• Registrarse
  • Iniciar sesión


  • Página 1 de 4 1234 ÚltimoÚltimo
    Resultados 1 al 10 de 39

    Eliminar www.liveadexchanger.com y no se que mas pueda tener...

    buenos días, soy nuevo en el foro, hace poco quise craquear un programa que me baje de una página sospechosa y pues paso lo que tenía que pasar, me infecte, el programa empezó a instalar ...

    1. #1
      Usuario Avatar de itvez
      Registrado
      sep 2017
      Ubicación
      Mexico
      Mensajes
      26

      Triste Eliminar www.liveadexchanger.com y no se que mas pueda tener...

      buenos días, soy nuevo en el foro, hace poco quise craquear un programa que me baje de una página sospechosa y pues paso lo que tenía que pasar, me infecte, el programa empezó a instalar otros programas y Windows defender empezó a saltar como loco, enseguida puse a escanear malwarebytes, instale Kaspersky free, super antispyware y spybot s&d y eliminaron malware a lo loco, y desinstale los programas que se instalaron, pero tanto malwarebytes como adwcleaner no pudieron eliminar cuatro entradas en el registro, me piden reiniciar pero marcan error al eliminar, incluso realizando todo esto en modo a prueba de errores, y malwarebytes muestra una ventana cada vez que navego por internet de se bloqueo www.liveadexchanger.com, les dejo unas capturas:





      Les dejo el log de hijackthis, espero puedan ayudarme, ya no se que mas hacer…

      Logfile of Trend Micro HijackThis v2.0.5
      Scan saved at 10:58:19 a. m., on 04/09/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.15063.0000)


      Boot mode: Normal

      Running processes:
      C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avpui.exe
      C:\Users\itvez\AppData\Local\Microsoft\OneDrive\OneDrive.exe
      C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.43.0.0_x86__sw1dyjdkns7gt\Flux\noshow.exe
      C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.43.0.0_x86__sw1dyjdkns7gt\Flux\flux.exe
      C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
      C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
      C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
      C:\Users\itvez\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
      C:\Program Files\Common Files\Autodesk Shared\CLM\V5\MSVC14\cliccore\acwebbrowser.exe
      C:\Program Files\Common Files\Autodesk Shared\CLM\V5\MSVC14\cliccore\acwebbrowser.exe
      C:\Program Files\Autodesk\AutoCAD 2018\acwebbrowser\acwebbrowser.exe
      C:\Program Files\Autodesk\AutoCAD 2018\acwebbrowser\acwebbrowser.exe
      C:\Program Files\Common Files\Autodesk Shared\CLM\V5\MSVC14\cliccore\acwebbrowser.exe
      C:\Program Files\Autodesk\AutoCAD 2018\acwebbrowser\acwebbrowser.exe
      C:\Users\itvez\Downloads\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-004-752
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-004-752
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-004-752
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-004-752
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
      O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
      O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\itvez\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
      O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKUS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09042017103816445\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User '?')
      O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09042017103818276\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
      O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09042017103819463\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
      O4 - HKUS\S-1-5-21-1407347999-500537034-4068247404-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09042017103821260\..\Run: [OneDrive] "C:\Users\itvez\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User '?')
      O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
      O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
      O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
      O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
      O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
      O23 - Service: @%SystemRoot%\system32\AJRouter.dll,-2 (AJRouter) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio Kaspersky Anti-Virus 18.0.0 (AVP18.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe
      O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Cobian Backup 11 Volume Shadow Copy Requester (cbVSCService11) - CobianSoft, Luis Cobian - D:\Program Files\Cobian Backup 11\cbVSCService11.exe
      O23 - Service: @%SystemRoot%\system32\cdpsvc.dll,-100 (CDPSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\cdpusersvc.dll,-100 (CDPUserSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Servicio de usuario de plataforma de dispositivos conectados_6e708 (CDPUserSvc_6e708) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: DiskDrill Watcher (cfbackd) - CleverFiles - C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe
      O23 - Service: @%SystemRoot%\system32\ClipSVC.dll,-103 (ClipSVC) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - D:\Program Files\Cobian Backup 11\cbService.exe
      O23 - Service: @%SystemRoot%\system32\coremessaging.dll,-1 (CoreMessagingRegistrar) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DevicesFlowBroker.dll,-103 (DevicesFlowUserSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: DevicesFlow_6e708 (DevicesFlowUserSvc_6e708) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DevQueryBroker.dll,-100 (DevQueryBroker) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\diagtrack.dll,-3001 (DiagTrack) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\Windows.Internal.Management.dll,-100 (DmEnrollmentSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dmwappushsvc.dll,-200 (dmwappushservice) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dosvc.dll,-100 (DoSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dssvc.dll,-10003 (DsSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dusmsvc.dll,-1 (DusmSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\embeddedmodesvc.dll,-201 (embeddedmode) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @EnterpriseAppMgmtSvc.dll,-1 (EntAppSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
      O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\FrameServer.dll,-100 (FrameServer) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\hvhostsvc.dll,-100 (HvHost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\tetheringservice.dll,-4097 (icssvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @%Systemroot%\system32\ipxlatcfg.dll,-500 (IpxlatCfgSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (irmon) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: klvssbridge64_18.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\vssbridge64.exe
      O23 - Service: Servicio de Kaspersky Secure Connection 2.0.0 (KSDE2.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
      O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\lfsvc.dll,-1 (lfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\licensemanagersvc.dll,-200 (LicenseManager) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\moshost.dll,-100 (MapsBroker) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @%SystemRoot%\system32\MessagingService.dll,-100 (MessagingService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: MessagingService_6e708 - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
      O23 - Service: @%systemroot%\system32\NaturalAuth.dll,-100 (NaturalAuthentication) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\NetSetupSvc.dll,-3 (NetSetupSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\NgcCtnrSvc.dll,-1 (NgcCtnrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      O23 - Service: @%SystemRoot%\system32\APHostRes.dll,-10002 (OneSyncSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Sincronizar host_6e708 (OneSyncSvc_6e708) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
      O23 - Service: @%SystemRoot%\system32\PhoneserviceRes.dll,-10000 (PhoneSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-15001 (PimIndexMaintenanceSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Datos de los contactos_6e708 (PimIndexMaintenanceSvc_6e708) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\RDXService.dll,-256 (RetailDemo) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\RMapi.dll,-1001 (RmSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
      O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
      O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\SEMgrSvc.dll,-1001 (SEMgrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\sensorservice.dll,-1000 (SensorService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SmsRouterSvc.dll,-10001 (SmsRouter) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\windows.staterepository.dll,-1 (StateRepository) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\tileobjserver.dll,-1 (tiledatamodelsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBrokerSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\tokenbroker.dll,-100 (TokenBroker) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-10003 (UnistoreSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Almacenamiento de datos de usuarios_6e708 (UnistoreSvc_6e708) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\UserDataAccessRes.dll,-14001 (UserDataSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Acceso a datos de usuarios_6e708 (UserDataSvc_6e708) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\usermgr.dll,-100 (UserManager) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\usocore.dll,-101 (UsoSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\icsvc.dll,-801 (vmicguestinterface) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-101 (vmicheartbeat) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-201 (vmickvpexchange) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvcext.dll,-601 (vmicrdv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-301 (vmicshutdown) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-401 (vmictimesync) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvc.dll,-901 (vmicvmsession) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\icsvcext.dll,-501 (vmicvss) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\WalletService.dll,-1000 (WalletService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wfdsconmgrsvc.dll,-9000 (WFDSConMgrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\flightsettings.dll,-104 (wisvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lpasvc.dll,-1000 (wlpasvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
      O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpnservice.dll,-1 (WpnService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\WpnUserService.dll,-1 (WpnUserService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Servicio de usuario de notificaciones de inserción de Windows_6e708 (WpnUserService_6e708) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
      O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\xbgmsvc.dll,-100 (xbgm) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\XblAuthManager.dll,-100 (XblAuthManager) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\XblGameSave.dll,-100 (XblGameSave) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\xboxgipsvc.dll,-100 (XboxGipSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\XboxNetApiSvc.dll,-100 (XboxNetApiSvc) - Unknown owner - C:\Windows\system32\svchost.exe

      --
      End of file - 37201 bytes

    2. #2
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.165

      Re: Eliminar www.liveadexchanger.com y no se que mas pueda tener...

      Saludos y [email protected]





      Descargar Junkware Removal Tool utility ,en el escritorio >> JRT

      1- Deshabilitas el antivirus >> Cómo deshabilitar temporalmente su Antivirus

      2- Ejecuta JRT.exe, (en Windows 7 u 8 ejecutar como "Administrador") Botón derecho >> Ejecutar como Administrador

      • Presiona cualquier tecla para continuar y espera pacientemente a que termine su proceso.

      • El programa creara una copia del registro en C >> Windows >> ERUNT >> JRT
      • Al finalizar, un registro (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próximo mensaje de respuesta

      Descarga Hitman Pro >> HitmanPro 3.7.9 | InfoSpyware
      Manual Hitman Pro >> Manual de HitmanPro.
      -Eliges según tu Windows sea de 32 bits o de 64 bits >> Como determinar si su sistema es de 32 o 64 bits

      • Ejecuta HitmanPRO, (en Windows 7 u 8 ejecutar como "Administrador")
      • Presiona el botón: "Siguiente".
      • Dejamos marcada la opción recomendada >> Instalar una copia en el equipo<< y desmarcamos las casillas adicionales
      • En "Configuración", desmarcamos análisis de Cookies y “aceptar” Pulsamos Siguiente
      • Una vez finalizado el escaneo HitmanPRO incluye 30 días gratuitos para la eliminación de los posibles malwares detectados.

      - Cuando la búsqueda haya finalizado, se mostrará la ventana Resultados del análisis.
      -Recuerde OMITIR los marcados como Sospechosos
      - Pulsamos en Siguiente, para que Hitman realice lo necesario con las amenazas encontradas

      El informe también lo puede encontrar en Configuración>> Historial >> Registros

      Paso 1.-: Descarga Malwarebytes Anti-Rootkit Beta >>Malwarebytes Anti-Rootkit | InfoSpyware y descomprima el contenido en su escritorio
      Paso 2.- : Desactiva tu antivirus >> Cómo deshabilitar temporalmente su Antivirus

      Abra la carpeta Mbar. Doble clic en el archivo Mbar.exe
      • En la interfaz del programa haga clic en Next.
      • Haga clic en el botón Update. Terminando clic en Next
      • Para iniciar el análisis clic en el botón Scan
      • Terminando, si hay infección clic en CleanUp, si no hay, clic en Exit.


      Al finalizar abra la carpeta Mbar, los archivos mbar-log.txt , copie y pegue todo su contenido en la siguiente respuesta y comentando los resultados.


      1-Descarga Farbar Recovery Scan Tool By Farbar (Descarga el archivo dependiendo de la arquitectura de tu sistema).>> Como saber si mi sistema es de 32 o de 64 Bits

      • La guardas en el escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.

      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Me vas pegando logs en orden y comentas como va
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de itvez
      Registrado
      sep 2017
      Ubicación
      Mexico
      Mensajes
      26

      Re: Eliminar www.liveadexchanger.com y no se que mas pueda tener...

      muchas gracias por tu pronta respuesta, aquí te dejo el log de Junkware Removal Tool (JRT), ahora voy a pasar el Hitman Pro, espero sigas ayudándome, gracias.

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 10 Pro x64
      Ran by itvez (Administrator) on 04/09/2017 at 13:22:43.83
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 5

      Successfully deleted: C:\ProgramData\productdata (Folder)
      Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (itvez) (Task)
      Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_itvez (Task)
      Successfully deleted: C:\Windows\Tasks\Uninstaller_SkipUac_itvez.job (Task)
      Successfully deleted: C:\Windows\wininit.ini (File)



      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 04/09/2017 at 13:24:48.23
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    4. #4
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.165

      Re: Eliminar www.liveadexchanger.com y no se que mas pueda tener...

      Ok,,,,,,,,,,,,,,,,,
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de itvez
      Registrado
      sep 2017
      Ubicación
      Mexico
      Mensajes
      26

      Re: Eliminar www.liveadexchanger.com y no se que mas pueda tener...

      te dejo el log del Hitman PRO

      Código:
      HitmanPro 3.7.20.286
      www.hitmanpro.com
      
         Computer name . . . . : EMMANUEL
         Windows . . . . . . . : 10.0.0.15063.X64/4
         User name . . . . . . : EMMANUEL\itvez
         UAC . . . . . . . . . : Enabled
         License . . . . . . . : Trial (27 days left)
      
         Scan date . . . . . . : 2017-09-04 13:30:48
         Scan mode . . . . . . : Normal
         Scan duration . . . . : 16m 54s
         Disk access mode  . . : Direct disk access (SRB)
         Cloud . . . . . . . . : Internet
         Reboot  . . . . . . . : No
      
         Threats . . . . . . . : 0
         Traces  . . . . . . . : 3
      
         Objects scanned . . . : 2,587,609
         Files scanned . . . . : 57,017
         Remnants scanned  . . : 288,414 files / 2,242,178 keys
      
      Suspicious files ____________________________________________________________
      
         C:\Program Files\PowerDataRecovery\powerdatarecovery.exe
            Size . . . . . . . : 4,152,216 bytes
            Age  . . . . . . . : 4.2 days (2017-08-31 09:37:21)
            Entropy  . . . . . : 7.2
            SHA-256  . . . . . : BD6A6B90A62BBC3096E2D8A6541B1D2961E6A078C9041DE6799AB75A65579371
            Product  . . . . . : MiniTool Power Data Recovery V7.0
            Publisher  . . . . : MiniTool Solution Ltd.
            Description  . . . : MiniTool Power Data Recovery V7.0
            Version  . . . . . : 7.0
            Copyright  . . . . : Copyright (C) 2006 - 2015, MiniTool Solution Ltd., All rights reserved.
            RSA Key Size . . . : 2048
            LanguageID . . . . : 1033
            Authenticode . . . : Invalid
            Fuzzy  . . . . . . : 26.0
               Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
               Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
               Time indicates that the file appeared recently on this computer.
            References
               C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery 7.0\MiniTool Power Data Recovery 7.0.lnk
      
         C:\Users\itvez\Desktop\FRST64.exe
            Size . . . . . . . : 2,395,648 bytes
            Age  . . . . . . . : 3.2 days (2017-09-01 07:58:35)
            Entropy  . . . . . : 7.6
            SHA-256  . . . . . : 3A0DD3CC5A3AF8F77E2DFE27765BFC712CEF4536CCC3C6B27A9C5A790A3CAE0B
            Needs elevation  . : Yes
            Fuzzy  . . . . . . : 24.0
               Program has no publisher information but prompts the user for permission elevation.
               Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
               Authors name is missing in version info. This is not common to most programs.
               Version control is missing. This file is probably created by an individual. This is not typical for most programs.
               Time indicates that the file appeared recently on this computer.

    6. #6
      Usuario Avatar de itvez
      Registrado
      sep 2017
      Ubicación
      Mexico
      Mensajes
      26

      Re: Eliminar www.liveadexchanger.com y no se que mas pueda tener...

      este es el log de Malwarebytes Anti-Rootkit aquí si encontró cosas....

      Malwarebytes Anti-Rootkit BETA 1.9.3.1001
      www.malwarebytes.org

      Database version:
      main: v2017.09.04.08
      rootkit: v2017.08.02.01

      Windows 10 x64 NTFS
      Internet Explorer 11.540.15063.0
      itvez :: EMMANUEL [administrator]

      04/09/2017 01:33:47 p. m.
      mbar-log-2017-09-04 (13-33-47).txt

      Scan type: Quick scan
      Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
      Scan options disabled:
      Objects scanned: 277769
      Time elapsed: 33 minute(s), 19 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 2
      C:\ProgramData\Microsoft\Network\Dsq (Trojan.Egguard.PrxySvrRST) -> Delete on reboot. [501887294465b97d890560f18e72aa56]
      C:\ProgramData\Microsoft\Network\Dsq\func (Trojan.Egguard.PrxySvrRST) -> Delete on reboot. [501887294465b97d890560f18e72aa56]

      Files Detected: 2
      C:\Windows\18213e7e7f274b14d8429e4309bedd74.exe (Adware.Wajam) -> Delete on reboot. [b4b4cee2a900a98da1d6e78760a147b9]
      C:\ProgramData\Microsoft\Network\Dsq\func\msvcr100.dll (Trojan.Egguard.PrxySvrRST) -> Delete on reboot. [501887294465b97d890560f18e72aa56]

      Physical Sectors Detected: 0
      (No malicious items detected)

      (end)

    7. #7
      Usuario Avatar de itvez
      Registrado
      sep 2017
      Ubicación
      Mexico
      Mensajes
      26

      Re: Eliminar www.liveadexchanger.com y no se que mas pueda tener...

      PARTE 1 FISRT.TXT

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
      Ran by itvez (administrator) on EMMANUEL (04-09-2017 15:11:53)
      Running from C:\Users\itvez\Desktop
      Loaded Profiles: itvez (Available Profiles: itvez)
      Platform: Windows 10 Pro Version 1703 (X64) Language: Español (México)
      Internet Explorer Version 11 (Default browser: Edge)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
      (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
      (Luis Cobian, CobianSoft) D:\Program Files\Cobian Backup 11\cbService.exe
      (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
      (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
      (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      () C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.43.0.0_x86__sw1dyjdkns7gt\Flux\noshow.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
      (AVAST Software) C:\Users\itvez\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
      (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
      (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
      (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
      (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

      ==================== Registry (Whitelisted) ====================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
      HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
      HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-08-21] (Realtek Semiconductor)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
      HKLM\...\Run: [iTunesHelper] => D:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
      HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-06-15] (Autodesk, Inc.)
      HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
      HKLM-x32\...\Run: [] => [X]
      HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-07-13] (Apple Inc.)
      HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
      Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc.)
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964064 2017-08-17] (SUPERAntiSpyware)
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9832152 2017-08-03] (Piriform Ltd)
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\Policies\Explorer: []
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
      HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2007576 2017-02-03] (Autodesk, Inc.)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
      Tcpip\..\Interfaces\{de7bb4b7-1574-411b-9efb-3d0cc12d56cc}: [DhcpNameServer] 192.168.1.254
      ManualProxies:

      Internet Explorer:
      ==================
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-004-752
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-004-752
      SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
      SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-1407347999-500537034-4068247404-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-1407347999-500537034-4068247404-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
      SearchScopes: HKU\S-1-5-21-1407347999-500537034-4068247404-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-004-752&q={searchTerms}
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-04] (Microsoft Corporation)
      BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-04] (Microsoft Corporation)
      BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-04] (Microsoft Corporation)
      BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-04] (Microsoft Corporation)
      Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-04] (Microsoft Corporation)
      Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-04] (Microsoft Corporation)
      Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-04] (Microsoft Corporation)
      Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-04] (Microsoft Corporation)

      Edge:
      ======
      Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-06-28]
      Edge Extension: (Video Downloader GetThemAll) -> EdgeExtension_NimbusWebGetThemAllVideoDownlaoder_p5fjnfwkc9ns0 => C:\Program Files\WindowsApps\NimbusWeb.GetThemAll-VideoDownlaoder_1.2.1.0_neutral__p5fjnfwkc9ns0 [2017-07-03]
      Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.16.0_neutral__8wekyb3d8bbwe [2017-06-28]

      FireFox:
      ========
      FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi
      FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-09-01]
      FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Program FileS\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program FileS\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program FileS\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation)
      FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-04] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-04] (Microsoft Corporation)
      FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)

      Chrome:
      =======
      CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
      R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk Inc.)
      R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
      R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
      R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
      S2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
      S2 cbVSCService11; D:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
      S3 cfbackd; C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2016-09-29] (CleverFiles)
      R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424384 2017-08-28] (Microsoft Corporation)
      R2 CobianBackup11; D:\Program Files\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
      S4 IObitUnSvr; D:\Program Files\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
      S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\vssbridge64.exe [426416 2017-09-01] (AO Kaspersky Lab)
      S2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
      S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-17] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-17] (NVIDIA Corporation)
      R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-21] (NVIDIA Corporation)
      R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-17] (NVIDIA Corporation)
      S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
      R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
      S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
      R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-06-30] (REALiX(tm))
      R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
      R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [70880 2016-12-22] (AO Kaspersky Lab)
      R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86240 2016-12-27] (AO Kaspersky Lab)
      R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
      S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
      R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [207584 2017-09-01] (AO Kaspersky Lab)
      R1 klhk; C:\Windows\System32\drivers\klhk.sys [522736 2017-09-01] (AO Kaspersky Lab)
      R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1054432 2017-09-01] (AO Kaspersky Lab)
      R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
      R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
      R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
      R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50672 2017-06-23] (AO Kaspersky Lab)
      S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
      R3 kltap; C:\Windows\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
      R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-09-01] (AO Kaspersky Lab)
      R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [87584 2017-09-01] (AO Kaspersky Lab)
      S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [251656 2017-09-01] (AO Kaspersky Lab)
      R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [112912 2017-09-01] (AO Kaspersky Lab)
      R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [173144 2017-09-01] (AO Kaspersky Lab)
      S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
      R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [136176 2017-06-23] (AO Kaspersky Lab)
      R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199360 2017-06-23] (AO Kaspersky Lab)
      R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ce1961376673184c\nvlddmkm.sys [15600248 2017-08-22] (NVIDIA Corporation)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-17] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
      R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-08-17] (NVIDIA Corporation)
      R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [984032 2017-08-21] (Realtek )
      R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
      S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
      S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
      S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
      S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-09-04 15:11 - 2017-09-04 15:12 - 000019317 _____ C:\Users\itvez\Desktop\FRST.txt
      2017-09-04 15:09 - 2017-09-04 15:09 - 002395648 _____ (Farbar) C:\Users\itvez\Desktop\FRST64.exe
      2017-09-04 13:38 - 2017-09-04 13:38 - 000000000 ____D C:\ProgramData\ProductData
      2017-09-04 13:33 - 2017-09-04 15:05 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2017-09-04 13:32 - 2017-09-04 14:12 - 000000000 ____D C:\Users\itvez\Desktop\mbar
      2017-09-04 13:31 - 2017-09-04 13:32 - 016563352 _____ (Malwarebytes Corp.) C:\Users\itvez\Desktop\mbar-1_09_3_1001.exe
      2017-09-04 13:30 - 2017-09-04 13:30 - 000000000 ____D C:\Program Files\HitmanPro
      2017-09-04 13:24 - 2017-09-04 13:24 - 000000907 _____ C:\Users\itvez\Desktop\JRT.txt
      2017-09-04 13:17 - 2017-09-04 13:17 - 001790024 _____ (Malwarebytes) C:\Users\itvez\Desktop\JRT_exe.exe
      2017-09-04 12:42 - 2017-09-04 12:42 - 000000000 _____ C:\autoexec.bat
      2017-09-04 12:41 - 2017-09-04 12:41 - 001790024 _____ (Malwarebytes) C:\Users\itvez\Downloads\JRT.exe
      2017-09-04 12:41 - 2017-09-04 12:41 - 000022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
      2017-09-04 12:41 - 2017-09-04 12:41 - 000003414 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
      2017-09-04 12:41 - 2017-09-04 12:41 - 000001146 _____ C:\Users\itvez\Desktop\SpyHunter.lnk
      2017-09-04 12:41 - 2017-09-04 12:41 - 000000000 ____D C:\Users\itvez\AppData\Roaming\Enigma Software Group
      2017-09-04 12:41 - 2017-09-04 12:41 - 000000000 ____D C:\sh4ldr
      2017-09-04 12:40 - 2017-09-04 12:40 - 000000000 ____D C:\Program Files\Enigma Software Group
      2017-09-04 12:37 - 2017-09-04 12:37 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\itvez\Downloads\SpyHunter-Installer.exe
      2017-09-04 12:10 - 2017-09-04 12:10 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
      2017-09-04 11:36 - 2017-09-04 11:36 - 000000000 _____ C:\Users\itvez\Downloads\hitmanpro_x64_exe (1).6oda8tv.partial
      2017-09-04 11:35 - 2017-09-04 11:38 - 011584088 _____ (SurfRight B.V.) C:\Users\itvez\Downloads\hitmanpro_x64.exe
      2017-09-04 11:31 - 2017-09-04 11:31 - 046661328 _____ (Microsoft Corporation) C:\Users\itvez\Downloads\Windows-KB890830-x64-V5_51.exe
      2017-09-04 11:30 - 2017-09-04 11:31 - 000006120 _____ C:\TDSSKiller.3.1.0.15_04.09.2017_11.30.46_log.txt
      2017-09-04 11:29 - 2017-09-04 11:30 - 000006284 _____ C:\TDSSKiller.3.1.0.15_04.09.2017_11.29.33_log.txt
      2017-09-04 11:27 - 2017-09-04 11:27 - 004922400 _____ (AO Kaspersky Lab) C:\Users\itvez\Downloads\tdsskiller.exe
      2017-09-04 11:27 - 2017-09-04 11:27 - 000001160 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
      2017-09-04 11:27 - 2017-09-04 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
      2017-09-04 11:27 - 2017-09-04 11:27 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
      2017-09-04 11:27 - 2012-05-02 12:17 - 001070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
      2017-09-04 11:27 - 2009-03-24 13:52 - 000129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
      2017-09-04 11:26 - 2017-09-04 11:26 - 004291320 _____ (BrightFort LLC ) C:\Users\itvez\Downloads\spywareblastersetup55.exe
      2017-09-04 11:08 - 2017-09-04 11:09 - 000003732 _____ C:\Users\itvez\Desktop\Rkill.txt
      2017-09-04 11:07 - 2017-09-04 11:07 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\itvez\Desktop\iExplore.exe.exe
      2017-09-04 10:56 - 2017-09-04 10:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\itvez\Downloads\HijackThis.exe
      2017-09-04 10:43 - 2017-09-04 10:43 - 000002047 _____ C:\Users\itvez\Desktop\malwarebites.txt
      2017-09-04 09:41 - 2017-09-04 09:41 - 000046460 _____ C:\Users\itvez\Desktop\Shortcut.txt
      2017-09-04 09:37 - 2017-09-04 09:37 - 000000000 ____D C:\Users\itvez\AppData\Local\ElevatedDiagnostics
      2017-09-04 09:27 - 2017-09-04 09:27 - 000000326 ____H C:\Windows\Tasks\User_Feed_Synchronization-{06A02EAE-0830-4BBB-8749-6ED38848ECA2}.job
      2017-09-04 09:26 - 2017-09-04 09:26 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
      2017-09-04 09:25 - 2017-09-04 09:32 - 000181816 _____ C:\Windows\ntbtlog.txt
      2017-09-04 09:15 - 2017-09-04 09:16 - 008182736 _____ (Malwarebytes) C:\Users\itvez\Desktop\adwcleaner_7.0.2.1.exe
      2017-09-04 09:05 - 2017-09-04 09:05 - 000004390 _____ C:\Windows\System32\Tasks\avast! BCU UpdateS-1-5-21-1407347999-500537034-4068247404-1001
      2017-09-04 09:05 - 2017-09-04 09:05 - 000003514 _____ C:\Windows\System32\Tasks\avastBCLS-1-5-21-1407347999-500537034-4068247404-1001
      2017-09-04 09:05 - 2017-09-04 09:05 - 000001170 _____ C:\Users\itvez\Desktop\Avast Browser Cleanup.lnk
      2017-09-04 09:05 - 2017-09-04 09:05 - 000000000 ____D C:\Users\itvez\AppData\Roaming\Microsoft\Windows\Start Menu\Avast Browser Cleanup
      2017-09-04 09:05 - 2017-09-04 09:05 - 000000000 ____D C:\Users\itvez\AppData\Roaming\AVAST Software
      2017-09-01 15:53 - 2017-09-01 15:55 - 000477440 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-09-01 15:52 - 2017-09-04 15:03 - 122159104 _____ C:\Windows\system32\config\SOFTWARE
      2017-09-01 15:52 - 2017-09-04 15:03 - 005242880 _____ C:\Windows\system32\config\DEFAULT
      2017-09-01 15:52 - 2017-09-04 15:03 - 000032768 _____ C:\Windows\system32\config\SECURITY
      2017-09-01 15:52 - 2017-09-01 15:52 - 000081920 _____ C:\Windows\system32\config\SAM
      2017-09-01 15:52 - 2017-09-01 15:52 - 000000000 ____H C:\asc_rdflag
      2017-09-01 13:52 - 2017-09-01 13:52 - 000003063 _____ C:\Users\itvez\Desktop\malware.txt
      2017-09-01 10:28 - 2017-09-01 10:28 - 000002856 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
      2017-09-01 10:28 - 2017-09-01 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-09-01 10:27 - 2017-09-01 10:28 - 000000000 ____D C:\Program Files\CCleaner
      2017-09-01 09:43 - 2017-09-01 09:43 - 039783864 _____ (IObit ) C:\Users\itvez\Desktop\advanced-systemcare-tamindir.exe
      2017-09-01 09:06 - 2017-09-01 09:06 - 000000008 __RSH C:\ProgramData\ntuser.pol
      2017-09-01 08:27 - 2017-09-01 08:27 - 000448512 _____ (OldTimer Tools) C:\Users\itvez\Desktop\TFC.exe
      2017-09-01 08:09 - 2017-09-01 08:07 - 001054432 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
      2017-09-01 08:09 - 2017-09-01 08:07 - 000207584 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
      2017-09-01 07:59 - 2017-09-04 15:11 - 000000000 ____D C:\FRST
      2017-09-01 07:59 - 2017-09-01 09:01 - 000003851 _____ C:\Users\itvez\Desktop\Fixlog.txt
      2017-09-01 07:58 - 2017-09-01 07:58 - 002395648 _____ (Farbar) C:\Users\itvez\Desktop\FRST641.exe
      2017-09-01 07:52 - 2017-09-01 07:52 - 000251656 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
      2017-09-01 07:51 - 2017-09-01 07:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
      2017-09-01 07:51 - 2017-07-06 08:42 - 000000862 _____ C:\Windows\system32\Drivers\etc\hosts.20170901-075107.backup
      2017-09-01 07:50 - 2017-09-01 07:50 - 000229288 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
      2017-09-01 07:50 - 2017-09-01 07:50 - 000173144 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
      2017-09-01 07:50 - 2017-09-01 07:50 - 000112912 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
      2017-09-01 07:50 - 2017-09-01 07:50 - 000087584 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_kimul.sys
      2017-09-01 07:49 - 2017-09-04 15:08 - 000000000 ____D C:\ProgramData\Kaspersky Lab
      2017-09-01 07:49 - 2017-09-01 07:50 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
      2017-09-01 07:49 - 2017-09-01 07:49 - 000522736 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
      2017-09-01 07:49 - 2017-09-01 07:49 - 000149584 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
      2017-09-01 07:49 - 2017-09-01 07:49 - 000002138 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
      2017-09-01 07:49 - 2017-09-01 07:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
      2017-09-01 07:49 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
      2017-08-31 18:03 - 2017-08-31 18:03 - 000000726 _____ C:\Windows\system32\.crusader
      2017-08-31 17:40 - 2017-09-01 07:50 - 000000000 ____D C:\Program Files\Common Files\AV
      2017-08-31 17:40 - 2015-07-28 17:52 - 000821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
      2017-08-31 17:30 - 2017-08-31 18:04 - 000000000 ____D C:\ProgramData\HitmanPro
      2017-08-31 17:17 - 2017-09-04 10:05 - 000000000 ____D C:\AdwCleaner
      2017-08-31 17:07 - 2017-08-31 17:07 - 000001478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
      2017-08-31 17:07 - 2017-08-31 17:07 - 000001466 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
      2017-08-31 17:07 - 2017-08-31 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
      2017-08-31 17:06 - 2013-09-20 10:49 - 000021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
      2017-08-31 17:04 - 2017-08-31 17:05 - 046525608 _____ (Safer-Networking Ltd. ) C:\Users\itvez\Desktop\spybot-2.4.exe
      2017-08-31 16:13 - 2017-08-31 16:13 - 000001865 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
      2017-08-31 16:13 - 2017-08-31 16:13 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
      2017-08-31 16:13 - 2017-08-31 16:13 - 000000000 ____D C:\Users\itvez\AppData\Roaming\SUPERAntiSpyware.com
      2017-08-31 16:13 - 2017-08-31 16:13 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
      2017-08-31 16:13 - 2017-08-31 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
      2017-08-31 16:13 - 2017-08-31 16:13 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
      2017-08-31 16:12 - 2017-09-01 07:48 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
      2017-08-31 16:12 - 2017-08-31 17:40 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
      2017-08-31 16:12 - 2017-08-31 16:12 - 030467064 _____ (SUPERAntiSpyware) C:\Users\itvez\Desktop\SAS_9082222.EXE
      2017-08-31 12:58 - 2015-05-02 03:38 - 000000089 _____ C:\Users\itvez\Desktop\SERIAL.txt
      2017-08-31 12:45 - 2017-08-31 12:45 - 000000000 ____D C:\Users\itvez\AppData\Roaming\Mozilla
      2017-08-31 12:43 - 2017-08-31 12:43 - 000000000 ____D C:\Users\itvez\AppData\Local\Geckofx
      2017-08-31 12:37 - 2017-09-04 15:04 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
      2017-08-31 12:37 - 2017-09-04 15:04 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2017-08-31 12:37 - 2017-09-04 15:04 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2017-08-31 12:37 - 2017-09-04 13:03 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
      2017-08-31 12:37 - 2017-08-31 12:37 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
      2017-08-31 12:36 - 2017-09-04 13:33 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-08-31 12:36 - 2017-09-01 10:40 - 000012914 _____ C:\Windows\System32\Tasks\{22BA6859-BC9A-4CE1-88F4-7FF7B01E7CF5}
      2017-08-31 12:36 - 2017-08-31 13:07 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
      2017-08-31 12:36 - 2017-08-31 12:53 - 000000000 ____D C:\ProgramData\Windows
      2017-08-31 12:36 - 2017-08-31 12:36 - 000000000 ____D C:\Windows\system32\tmp
      2017-08-31 12:36 - 2017-08-31 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-08-31 12:36 - 2017-08-31 12:36 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-08-31 12:26 - 2017-08-31 19:31 - 000000000 ____D C:\Users\itvez\AppData\Local\Recovery Toolbox for DWG
      2017-08-31 12:26 - 2017-08-31 12:26 - 000001329 _____ C:\Users\itvez\Desktop\Recovery Toolbox for DWG.lnk
      2017-08-31 12:26 - 2017-08-31 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Toolbox for DWG
      2017-08-31 12:26 - 2017-08-31 12:26 - 000000000 ____D C:\Program Files (x86)\Recovery Toolbox for DWG
      2017-08-31 12:02 - 2017-08-31 12:06 - 000000000 ____D C:\Users\itvez\Desktop\BENANCIO

    8. #8
      Usuario Avatar de itvez
      Registrado
      sep 2017
      Ubicación
      Mexico
      Mensajes
      26

      Re: Eliminar www.liveadexchanger.com y no se que mas pueda tener...

      PARTE 2 FIRST.TXT

      2017-08-30 17:47 - 2017-08-30 17:56 - 000000000 ____D C:\Users\itvez\AppData\Local\DiskDrill
      2017-08-30 17:47 - 2017-08-30 17:47 - 000000000 ____D C:\Users\itvez\AppData\Local\CrashRpt
      2017-08-30 17:47 - 2017-08-30 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cleverfiles Disk Drill
      2017-08-30 17:47 - 2017-08-30 17:47 - 000000000 ____D C:\Program Files (x86)\CleverFiles
      2017-08-30 17:33 - 2017-08-30 17:34 - 017722181 _____ C:\Users\itvez\Downloads\EaseUS Data Recovery Wizard All Edition v11.5.0 + Keygen.rar
      2017-08-30 17:11 - 2017-08-30 17:14 - 000000000 ____D C:\Program Files (x86)\Wondershare
      2017-08-30 16:53 - 2017-09-01 08:35 - 000000000 ____D C:\Program Files\EaseUS
      2017-08-30 08:41 - 2017-08-30 08:41 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-08-30 08:41 - 2017-08-30 08:41 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-08-30 08:41 - 2017-08-30 08:41 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-08-30 08:41 - 2017-08-30 08:41 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-08-30 08:41 - 2017-08-30 08:41 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-08-30 08:41 - 2017-08-30 08:41 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-08-30 08:41 - 2017-08-30 08:41 - 000003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-08-30 08:41 - 2017-08-30 08:41 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-08-30 08:41 - 2017-08-17 23:36 - 001781696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
      2017-08-30 08:41 - 2017-08-17 23:36 - 001563584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
      2017-08-30 08:41 - 2017-08-17 23:36 - 000057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
      2017-08-29 18:45 - 2017-08-29 18:45 - 000000000 ____D C:\Users\itvez\AppData\Roaming\NVIDIA
      2017-08-29 18:36 - 2017-08-29 18:36 - 000000000 ____D C:\Program Files (x86)\VulkanRT
      2017-08-29 18:36 - 2017-08-21 18:10 - 006463424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
      2017-08-29 18:36 - 2017-08-21 18:10 - 002479224 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
      2017-08-29 18:36 - 2017-08-21 18:10 - 001762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
      2017-08-29 18:36 - 2017-08-21 18:10 - 000549312 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
      2017-08-29 18:36 - 2017-08-21 18:10 - 000392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
      2017-08-29 18:36 - 2017-08-21 18:10 - 000082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
      2017-08-29 18:36 - 2017-08-21 18:10 - 000069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
      2017-08-29 18:36 - 2017-08-19 02:10 - 008142301 _____ C:\Windows\system32\nvcoproc.bin
      2017-08-29 18:36 - 2017-06-15 14:32 - 000541984 _____ C:\Windows\system32\vulkan-1.dll
      2017-08-29 18:36 - 2017-06-15 14:32 - 000525088 _____ C:\Windows\SysWOW64\vulkan-1.dll
      2017-08-29 18:36 - 2017-06-15 14:32 - 000254240 _____ C:\Windows\system32\vulkaninfo.exe
      2017-08-29 18:36 - 2017-06-15 14:32 - 000233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
      2017-08-29 18:35 - 2017-08-21 20:01 - 000512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
      2017-08-29 18:35 - 2017-08-21 20:01 - 000418752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
      2017-08-29 18:35 - 2017-08-17 13:13 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
      2017-08-29 18:32 - 2017-08-21 20:01 - 040240248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 035924600 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 035314112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 029019072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 023132184 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 018849456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 013782904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 012225984 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 011692344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 010072768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 004210360 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 004162496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 003712024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 003590592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 001988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438541.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 001597888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438541.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 001068152 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 001004992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 000972736 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 000924280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 000690320 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 000578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
      2017-08-29 18:32 - 2017-08-21 20:01 - 000046453 _____ C:\Windows\system32\nvinfo.pb
      2017-08-29 18:32 - 2017-08-21 20:01 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
      2017-08-29 18:32 - 2017-08-21 20:01 - 000000669 _____ C:\Windows\system32\nv-vk64.json
      2017-08-25 11:12 - 2017-08-25 11:12 - 006803456 _____ C:\Windows\system32\config\DRIVERS.iobit
      2017-08-24 13:51 - 2017-08-28 13:52 - 000000000 ____D C:\Users\itvez\AppData\Roaming\Psiphon3
      2017-08-24 13:49 - 2017-08-24 13:49 - 000000000 ____D C:\Users\itvez\AppData\Local\MegaDownloader
      2017-08-24 13:49 - 2017-08-24 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader
      2017-08-24 13:49 - 2017-08-24 13:49 - 000000000 ____D C:\Program Files\MegaDownloader
      2017-08-23 10:37 - 2017-08-23 15:33 - 000000000 ____D C:\Users\itvez\AppData\Roaming\qBittorrent
      2017-08-23 10:37 - 2017-08-23 10:37 - 000000000 ____D C:\Users\itvez\AppData\Local\qBittorrent
      2017-08-23 10:37 - 2017-08-23 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
      2017-08-22 13:05 - 2017-08-22 13:05 - 000000019 _____ C:\Users\itvez\AppData\Local\llftool.license
      2017-08-22 13:05 - 2017-08-22 13:05 - 000000001 _____ C:\Users\itvez\AppData\Local\llftool.4.40.agreement
      2017-08-22 10:34 - 2017-09-04 11:29 - 000000000 ____D C:\ProgramData\TEMP
      2017-08-22 10:34 - 2017-08-22 10:34 - 000000000 ____D C:\Users\itvez\AppData\Local\Downloaded Installations
      2017-08-21 10:00 - 2006-07-11 18:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
      2017-08-21 10:00 - 2006-07-11 18:35 - 000348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
      2017-08-21 09:59 - 2006-07-11 18:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
      2017-08-21 09:59 - 2006-07-11 18:35 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
      2017-08-21 09:22 - 2017-08-25 11:05 - 000000000 ____D C:\Users\itvez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra Development Team
      2017-08-21 09:22 - 2017-08-21 09:22 - 000000000 ____D C:\Users\itvez\AppData\Local\SquirrelTemp
      2017-08-21 09:18 - 2017-08-21 09:20 - 000000000 ____D C:\Users\itvez\AppData\Roaming\Citra
      2017-08-21 07:45 - 2017-08-21 07:45 - 012334923 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
      2017-08-21 07:45 - 2017-08-21 07:45 - 005826560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
      2017-08-21 07:45 - 2017-08-21 07:45 - 004059960 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 003677160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
      2017-08-21 07:45 - 2017-08-21 07:45 - 003509256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 003507688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 003205120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 002210304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 002050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 001347136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000914016 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000768808 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000691680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000410032 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000330552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000221960 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000209528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000110976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000074600 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000069920 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll
      2017-08-21 07:45 - 2017-08-21 07:45 - 000023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
      2017-08-21 07:36 - 2017-08-21 07:36 - 000984032 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
      2017-08-18 13:32 - 2017-09-04 09:40 - 000000000 ____D C:\Users\itvez\AppData\LocalLow\Temp
      2017-08-11 12:41 - 2017-09-01 08:37 - 000000000 ____D C:\Program Files (x86)\Google
      2017-08-11 12:41 - 2017-09-01 08:36 - 000000000 ____D C:\Users\itvez\AppData\Local\Google
      2017-08-09 16:46 - 2017-08-09 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
      2017-08-09 16:41 - 2017-08-09 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2018 - English
      2017-08-09 16:39 - 2017-08-09 16:39 - 000000000 ____D C:\Users\itvez\Documents\Inventor Server SDK ACAD 2018
      2017-08-09 08:46 - 2017-07-31 10:15 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2017-08-09 08:46 - 2017-07-31 10:15 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2017-08-09 08:45 - 2017-07-31 21:39 - 008319392 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2017-08-09 08:45 - 2017-07-31 21:38 - 000406544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
      2017-08-09 08:45 - 2017-07-31 21:38 - 000382368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
      2017-08-09 08:45 - 2017-07-31 21:36 - 002165752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2017-08-09 08:45 - 2017-07-31 21:36 - 000750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
      2017-08-09 08:45 - 2017-07-31 21:36 - 000119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
      2017-08-09 08:45 - 2017-07-31 21:35 - 000280472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
      2017-08-09 08:45 - 2017-07-31 21:35 - 000133904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
      2017-08-09 08:45 - 2017-07-31 21:34 - 000610584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
      2017-08-09 08:45 - 2017-07-31 21:34 - 000359552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
      2017-08-09 08:45 - 2017-07-31 21:34 - 000349600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2017-08-09 08:45 - 2017-07-31 21:34 - 000168864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
      2017-08-09 08:45 - 2017-07-31 21:33 - 000473240 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
      2017-08-09 08:45 - 2017-07-31 21:32 - 002444704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
      2017-08-09 08:45 - 2017-07-31 21:32 - 000820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
      2017-08-09 08:45 - 2017-07-31 21:32 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
      2017-08-09 08:45 - 2017-07-31 21:31 - 005477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
      2017-08-09 08:45 - 2017-07-31 21:31 - 002645680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2017-08-09 08:45 - 2017-07-31 21:31 - 000212384 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
      2017-08-09 08:45 - 2017-07-31 21:31 - 000176024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
      2017-08-09 08:45 - 2017-07-31 21:30 - 000723680 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
      2017-08-09 08:45 - 2017-07-31 21:30 - 000411040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2017-08-09 08:45 - 2017-07-31 21:30 - 000410160 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
      2017-08-09 08:45 - 2017-07-31 21:30 - 000315288 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
      2017-08-09 08:45 - 2017-07-31 21:30 - 000182688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
      2017-08-09 08:45 - 2017-07-31 21:30 - 000143736 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
      2017-08-09 08:45 - 2017-07-31 21:30 - 000082336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
      2017-08-09 08:45 - 2017-07-31 21:26 - 000204192 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
      2017-08-09 08:45 - 2017-07-31 21:20 - 002956288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
      2017-08-09 08:45 - 2017-07-31 21:20 - 000404480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
      2017-08-09 08:45 - 2017-07-31 21:20 - 000154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
      2017-08-09 08:45 - 2017-07-31 21:18 - 013841408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
      2017-08-09 08:45 - 2017-07-31 21:18 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
      2017-08-09 08:45 - 2017-07-31 21:17 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tokenbinding.dll
      2017-08-09 08:45 - 2017-07-31 21:16 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
      2017-08-09 08:45 - 2017-07-31 21:14 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
      2017-08-09 08:45 - 2017-07-31 21:13 - 020504064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
      2017-08-09 08:45 - 2017-07-31 21:13 - 000364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
      2017-08-09 08:45 - 2017-07-31 21:13 - 000127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
      2017-08-09 08:45 - 2017-07-31 21:12 - 019336192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2017-08-09 08:45 - 2017-07-31 21:12 - 000229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
      2017-08-09 08:45 - 2017-07-31 21:10 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
      2017-08-09 08:45 - 2017-07-31 21:09 - 000394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
      2017-08-09 08:45 - 2017-07-31 21:08 - 000267264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
      2017-08-09 08:45 - 2017-07-31 21:07 - 011870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2017-08-09 08:45 - 2017-07-31 21:07 - 005961728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
      2017-08-09 08:45 - 2017-07-31 21:07 - 002671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
      2017-08-09 08:45 - 2017-07-31 21:06 - 000798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
      2017-08-09 08:45 - 2017-07-31 21:04 - 006269440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
      2017-08-09 08:45 - 2017-07-31 21:04 - 003656192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2017-08-09 08:45 - 2017-07-31 21:03 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2017-08-09 08:45 - 2017-07-31 20:57 - 023677952 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
      2017-08-09 08:45 - 2017-07-31 20:45 - 003670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
      2017-08-09 08:45 - 2017-07-31 20:45 - 001275392 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
      2017-08-09 08:45 - 2017-07-31 20:45 - 000462848 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
      2017-08-09 08:45 - 2017-07-31 20:45 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
      2017-08-09 08:45 - 2017-07-31 20:44 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
      2017-08-09 08:45 - 2017-07-31 20:44 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
      2017-08-09 08:45 - 2017-07-31 20:44 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
      2017-08-09 08:45 - 2017-07-31 20:42 - 002199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
      2017-08-09 08:45 - 2017-07-31 20:41 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
      2017-08-09 08:45 - 2017-07-31 20:41 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
      2017-08-09 08:45 - 2017-07-31 20:41 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\tokenbinding.dll
      2017-08-09 08:45 - 2017-07-31 20:40 - 017366528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
      2017-08-09 08:45 - 2017-07-31 20:40 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
      2017-08-09 08:45 - 2017-07-31 20:39 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
      2017-08-09 08:45 - 2017-07-31 20:38 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
      2017-08-09 08:45 - 2017-07-31 20:38 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\profsvcext.dll
      2017-08-09 08:45 - 2017-07-31 20:37 - 000582656 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
      2017-08-09 08:45 - 2017-07-31 20:37 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
      2017-08-09 08:45 - 2017-07-31 20:37 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
      2017-08-09 08:45 - 2017-07-31 20:36 - 023681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2017-08-09 08:45 - 2017-07-31 20:35 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2017-08-09 08:45 - 2017-07-31 20:34 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
      2017-08-09 08:45 - 2017-07-31 20:33 - 001269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
      2017-08-09 08:45 - 2017-07-31 20:33 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
      2017-08-09 08:45 - 2017-07-31 20:32 - 007336960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
      2017-08-09 08:45 - 2017-07-31 20:32 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
      2017-08-09 08:45 - 2017-07-31 20:31 - 012786176 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2017-08-09 08:45 - 2017-07-31 20:31 - 004445696 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
      2017-08-09 08:45 - 2017-07-31 20:31 - 001396736 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
      2017-08-09 08:45 - 2017-07-31 20:30 - 008209920 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
      2017-08-09 08:45 - 2017-07-31 20:30 - 003377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
      2017-08-09 08:45 - 2017-07-31 20:30 - 002055168 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
      2017-08-09 08:45 - 2017-07-31 20:30 - 001052160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
      2017-08-09 08:45 - 2017-07-31 20:30 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
      2017-08-09 08:45 - 2017-07-31 20:28 - 004730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2017-08-09 08:45 - 2017-07-31 20:28 - 002516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
      2017-08-09 08:45 - 2017-07-31 20:27 - 001802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2017-08-09 08:45 - 2017-07-31 20:27 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
      2017-08-09 08:45 - 2017-07-31 20:27 - 000482816 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
      2017-08-09 08:45 - 2017-07-31 20:26 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
      2017-08-09 08:45 - 2017-07-31 20:25 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
      2017-08-09 08:45 - 2017-07-31 20:25 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
      2017-08-09 08:45 - 2017-07-31 20:25 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
      2017-08-09 08:45 - 2017-07-31 17:45 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-09-04 15:11 - 2017-06-28 13:55 - 000000000 ___RD C:\Users\itvez\OneDrive
      2017-09-04 15:10 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\AppReadiness
      2017-09-04 15:09 - 2017-06-28 14:06 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-09-04 15:03 - 2017-06-28 13:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-09-04 15:03 - 2017-03-18 06:40 - 000786432 _____ C:\Windows\system32\config\BBI
      2017-09-04 15:02 - 2017-06-28 13:40 - 000000000 ____D C:\Users\itvez
      2017-09-04 14:54 - 2017-06-28 13:29 - 000000000 ____D C:\Windows\system32\SleepStudy
      2017-09-04 14:39 - 2017-06-28 14:28 - 000000000 ____D C:\Users\itvez\AppData\Local\CrashDumps
      2017-09-04 13:38 - 2017-07-03 13:12 - 000000000 ____D C:\Users\itvez\Documents\Archivos de Outlook
      2017-09-04 11:32 - 2017-06-28 16:11 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2017-09-04 10:27 - 2017-06-28 15:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
      2017-09-04 10:13 - 2017-06-28 13:41 - 000000000 ____D C:\Users\itvez\AppData\Local\Packages
      2017-09-04 09:23 - 2017-06-30 09:26 - 000000000 ____D C:\Users\itvez\AppData\LocalLow\IObit
      2017-09-04 09:23 - 2017-06-30 09:25 - 000000000 ____D C:\Users\itvez\AppData\Roaming\IObit
      2017-09-04 09:23 - 2017-06-30 09:24 - 000000000 ____D C:\ProgramData\IObit
      2017-09-04 09:01 - 2017-03-18 16:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2017-09-04 09:00 - 2017-03-18 16:01 - 000000000 ____D C:\Windows\INF
      2017-09-04 08:52 - 2017-03-18 16:03 - 000000000 ___HD C:\Program Files\WindowsApps
      2017-09-04 08:49 - 2017-06-28 15:35 - 000004218 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{06A02EAE-0830-4BBB-8749-6ED38848ECA2}
      2017-09-01 15:52 - 2017-07-14 07:24 - 119787520 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
      2017-09-01 15:52 - 2017-07-14 07:24 - 005144576 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
      2017-09-01 15:52 - 2017-07-14 07:24 - 000081920 _____ C:\Windows\system32\config\SAM.iodefrag.bak
      2017-09-01 15:52 - 2017-07-14 07:24 - 000032768 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
      2017-09-01 13:43 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\system32\NDF
      2017-09-01 08:56 - 2017-03-18 16:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy
      2017-09-01 08:56 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
      2017-09-01 07:49 - 2017-03-18 16:03 - 000000000 ___HD C:\Windows\ELAMBKUP
      2017-08-31 18:03 - 2017-06-28 15:31 - 000000000 ____D C:\ProgramData\KMSAutoS
      2017-08-31 12:52 - 2017-06-28 13:49 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2017-08-30 17:14 - 2017-07-06 08:43 - 000000000 ____D C:\ProgramData\Wondershare
      2017-08-30 17:14 - 2017-07-06 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
      2017-08-30 16:54 - 2017-03-18 16:03 - 000000117 _____ C:\Windows\win.ini
      2017-08-30 08:44 - 2017-06-28 13:41 - 002198418 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-08-30 08:44 - 2017-03-20 00:07 - 001003986 _____ C:\Windows\system32\perfh00A.dat
      2017-08-30 08:44 - 2017-03-20 00:07 - 000218658 _____ C:\Windows\system32\perfc00A.dat
      2017-08-30 08:41 - 2017-06-28 14:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
      2017-08-30 08:41 - 2017-06-28 13:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation
      2017-08-29 18:36 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\Help
      2017-08-25 09:26 - 2017-06-28 13:52 - 000000000 ____D C:\Users\itvez\AppData\Local\PackageStaging
      2017-08-22 08:26 - 2017-07-06 08:23 - 000000000 ____D C:\Users\itvez\Desktop\Nueva carpeta
      2017-08-21 07:46 - 2017-07-03 17:10 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
      2017-08-18 08:09 - 2017-06-28 16:13 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
      2017-08-17 23:37 - 2017-06-28 14:08 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
      2017-08-17 23:37 - 2017-06-28 14:08 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
      2017-08-17 23:36 - 2017-06-28 14:08 - 000918976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
      2017-08-17 23:36 - 2017-06-28 14:04 - 000179136 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
      2017-08-17 23:36 - 2017-06-28 14:04 - 000146368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
      2017-08-17 11:26 - 2017-06-28 14:07 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
      2017-08-15 18:26 - 2017-06-28 14:30 - 000000000 ____D C:\Program Files\Autodesk
      2017-08-14 18:18 - 2017-06-28 15:00 - 000000000 ____D C:\Users\itvez\AppData\Local\Autodesk,_Inc
      2017-08-11 08:59 - 2017-06-28 13:53 - 000000000 ____D C:\ProgramData\Package Cache
      2017-08-11 08:58 - 2017-06-28 14:40 - 000000000 ____D C:\Users\Public\Documents\Autodesk
      2017-08-11 08:58 - 2017-06-28 14:30 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
      2017-08-11 08:58 - 2017-06-28 14:22 - 000000000 ____D C:\Users\itvez\AppData\Roaming\Autodesk
      2017-08-11 08:58 - 2017-06-28 14:22 - 000000000 ____D C:\ProgramData\Autodesk
      2017-08-11 08:58 - 2017-03-18 16:03 - 000000000 ___SD C:\Windows\Downloaded Program Files
      2017-08-10 13:37 - 2017-03-18 16:03 - 000000000 ____D C:\Windows\rescache
      2017-08-09 16:48 - 2017-06-28 14:40 - 000000000 ____D C:\Program Files (x86)\Autodesk
      2017-08-09 16:48 - 2017-06-28 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
      2017-08-09 16:41 - 2017-06-28 14:40 - 000000000 ____D C:\Users\itvez\AppData\Local\Autodesk
      2017-08-09 08:52 - 2017-03-18 15:51 - 000000000 ____D C:\Windows\CbsTemp
      2017-08-09 08:50 - 2017-06-28 16:11 - 000000000 ____D C:\Windows\system32\MRT
      2017-08-08 13:38 - 2017-07-03 10:28 - 000000000 ____D C:\ProgramData\Foxit Software

      ==================== Files in the root of some directories =======

      2017-07-12 19:01 - 2017-07-13 09:35 - 000001456 _____ () C:\Users\itvez\AppData\Local\Adobe Guardar para Web 13.0 Prefs
      2017-08-22 13:05 - 2017-08-22 13:05 - 000000001 _____ () C:\Users\itvez\AppData\Local\llftool.4.40.agreement
      2017-08-22 13:05 - 2017-08-22 13:05 - 000000019 _____ () C:\Users\itvez\AppData\Local\llftool.license
      2017-06-28 15:34 - 2017-06-28 15:34 - 000000057 _____ () C:\ProgramData\Ament.ini

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-09-04 09:11

      ==================== End of FRST.txt ============================

    9. #9
      Usuario Avatar de itvez
      Registrado
      sep 2017
      Ubicación
      Mexico
      Mensajes
      26

      Re: Eliminar www.liveadexchanger.com y no se que mas pueda tener...

      ADDITION.TXT

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
      Ran by itvez (04-09-2017 15:12:57)
      Running from C:\Users\itvez\Desktop
      Windows 10 Pro Version 1703 (X64) (2017-06-28 18:36:51)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-1407347999-500537034-4068247404-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-1407347999-500537034-4068247404-503 - Limited - Disabled)
      Invitado (S-1-5-21-1407347999-500537034-4068247404-501 - Limited - Disabled)
      itvez (S-1-5-21-1407347999-500537034-4068247404-1001 - Administrator - Enabled) => C:\Users\itvez

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Kaspersky Free (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Kaspersky Free (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      4K Video Downloader 4.3 (HKLM-x32\...\{D0CA3944-0FD5-40FF-97A1-FEDFFB5EE31F}) (Version: 4.3.2.2215 - Open Media LLC)
      A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
      ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
      ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
      Actualización de NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
      Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
      Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
      Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
      Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
      Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
      Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk)
      Aplicaciones destacadas de Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
      Apple Application Support (32 bits) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
      Apple Application Support (64 bits) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
      Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
      Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
      AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
      AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.107.0 - Autodesk) Hidden
      AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1102-CF3F3A09B77D}) (Version: 22.0.107.0 - Autodesk) Hidden
      Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
      Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
      Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
      Autodesk AutoCAD 2018.1 (HKLM-x32\...\{b501e2dd-1001-0000-0102-2d66c6a91073}) (Version: 22.0.107.0 - Autodesk)
      Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
      Autodesk License Service (x64) - 5.1.5 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.5.0 - Autodesk)
      Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
      Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
      Autodesk ReCap (HKLM\...\{6ED27C84-0000-1033-0102-D4DAEFFC23C2}) (Version: 4.0.0.28 - Autodesk) Hidden
      Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk)
      Avast Browser Cleanup (HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\Avast Browser Cleanup) (Version: 12.1.2272.125 - AVAST Software)
      Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
      CCleaner (HKLM\...\CCleaner) (Version: 5.33 - Piriform)
      Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
      Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit)
      FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
      FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
      Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.1.21155 - Foxit Software Inc.)
      HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
      HP Officejet 7110 series Software básico del dispositivo (HKLM\...\{1E5C9671-F7FF-4B83-B91C-B42D8F4E16D8}) (Version: 29.1.971.39251 - Hewlett-Packard Co.)
      HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
      Importación de SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
      IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.2.0.934 - IObit)
      iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
      Kaspersky Free (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
      Kaspersky Free (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
      Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
      Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
      K-Lite Mega Codec Pack 13.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.3.0 - KLCP)
      Malwarebytes versión 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
      MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
      Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.8326.2096 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
      NVIDIA Controlador de gráficos 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
      NVIDIA GeForce Experience 3.9.1.61 BETA (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.1.61 - NVIDIA Corporation)
      NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
      Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
      Panel de control de NVIDIA 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.41 - NVIDIA Corporation) Hidden
      qBittorrent 3.3.15 (HKLM-x32\...\qBittorrent) (Version: 3.3.15 - The qBittorrent project)
      QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
      Recovery Toolbox for DWG 2.2 (HKLM-x32\...\Recovery Toolbox for DWG_is1) (Version: - Recovery Toolbox, Inc.)
      Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
      Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
      SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.28.5.4848 - Enigma Software Group, LLC)
      SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
      SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com)
      Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
      WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
      Wondershare Filmora(Build 8.0.0) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
      Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-1407347999-500537034-4068247404-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
      CustomCLSID: HKU\S-1-5-21-1407347999-500537034-4068247404-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
      CustomCLSID: HKU\S-1-5-21-1407347999-500537034-4068247404-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc.)
      CustomCLSID: HKU\S-1-5-21-1407347999-500537034-4068247404-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
      ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
      ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
      ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
      ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-02] (Autodesk, Inc.)
      ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
      ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-02] (Autodesk)
      ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => D:\Program Files\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2016-09-20] (IObit)
      ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => D:\Program FileS\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-06-29] (Foxit Software Inc.)
      ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => D:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
      ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2017-09-01] (AO Kaspersky Lab)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2017-09-01] (AO Kaspersky Lab)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
      ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => D:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
      ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2017-09-01] (AO Kaspersky Lab)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-08-21] (NVIDIA Corporation)
      ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
      ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => D:\Program FileS\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-06-29] (Foxit Software Inc.)
      ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => D:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
      ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2017-09-01] (AO Kaspersky Lab)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {33F553F2-F9BA-47B3-AFEE-D1FF9D3A0576} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-17] (NVIDIA Corporation)
      Task: {47FA2309-18D7-4667-82C9-4D30B7325968} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-17] (NVIDIA Corporation)
      Task: {4BE87D77-59F6-4273-AD1B-C42B8134C987} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-28] (Microsoft Corporation)
      Task: {50F5FB55-E7F0-49DA-A934-0F12A1C02329} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2017-09-04] (Enigma Software Group USA, LLC.)
      Task: {63F06811-F13A-42AC-ACBC-53DE337E50CD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-28] (Microsoft Corporation)
      Task: {7769CD34-DFB2-40EF-B577-F776B6650497} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-08-03] (Piriform Ltd)
      Task: {8662D3C5-51FC-462E-9965-C369DE558A29} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-04] ()
      Task: {8E62C9D8-7621-4365-8C20-0A5B0C61ECE1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
      Task: {978E6CC1-E003-4C81-9DD5-482B554A7D10} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-17] (NVIDIA Corporation)
      Task: {9ACCB265-EAFA-4B5E-8831-57E05F6F4208} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-17] (NVIDIA Corporation)
      Task: {9FB9001B-89CA-439C-B5E8-083A4CBB0D09} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-17] (NVIDIA Corporation)
      Task: {A7EED24F-50E3-45FE-9C47-8E79787F37F6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-04] ()
      Task: {AACA3277-0B81-4BAE-80FF-DBE064F96439} - System32\Tasks\avastBCLS-1-5-21-1407347999-500537034-4068247404-1001 => C:\Users\itvez\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2016-06-27] (AVAST Software)
      Task: {AFF0CC1F-2D7A-46D0-87E2-2FF9458BED27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-04] (Microsoft Corporation)
      Task: {B77A8CE4-63FC-4B35-B281-A11AE33AE358} - System32\Tasks\{22BA6859-BC9A-4CE1-88F4-7FF7B01E7CF5} => rundll32.exe "C:\Users\itvez\AppData\Local\Microsoft\TaskPlay\caches.dat",StaticCache
      Task: {B81B6480-AFE6-4E65-99EA-DF463A2FE284} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-17] (NVIDIA Corporation)
      Task: {C827DA8E-D23B-4923-A6E4-80091AF41030} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-04] (Microsoft Corporation)
      Task: {CB98F56C-3843-4AAF-B2EC-B7956F022770} - \KMSAutoNet -> No File <==== ATTENTION
      Task: {D4E3D3D5-A77D-4DB1-9425-7B63780E926D} - System32\Tasks\avast! BCU UpdateS-1-5-21-1407347999-500537034-4068247404-1001 => C:\Users\itvez\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software)
      Task: {D6C11EB3-A6EF-4837-B32C-811527C18B75} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
      Task: {ED86875B-9E5A-42E5-9B73-F42E097963EC} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-17] (NVIDIA Corporation)
      Task: {F13DC0C3-D9DA-4018-B410-B284B4B551A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-17] (NVIDIA Corporation)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
      Task: C:\Windows\Tasks\User_Feed_Synchronization-{06A02EAE-0830-4BBB-8749-6ED38848ECA2}.job => C:\Windows\system32\msfeedssync.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
      2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
      2017-06-28 14:07 - 2017-08-17 23:36 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-03-18 15:58 - 2017-03-18 15:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
      2017-05-26 03:18 - 2017-05-26 03:18 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
      2017-03-18 15:59 - 2017-03-20 00:08 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2017-08-23 07:32 - 2017-08-23 07:32 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      2017-08-23 07:32 - 2017-08-23 07:32 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
      2017-08-23 07:32 - 2017-08-23 07:32 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
      2017-08-23 07:32 - 2017-08-23 07:32 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
      2017-08-14 10:53 - 2017-08-14 10:53 - 000003072 _____ () C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.43.0.0_x86__sw1dyjdkns7gt\Flux\noshow.exe
      2017-06-28 14:48 - 2017-06-15 09:16 - 000061944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
      2017-06-28 14:48 - 2017-06-15 09:15 - 000110584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
      2017-06-28 14:07 - 2017-08-17 23:36 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [175]
      AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [252]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)

      IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
      IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
      IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
      IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
      IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
      IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
      IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
      IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
      IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
      IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
      IE restricted site: HKU\.DEFAULT\...\1001namen.com -> 1001 Namen
      IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
      IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
      IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
      IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
      IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
      IE restricted site: HKU\.DEFAULT\...\123fporn.info -> Dangers related to **** sites | **** related viruses
      IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
      IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> 123Movies Best Movies
      IE restricted site: HKU\.DEFAULT\...\123simsen.com -> WebMD - Better information. Better health.

      There are 7936 more sites.

      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\007guard.com -> install.007guard.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\008i.com -> 008i.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\008k.com -> www.008k.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\00hq.com -> www.00hq.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\010402.com -> 010402.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\0190-dialers.com -> 0190-dialers.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\01i.info -> 01i.info
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\0411dd.com -> 0411dd.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\0511zfhl.com -> 0511zfhl.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\05p.com -> 05p.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\0632qyw.com -> 0632qyw.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\0calories.net -> 0calories.net
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\0cj.net -> 0cj.net
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\0scan.com -> 0scan.com
      IE restricted site: HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\1-2005-search.com -> www.1-2005-search.com

      There are 12753 more sites.


      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2017-03-18 16:03 - 2017-09-04 12:39 - 000454591 ____N C:\Windows\system32\Drivers\etc\hosts

      127.0.0.1 platform.wondershare.com
      127.0.0.1 www.007guard.com
      127.0.0.1 007guard.com
      127.0.0.1 008i.com
      127.0.0.1 www.008k.com
      127.0.0.1 008k.com
      127.0.0.1 www.00hq.com
      127.0.0.1 00hq.com
      127.0.0.1 010402.com
      127.0.0.1 www.032439.com
      127.0.0.1 032439.com
      127.0.0.1 0scan.com
      127.0.0.1 0scan.com
      127.0.0.1 1000gratisproben.com
      127.0.0.1 www.1000gratisproben.com
      127.0.0.1 1001namen.com
      127.0.0.1 1001 Namen
      127.0.0.1 100888290cs.com
      127.0.0.1 My Blog – My WordPress Blog
      127.0.0.1 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
      127.0.0.1 100sexlinks.com
      127.0.0.1 10sek.com
      127.0.0.1 www.10sek.com
      127.0.0.1 www.1-2005-search.com
      127.0.0.1 1-2005-search.com
      127.0.0.1 123fporn.info
      127.0.0.1 Dangers related to **** sites | **** related viruses
      127.0.0.1 www.123haustiereundmehr.com
      127.0.0.1 123haustiereundmehr.com
      127.0.0.1 123moviedownload.com

      There are 15602 more lines.


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\itvez\Desktop\zach-savinar-130828.jpg
      DNS Servers: 192.168.1.254
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\Services: IObitUnSvr => 2
      HKLM\...\StartupApproved\Run: => "ShadowPlay"
      HKLM\...\StartupApproved\Run: => "RtHDVCpl"
      HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
      HKLM\...\StartupApproved\Run: => "iTunesHelper"
      HKLM\...\StartupApproved\Run32: => "HP Software Update"
      HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
      HKLM\...\StartupApproved\Run32: => "APSDaemon"
      HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
      HKLM\...\StartupApproved\Run32: => "SDTray"
      HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\StartupApproved\Run: => "Autodesk Sync"
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
      HKU\S-1-5-21-1407347999-500537034-4068247404-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{D863D346-FCD2-4172-ACC0-A33F73BD7969}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.62.510.0_x86__zpdnekdrzrea0\Spotify.exe
      FirewallRules: [{1B3E376C-5C9D-46F1-AEB4-6C4E899E2735}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.62.510.0_x86__zpdnekdrzrea0\Spotify.exe
      FirewallRules: [{B82E6382-3F4F-477F-8300-870FFCFFAA89}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.62.510.0_x86__zpdnekdrzrea0\Spotify.exe
      FirewallRules: [{6B3A7982-488C-4FA9-86EF-8F5C17F3C421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.62.510.0_x86__zpdnekdrzrea0\Spotify.exe
      FirewallRules: [{760B95B1-32F4-4F22-A14F-1CEAE9BA4652}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.62.510.0_x86__zpdnekdrzrea0\Spotify.exe
      FirewallRules: [{3D564A08-D580-4C1A-86C9-701EF7BCB878}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.62.510.0_x86__zpdnekdrzrea0\Spotify.exe
      FirewallRules: [{0FBFDB9D-76DA-4ED0-9ACA-81FFF8D28F93}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.62.510.0_x86__zpdnekdrzrea0\Spotify.exe
      FirewallRules: [{917F7B4F-CF17-4874-941E-7748313AF978}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.62.510.0_x86__zpdnekdrzrea0\Spotify.exe
      FirewallRules: [{AC2E3649-158B-4D14-809A-E737DDE3B914}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.62.510.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
      FirewallRules: [{82060150-2D97-470C-AB9D-A2124E4ACB4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.62.510.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
      FirewallRules: [TCP Query User{DC1EB1C0-56AF-4C29-AD2B-7354B615F699}C:\program files\megadownloader\megadownloader.exe] => (Allow) C:\program files\megadownloader\megadownloader.exe
      FirewallRules: [UDP Query User{6C3E8EF3-7BED-4B5C-B077-D49EC1D03D37}C:\program files\megadownloader\megadownloader.exe] => (Allow) C:\program files\megadownloader\megadownloader.exe
      FirewallRules: [{E2BEBBEB-3955-416D-ACB9-4A02997E1D95}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
      FirewallRules: [{D594186A-1C61-4647-A879-6D5993571065}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
      FirewallRules: [{99F46E94-E474-4EC6-A698-3FA7F28187CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
      FirewallRules: [{DBE5B26B-B1D9-4298-887D-FD83EC933DCC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
      FirewallRules: [{71645B5D-6417-4F33-9F55-5BC2354F3C19}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

      ==================== Restore Points =========================

      04-09-2017 13:22:47 JRT Pre-Junkware Removal

      ==================== Faulty Device Manager Devices =============

      Name:
      Description:
      Class Guid:
      Manufacturer:
      Service:
      Problem: : The drivers for this device are not installed. (Code 28)
      Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

      Name:
      Description:
      Class Guid:
      Manufacturer:
      Service:
      Problem: : The drivers for this device are not installed. (Code 28)
      Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

      Name:
      Description:
      Class Guid:
      Manufacturer:
      Service:
      Problem: : The drivers for this device are not installed. (Code 28)
      Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (09/04/2017 03:07:54 PM) (Source: SecurityCenter) (EventID: 16) (User: )
      Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.

      Error: (09/04/2017 02:39:57 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: MicrosoftEdgeCP.exe, versión: 11.0.15063.483, marca de tiempo: 0x595f2577
      Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
      Código de excepción: 0xc0000409
      Desplazamiento de errores: 0x0000000000000079
      Identificador del proceso con errores: 0x35d8
      Hora de inicio de la aplicación con errores: 0x01d325b532a1fc89
      Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      Ruta de acceso del módulo con errores: unknown
      Identificador del informe: 12db90d3-078a-4749-849c-ed1d58f1320d
      Nombre completo del paquete con errores: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
      Identificador de aplicación relativa del paquete con errores: BCHost

      Error: (09/04/2017 02:34:37 PM) (Source: SideBySide) (EventID: 35) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
      La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
      La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
      La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (09/04/2017 0232 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
      .


      Operación:
      Ejecutando operación asincrónica

      Contexto:
      Estado actual: DoSnapshotSet

      Error: (09/04/2017 01:52:38 PM) (Source: SideBySide) (EventID: 35) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
      La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
      La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
      La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (09/04/2017 01:23:40 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: MicrosoftEdge.exe, versión: 11.0.15063.447, marca de tiempo: 0x5948acf2
      Nombre del módulo con errores: CoreUIComponents.dll, versión: 10.0.15063.502, marca de tiempo: 0x7bbd6c5e
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x0000000000077bd2
      Identificador del proceso con errores: 0x1f98
      Hora de inicio de la aplicación con errores: 0x01d325a5e565f083
      Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\CoreUIComponents.dll
      Identificador del informe: 35c11bd4-f792-47c6-b684-b3c3de2bd129
      Nombre completo del paquete con errores: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
      Identificador de aplicación relativa del paquete con errores: MicrosoftEdge

      Error: (09/04/2017 12:48:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: EMMANUEL)
      Description: Se detuvo el paquete Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe+ContentProcess#{00031401-0004-0000-4fd9-020000000000} porque se tardó demasiado en suspender.

      Error: (09/04/2017 12:46:20 PM) (Source: SecurityCenter) (EventID: 16) (User: )
      Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.

      Error: (09/04/2017 12:43:32 PM) (Source: SideBySide) (EventID: 35) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
      La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
      La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
      La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (09/04/2017 12:43:30 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: SDUpdate.exe, versión: 2.4.40.94, marca de tiempo: 0x53ad3eee
      Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.15063.502, marca de tiempo: 0xc3955624
      Código de excepción: 0x0eedfade
      Desplazamiento de errores: 0x000eb802
      Identificador del proceso con errores: 0xf6c
      Hora de inicio de la aplicación con errores: 0x01d325a55218eb08
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
      Ruta de acceso del módulo con errores: C:\Windows\System32\KERNELBASE.dll
      Identificador del informe: 0400f57a-5777-4102-af51-f55857fb0098
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:


      System errors:
      =============
      Error: (09/04/2017 0304 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
      Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x800701c5: 9P732R30LBZM-NimbusWeb.GetThemAll-VideoDownlaoder.

      Error: (09/04/2017 03:04:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio ClickToRunSvc no pudo iniciarse debido al siguiente error:
      El servicio no respondió a tiempo a la solicitud de inicio o de control.

      Error: (09/04/2017 03:04:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio ClickToRunSvc.

      Error: (09/04/2017 03:04:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio SDScannerService no pudo iniciarse debido al siguiente error:
      El servicio no respondió a tiempo a la solicitud de inicio o de control.

      Error: (09/04/2017 03:04:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio SDScannerService.

      Error: (09/04/2017 03:04:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio cbVSCService11 no pudo iniciarse debido al siguiente error:
      El servicio no respondió a tiempo a la solicitud de inicio o de control.

      Error: (09/04/2017 03:04:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio cbVSCService11.

      Error: (09/04/2017 03:03:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio SDWSCService no pudo iniciarse debido al siguiente error:
      Un certificado requerido no se encuentra dentro del periodo de validez cuando se ha realizado la comprobación con el reloj de sistema actual o con la marca de tiempo en el archivo firmado.

      Error: (09/04/2017 03:03:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio CldFlt no pudo iniciarse debido al siguiente error:
      Solicitud no compatible.

      Error: (09/04/2017 01:45:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
      Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x800701c5: 9P732R30LBZM-NimbusWeb.GetThemAll-VideoDownlaoder.


      CodeIntegrity:
      ===================================
      Date: 2017-09-04 15:12:19.280
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-09-04 15:12:19.277
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-09-04 15:12:19.258
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-09-04 15:12:19.255
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-09-04 1555.613
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-09-04 1555.572
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-09-04 1555.550
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-09-04 1555.463
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-09-04 15:08:04.618
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2017-09-04 15:08:04.615
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
      Percentage of memory in use: 22%
      Total physical RAM: 8133.95 MB
      Available physical RAM: 6321.53 MB
      Total Virtual: 11589.95 MB
      Available Virtual: 9717.73 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:150.01 GB) (Free:77.25 GB) NTFS
      Drive d: () (Fixed) (Total:315.26 GB) (Free:158.23 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 61D363FC)
      Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=315.3 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    10. #10
      Usuario Avatar de itvez
      Registrado
      sep 2017
      Ubicación
      Mexico
      Mensajes
      26

      Re: Eliminar www.liveadexchanger.com y no se que mas pueda tener...

      parece que ya todo volvió a la normalidad, la clave del éxito fue Malwarebytes Anti-Rootkit, que encontró algunas cosillas que ya publique mas arriba, ya no salta las advertencias de malwarebytes, ya le pase malwarebytes y detecto algunas cosillas de igual forma pero las elimino como si nada, lo volví a pasar y ya no detecto nada, también pase adwcleaner y no detecto ya nada, ni super antispyware y ni el spybot S&D, creo que ya quedo resuelta la cosa, pero voy a seguir probando y en cuanto este 100% seguro lo comento, gracias...

    Página 1 de 4 1234 ÚltimoÚltimo