4b947319-8b9b-44f2-98f8-2adb5637572e) (Version: 2.2.0.98 - WildTangent) Hidden

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-4181600625-2044144912-1258088631-1001_Classes\CLSID\{1233A989-8A71-4FED-9712-C4F07707E209}\InprocServer32 -> C:\Users\Owner\AppData\Local\SkypePlugin\7.25.0.32\GatewayActiveX-x64.dll (Skype Technologies S.A.)
      CustomCLSID: HKU\S-1-5-21-4181600625-2044144912-1258088631-1001_Classes\CLSID\{13C484D6-AD2C-46D9-9581-1E03CBED164C}\localserver32 -> C:\Users\Owner\AppData\Local\SkypePlugin\7.25.0.32\GatewayVersion-x64.exe (Skype Technologies S.A.)
      CustomCLSID: HKU\S-1-5-21-4181600625-2044144912-1258088631-1001_Classes\CLSID\{b2933480-9788-11d2-9780-00104b6d9c80}\localserver32 -> C:\Program Files\Golden Software\Surfer 10\Surfer.exe (Golden Software, Inc.)
      CustomCLSID: HKU\S-1-5-21-4181600625-2044144912-1258088631-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Owner\AppData\Local\SkypePlugin\7.25.0.32\EdgeCalling.exe (Skype Technologies S.A.)
      ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
      ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
      ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
      ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_ec823.dll [2015-08-20] (TODO: <Company name>)
      ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_ec823.dll [2015-08-20] (TODO: <Company name>)
      ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_ec823.dll [2015-08-20] (TODO: <Company name>)
      ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_ec823.dll [2015-08-20] (TODO: <Company name>)
      ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_ec823.dll [2015-08-20] (TODO: <Company name>)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ContextMenuHandlers1: [BitZipper32] -> {D5906221-A717-479B-9B49-CD848F9CE816} => C:\Program Files (x86)\BitZipper\BZShlExt64.dll [2012-10-17] (Bitberry Software)
      ContextMenuHandlers1: [BitZipper64] -> {9176020F-4A61-4F57-A133-258110EBC765} => C:\Program Files (x86)\BitZipper\BZShlExt64.dll [2012-10-17] (Bitberry Software)
      ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
      ContextMenuHandlers1: [MFShellStatic] -> {007D3D20-762B-40FF-BE6A-15E479A9DBFA} => C:\Program Files (x86)\MediaFire Desktop\MFDesktopShellStatic_ec823.dll [2015-08-20] (TODO: <Company name>)
      ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-08-09] (Avira Operations GmbH & Co. KG)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] ()
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
      ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
      ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()
      ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] ()
      ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
      ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-02-06] (NVIDIA Corporation)
      ContextMenuHandlers6: [BitZipper32] -> {D5906221-A717-479B-9B49-CD848F9CE816} => C:\Program Files (x86)\BitZipper\BZShlExt64.dll [2012-10-17] (Bitberry Software)
      ContextMenuHandlers6: [BitZipper64] -> {9176020F-4A61-4F57-A133-258110EBC765} => C:\Program Files (x86)\BitZipper\BZShlExt64.dll [2012-10-17] (Bitberry Software)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
      ContextMenuHandlers6: [MFShellStatic] -> {007D3D20-762B-40FF-BE6A-15E479A9DBFA} => C:\Program Files (x86)\MediaFire Desktop\MFDesktopShellStatic_ec823.dll [2015-08-20] (TODO: <Company name>)
      ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-08-09] (Avira Operations GmbH & Co. KG)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] ()
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] ()

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {032BC28E-86C2-41BE-BB89-D968CA8B2EE9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
      Task: {08DDC84F-5D12-40B9-A93D-DCD76FD3B34B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
      Task: {0CAE61BD-F511-4FB6-BCEE-FCF22D92FAC6} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
      Task: {0DAC58B3-4BCB-4914-A299-BAFD9A6877EF} - System32\Tasks\{F8B21B03-5CCD-4163-9F95-3D59BAF936FD} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsMain
      Task: {10E2EE42-A2CD-4D67-AAAC-8E287DF20343} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
      Task: {19EF601E-48BE-40C3-8172-90EA8C89D3BF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
      Task: {1C94E204-DA00-4FC9-987C-4A247E9E82B5} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
      Task: {2107C8CD-0091-4711-8938-64362771B57B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {2975127E-BD0F-4865-A913-15483EBC6A23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
      Task: {2A26304B-D101-4874-9870-A3F560246066} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
      Task: {2C71D8D3-9112-4E83-ACDB-A598B59B383D} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
      Task: {2D400BBD-2741-480F-9015-24F262622C5D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {2D5EA1B3-800E-4646-AED7-5454A0789C46} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {35001C4C-237A-4DCD-90DD-DF97808FDD4A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
      Task: {355F99EA-5DB7-4B6F-A48B-A30666A4ECB4} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {3920094D-370A-4D7A-B1F5-DC40368B5373} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {4A45179A-228D-4EC7-8BDD-7108D43CFC05} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
      Task: {4CFBD015-1ED4-420C-AB6A-5712A9E33D99} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
      Task: {4F94C475-E4C1-4001-A19A-F591AA754029} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-21] (Dropbox, Inc.)
      Task: {504984F3-45B1-4AF9-9C2C-70C8EA6EF76D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
      Task: {530B47BE-327A-454F-8749-0230365E7A61} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {549B528D-5752-42F9-A86C-A76EE20314FF} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-11-28] (CyberLink)
      Task: {58282883-BBF7-4225-BEE4-BFEF21A183F5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
      Task: {5C85A0BE-5794-4467-A45A-73148D3B6988} - System32\Tasks\{873AD35B-A9BC-4D42-9E79-E3A8879302F3} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-10-23] (Apple Inc.)
      Task: {5EFCB577-D170-48AA-A409-9EC30488D1C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
      Task: {62ACED3D-DEA7-431F-9AD0-8C06B74074D5} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
      Task: {67586EB2-841A-4460-91C5-1695A3F7F4A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
      Task: {67807977-1AAF-4608-8A66-DEBE33ED7C63} - System32\Tasks\{366D6D1F-8DE9-4FDB-AACB-74AD46ECB6DA} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-10-23] (Apple Inc.)
      Task: {6D54F106-21D4-4650-9EB8-29D1538AF06F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
      Task: {6DD6B7D1-82D5-431B-AB2E-36934FECBB70} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
      Task: {70E12292-BE3A-4955-BBE7-0CB211735387} - System32\Tasks\{765B0053-3532-409E-B638-30E945805320} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsMain
      Task: {73EC56A3-5C89-4FEA-BAE4-72C7C57D1682} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
      Task: {76D3BDC0-C62C-4EC2-AF9B-91975F8C6B75} - System32\Tasks\{8D0E960D-7EAE-4816-8742-9F5297E1A441} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.3.0.101/es/abandoninstall?page=tsProgressBar
      Task: {78716275-412A-46BF-AB75-3E756A7CE54A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
      Task: {7D9432E5-FFBA-4A62-A5A8-EB39A492E19C} - System32\Tasks\{FE1603AC-243B-4041-AE8C-538FFD264E5A} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-10-23] (Apple Inc.)
      Task: {858CA3F1-04D3-4BF5-86C8-DE9D07C7245B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {869E1FDA-3E01-410A-A7AF-79B86FB36B0B} - System32\Tasks\{B43C8C13-8CE9-4BD0-84DE-EFC0FF85A4B2} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-05-17] (Skype Technologies S.A.)
      Task: {8DB479DE-D65F-467E-95BB-082B436847FD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
      Task: {9225D60F-65ED-4CD3-B96F-61B436441CA2} - System32\Tasks\{C935272E-C6A7-49F9-8E8F-78CFC83080BC} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsProgressBar
      Task: {927E155F-F01F-45F6-AB27-296726E14B3A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
      Task: {94B46626-32D6-4CD0-8C47-C88FF4B07CFC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {96F94C46-CCCA-407A-810A-8C42D145F228} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
      Task: {9CDC8092-D084-4E57-87F2-E14E13F752AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-08-03] (Piriform Ltd)
      Task: {A0FE1C61-E6B1-4198-9E4B-2CE102BB86C4} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
      Task: {A1F01E5C-9933-42F8-A231-137F325722D9} - System32\Tasks\{3D8B7F66-46B7-4A17-9BED-0E4F7D9029F4} => C:\Program Files (x86)\iTunes\iTunes.exe [2013-10-23] (Apple Inc.)
      Task: {AA242E50-B4E8-419D-A66D-A1CBA37ECE69} - System32\Tasks\{4DA46E58-DEAD-4E99-993E-73E6D1E1C040} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [2011-11-28] (CyberLink Corp.)
      Task: {AA2A63A9-947C-4B89-AE0F-07F7A5098ABC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
      Task: {AA5548D3-BF90-4CD5-AC9D-EAED8926B644} - System32\Tasks\{E98FB605-B9AA-4877-BBA2-68DE0C3D4886} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.3.73.105.457/es/abandoninstall?page=tsMain
      Task: {ACD9D205-CA3A-496F-9B6E-5DC28BAC0198} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Owner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
      Task: {AD10E7F6-059E-4F11-BE3E-22CFF7D242FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-09] (Adobe Systems Incorporated)
      Task: {B741D899-C488-45F5-88F5-11977E8EBFA9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {B7A12267-9406-469A-9643-CEC6ADA7FEA5} - System32\Tasks\{B57F742E-872B-4499-8A0B-C5AB2A89E959} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [2011-11-28] (CyberLink Corp.)
      Task: {B7F2F1EF-42FB-4360-AF0A-FF38E4C8FF41} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
      Task: {C5B41FD5-811B-41C6-B3E3-9E5E3AF5DD8D} - System32\Tasks\{F6585F8E-4354-47A7-A633-C97C5EF43F60} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.16.0.105/es/abandoninstall?page=tsProgressBar
      Task: {C7299359-4927-4786-874F-638BA2B691D3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-21] (Dropbox, Inc.)
      Task: {C99FFDAC-780D-4DC9-B613-7F855B6A0D56} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {D0ABE2C9-FBC4-44B2-B01F-7CC2EC6414CD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {DDE2B03E-1EA4-4FCB-810F-45B02C7A0F78} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {EA4B1596-B43E-4964-B0F8-D696D7F3FBDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
      Task: {F019AB18-29EC-42DE-9031-68A5328B8083} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
      Task: {F62EAE9C-F2C2-48E3-8C03-F9E89162511F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-08-14] (HP Inc.)
      Task: {F682F653-7DDC-42C5-A6F1-29F4D0992489} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
      Task: {F7CD384D-1C02-4FB8-9417-7DCA030B5277} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
      Task: {FB4BC849-8995-4F5C-8EE4-89EA90DEDC79} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {FD6C9E69-A20C-4BD8-AEA4-472A2AF04691} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
      Task: {FF1A1B1C-AB3C-4BE3-A541-01F191F45CFE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
      Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
      Task: C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2016-07-16 08:42 - 2016-07-16 08:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
      2017-07-12 12:49 - 2017-06-21 04:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
      2015-08-29 19:36 - 2015-08-20 19:17 - 000456176 _____ () C:\Program Files (x86)\MediaFire Desktop\bin\MFUsnMonitorService.exe
      2012-09-25 20:09 - 2011-12-16 17:37 - 000128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      2017-09-01 12:46 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
      2016-09-24 17:09 - 2017-02-06 08:37 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
      2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

    Página 1 de 3 123 ÚltimoÚltimo