• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 20 de 20

    virus que ejecuta cosas en mi pc y no se que hacer mas

    Hola Pon los reportes de Malwarebytes, AdwCleaner y JRT para revisarlos. Un saludo...

    1. #11
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      23.998

      Re: virus que ejecuta cosas en mi pc y no se que hacer mas

      Hola

      Pon los reportes de Malwarebytes, AdwCleaner y JRT para revisarlos.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    2. #12
      Usuario Avatar de azair22
      Registrado
      abr 2008
      Ubicación
      España
      Mensajes
      11

      Re: virus que ejecuta cosas en mi pc y no se que hacer mas

      Vale, pues he vuelto a pasarle estos programas para pegarte aqui los reportes de ultima hora:

      Reporte de Malwarebytes:

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 30/10/17
      Hora del análisis: 9:48
      Archivo de registro: 164f77fa-bd4f-11e7-9ea2-000000000000.json
      Administrador: Sí

      -Información del software-
      Versión: 3.2.2.2029
      Versión de los componentes: 1.0.212
      Versión del paquete de actualización: 1.0.3126
      Licencia: Gratis

      -Información del sistema-
      SO: Windows 7 Service Pack 1
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: Asus-PC\Asus

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 388442
      Amenazas detectadas: 3
      Amenazas en cuarentena: 3
      Tiempo transcurrido: 14 min, 12 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 1
      PUP.Optional.Conduit, HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, [577], [236865],1.0.3126

      Valor del registro: 2
      PUP.Optional.Conduit, HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, En cuarentena, [577], [236865],1.0.3126
      PUP.Optional.Conduit, HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, [577], [236865],1.0.3126

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

      Reporte de JRT:

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 7 Home Premium x64
      Ran by Asus (Administrator) on 30/10/2017 at 10:43:56,75
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 8

      Successfully deleted: C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX07V0E0 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FYQ4OLNT (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RRXDRPUL (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T1RT5U35 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX07V0E0 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FYQ4OLNT (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RRXDRPUL (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T1RT5U35 (Temporary Internet Files Folder)



      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 30/10/2017 at 10:46:55,36
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



      Reporte de AdwCleaner:

      # AdwCleaner 7.0.4.0 - Logfile created on Mon Oct 30 09:53:13 2017
      # Updated on 2017/27/10 by Malwarebytes
      # Running on Windows 7 Home Premium (X64)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion


      ***** [ Files ] *****

      No malicious files deleted.

      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\PC
      Deleted: [Key] - HKCU\Software\PC
      Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Lavasoft\Web Companion
      Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
      Deleted: [Key] - HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Event Monitor
      Deleted: [Key] - HKCU\Software\Event Monitor
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
      Deleted: [Key] - HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
      Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
      Deleted: [Value] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
      Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
      Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\win
      Deleted: [Key] - HKCU\Software\win
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\FastDataX
      Deleted: [Key] - HKCU\Software\FastDataX
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
      Deleted: [Key] - HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Mail.Ru
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\AppDataLow\Software\Mail.Ru
      Deleted: [Key] - HKCU\Software\Mail.Ru
      Deleted: [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Microsoft\APreSam
      Deleted: [Key] - HKCU\Software\Microsoft\APreSam
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Microsoft\MPrForShutT
      Deleted: [Key] - HKCU\Software\Microsoft\MPrForShutT
      Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
      Deleted: [Key] - HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
      Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries deleted.

      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[C0].txt - [6661 B] - [2017/10/20 9:54:43]
      C:/AdwCleaner/AdwCleaner[S0].txt - [7763 B] - [2017/10/20 9:53:37]
      C:/AdwCleaner/AdwCleaner[S1].txt - [4421 B] - [2017/10/30 9:52:47]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########


    3. #13
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      23.998

      Re: virus que ejecuta cosas en mi pc y no se que hacer mas

      Hola

      En que situación está ahora mismo tu equipo, después de realizar todas las limpiezas.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #14
      Usuario Avatar de azair22
      Registrado
      abr 2008
      Ubicación
      España
      Mensajes
      11

      Re: virus que ejecuta cosas en mi pc y no se que hacer mas

      Mi pc sigue exactamente igual
      El antivirus hay que actualizarlo manualmente y las actualizaciones de windows no actualizan y cuando intento descargar algo me sigue diciendo que no es seguro y necesito darle permiso, ademas de esto cuando inicia windows veo que se abren un par de ventanas ms-dos y rapidamente se cierran, no me da tiempo a ver que puede ser.

      Si vuelvo a pasar estos últimos programas vuelve a encontrar lo mismo, es como si no limpiaran nada

    5. #15
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      23.998

      Re: virus que ejecuta cosas en mi pc y no se que hacer mas

      Hola

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #16
      Usuario Avatar de azair22
      Registrado
      abr 2008
      Ubicación
      España
      Mensajes
      11

      Re: virus que ejecuta cosas en mi pc y no se que hacer mas

      vale pues aqui va el resultado, a ver que ves, porque no entiendo ni pa:

      Frst.txt

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2017
      Ran by Asus (administrator) on ASUS-PC (02-11-2017 09:52:53)
      Running from C:\Users\Asus\Desktop
      Loaded Profiles: Asus (Available Profiles: Asus & Administrador)
      Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: IE)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
      (AMD) C:\Windows\System32\atiesrxx.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
      (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
      (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
      (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      (ASUS) C:\Program Files\P4G\BatteryLife.exe
      () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
      (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
      (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
      (ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
      (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
      (Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
      (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
      (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
      (ASUS) C:\Windows\AsScrPro.exe
      () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
      (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
      (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
      (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
      (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
      (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
      () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
      (Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
      (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
      (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      (asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
      (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
      HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
      HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
      HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
      HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
      HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-12] (Advanced Micro Devices, Inc.)
      HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
      HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
      HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
      HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
      HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\MountPoints2: E - E:\setup.exe
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\MountPoints2: {1d602a62-3c6e-11e7-a7a6-e4847fa601b2} - E:\setup.exe
      HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
      HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-05-14] (Microsoft Corporation)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-01-12]
      ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2015-05-10]
      ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      GroupPolicy\User: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: Hosts file not detected in the default directory
      Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
      Tcpip\..\Interfaces\{006AA4CA-E10A-4D0B-9064-4876E3481360}: [DhcpNameServer] 192.168.2.1
      Tcpip\..\Interfaces\{11C049B6-AD0A-498F-9671-EB06FDDB31F2}: [DhcpNameServer] 172.20.10.1
      Tcpip\..\Interfaces\{6F3056F0-F30D-403E-BC74-B6A326108BF7}: [DhcpNameServer] 80.58.61.250 80.58.61.254
      Tcpip\..\Interfaces\{D687EF1B-8593-4AE4-9404-5EA9ABFC51EE}: [DhcpNameServer] 80.58.61.250 80.58.61.254
      ManualProxies:

      Internet Explorer:
      ==================
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
      SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
      SearchScopes: HKU\S-1-5-21-2006136963-1127275496-1322106195-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D102117-A6AA2274B27&form=CONBDF&conlogo=CT3335819&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-2006136963-1127275496-1322106195-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D102117-A6AA2274B27&form=CONBDF&conlogo=CT3335819&q={searchTerms}
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-24] (Oracle Corporation)
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
      BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-01-12] (Google Inc.)
      BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-01-12] (Google Inc.)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-24] (Oracle Corporation)
      BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
      BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
      BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-01-12] (Google Inc.)
      BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2011-01-12] (Google Inc.)
      Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-01-12] (Google Inc.)
      Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-01-12] (Google Inc.)
      DPF: HKLM-x32 {3A226D85-574D-4272-B73C-DBCAECF709B3} hxxp://www.mizonadeconsumo.com/TNSClickrb.CAB

      FireFox:
      ========
      FF HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
      FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-24] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-24] (Oracle Corporation)
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)

      Chrome:
      =======
      CHR DefaultProfile: Default
      CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=HAJzbcnbl1BU,c851ec36-91de-43c2-8ae8-add82969c9fe,&vp=ch&prd=set_ch
      CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=HAJzbcnbl1BU,c851ec36-91de-43c2-8ae8-add82969c9fe,&vp=ch&prd=set_ch"
      CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default [2017-11-02]
      CHR Extension: (Google Cast) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-07-16]
      CHR Extension: (LadyCashback) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkgopncbadmfaeimfjobhilkpgnkkno [2017-09-29]
      CHR Extension: (ae) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndiecnlfaibiffoeijpjnblnmdlcpog [2017-10-19]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
      CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-01]
      CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
      R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
      R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
      R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
      R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
      R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1904456 2016-09-12] (Plex, Inc.)
      S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [615936 2010-06-14] (Nokia) [File not signed]
      R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2017-05-19] (Disc Soft Ltd)
      S3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2017-05-19] (Disc Soft Ltd)
      S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-05-09] (Sony Mobile Communications)
      R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
      R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
      R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
      R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
      R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
      S0 hitmanpro37duringboot; system32\drivers\hitmanpro37.sys [X]
      S3 RtlWlanu; system32\DRIVERS\rtwlanu.sys [X]
      S3 UCOREW64; \??\C:\Users\Asus\Downloads\sp46442\UCOREW64.SYS [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-02 09:52 - 2017-11-02 09:57 - 000016131 _____ C:\Users\Asus\Desktop\FRST.txt
      2017-11-02 09:52 - 2017-11-02 09:52 - 000000000 ____D C:\FRST
      2017-11-02 09:51 - 2017-11-02 09:51 - 002403328 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
      2017-11-01 19:31 - 2017-11-01 19:53 - 2636347415 _____ C:\Users\Asus\Downloads\La.guerra.del.planeta.de.los.simios.(www.elitetorrent2.me)(HDRIp)(Castellano).avi
      2017-11-01 19:31 - 2017-11-01 19:31 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\uTorrent
      2017-11-01 10:54 - 2017-11-01 10:54 - 000000000 ____D C:\Users\Asus\Downloads\Generador de codigos xbox live gold 2017
      2017-11-01 10:54 - 2017-11-01 10:54 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
      2017-11-01 10:54 - 2017-11-01 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
      2017-11-01 10:52 - 2017-11-01 10:52 - 000291544 _____ C:\Users\Asus\Downloads\Generador de codigos xbox live gold 2017.rar
      2017-10-30 15:57 - 2017-10-31 14:30 - 1649080322 _____ C:\Users\Asus\Downloads\Ll3gaNoch3(www.elitetorrent2.net)(Castellano)(HDRip).avi
      2017-10-30 15:45 - 2017-10-31 14:33 - 1691086849 _____ C:\Users\Asus\Downloads\Gru 3 (www.elitetorren2.net)(castellano)(Hdrip).avi
      2017-10-30 11:00 - 2017-10-30 11:00 - 000004094 _____ C:\Users\Asus\Desktop\AdwCleaner[C1]final.txt
      2017-10-30 10:53 - 2017-10-30 10:53 - 000004421 _____ C:\Users\Asus\Desktop\AdwCleaner[S1].txt
      2017-10-30 10:46 - 2017-10-30 10:46 - 000001861 _____ C:\Users\Asus\Desktop\JRT.txt
      2017-10-30 10:41 - 2017-10-30 10:42 - 001790024 _____ (Malwarebytes) C:\Users\Asus\Desktop\JRT.exe
      2017-10-30 09:42 - 2017-10-30 09:43 - 071535032 _____ (Malwarebytes ) C:\Users\Asus\Desktop\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951 (1).exe
      2017-10-30 09:38 - 2017-10-30 10:40 - 000002019 _____ C:\Users\Asus\Desktop\malwarebytes.txt
      2017-10-29 13:01 - 2017-10-31 14:36 - 000146432 ___SH C:\Users\Asus\Downloads\Thumbs.db
      2017-10-26 12:01 - 2017-10-26 12:01 - 000000000 ____D C:\Users\Asus\AppData\Local\ESET
      2017-10-26 11:56 - 2017-10-27 08:34 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
      2017-10-26 11:39 - 2017-11-01 15:59 - 000000000 ____D C:\Program Files\HitmanPro
      2017-10-26 11:37 - 2017-10-26 11:57 - 000000000 ____D C:\ProgramData\HitmanPro
      2017-10-24 14:33 - 2017-10-24 14:39 - 2527133696 _____ C:\Users\Asus\Documents\Windows10(ambos).iso
      2017-10-24 13:42 - 2017-10-24 13:42 - 000017169 _____ C:\Users\Asus\Downloads\Gru 3 Mi Villano Favorito HDRip Spanish [Zonatorrent org] avi ---[www.bt-scene.cc]--- .torrent
      2017-10-24 13:15 - 2017-10-24 13:15 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Oracle
      2017-10-24 12:35 - 2017-10-24 12:35 - 000000000 ___HD C:\$Windows.~WS
      2017-10-24 12:34 - 2017-10-24 12:35 - 018617536 _____ (Microsoft Corporation) C:\Users\Asus\Downloads\MediaCreationTool (1).exe
      2017-10-24 08:14 - 2017-10-24 11:16 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2017-10-24 08:13 - 2017-10-24 09:31 - 000000000 ____D C:\Users\Asus\Desktop\mbar
      2017-10-24 08:10 - 2017-10-24 08:11 - 016563352 _____ (Malwarebytes Corp.) C:\Users\Asus\Desktop\mbar-1.09.3.1001.exe
      2017-10-21 15:41 - 2017-10-21 17:17 - 2097977344 _____ C:\Users\Asus\Downloads\Expediente Warren (HDRip) [Ciclo Halloween] (EliteTorrent.net).avi
      2017-10-21 15:40 - 2017-10-30 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
      2017-10-21 15:39 - 2017-11-01 19:52 - 000000000 ____D C:\Users\Asus\AppData\Roaming\uTorrent
      2017-10-21 15:39 - 2017-10-21 15:39 - 000000853 _____ C:\Users\Asus\Desktop\µTorrent.lnk
      2017-10-21 15:39 - 2017-10-21 15:39 - 000000833 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
      2017-10-21 11:03 - 2017-10-21 11:03 - 018617536 _____ (Microsoft Corporation) C:\Users\Asus\Downloads\MediaCreationTool.exe
      2017-10-20 11:06 - 2017-11-01 15:59 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-10-20 10:51 - 2017-10-30 10:53 - 000000000 ____D C:\AdwCleaner
      2017-10-20 10:32 - 2017-10-20 10:37 - 000000000 ____D C:\FSTool
      2017-10-20 08:54 - 2017-10-20 12:30 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
      2017-10-20 08:23 - 2017-10-20 08:23 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Sun
      2017-10-20 08:23 - 2017-10-20 08:23 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\Sun
      2017-10-20 08:18 - 2017-10-20 08:18 - 000000000 ____D C:\Users\Administrador\Documents\ASUS WebStorage
      2017-10-20 08:18 - 2017-10-20 08:18 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Nero
      2017-10-20 08:18 - 2017-10-20 08:18 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Asus WebStorage
      2017-10-20 08:18 - 2017-10-20 08:18 - 000000000 ____D C:\Users\Administrador\AppData\Local\Wondershare
      2017-10-20 08:17 - 2017-10-20 08:19 - 000002255 _____ C:\Users\Administrador\Desktop\Google Chrome.lnk
      2017-10-20 08:17 - 2017-10-20 08:17 - 000117304 _____ C:\Users\Administrador\AppData\Local\GDIPFONTCACHEV1.DAT
      2017-10-20 08:17 - 2017-10-20 08:17 - 000001399 _____ C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000282 __RSH C:\Users\Administrador\ntuser.pol
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000020 ___SH C:\Users\Administrador\ntuser.ini
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Reciente
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Plantillas
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Mis documentos
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Menú Inicio
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Impresoras
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Entorno de red
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Documents\Mis vídeos
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Documents\Mis imágenes
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Documents\Mi música
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Datos de programa
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\Configuración local
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Historial
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Datos de programa
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Archivos temporales de Internet
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\ATI
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Adobe
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 ____D C:\Users\Administrador\AppData\Local\Power2Go
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 ____D C:\Users\Administrador\AppData\Local\Google
      2017-10-20 08:17 - 2017-10-20 08:17 - 000000000 ____D C:\Users\Administrador\AppData\Local\ATI
      2017-10-20 08:16 - 2017-10-20 08:17 - 000000000 ____D C:\Users\Administrador
      2017-10-20 08:16 - 2015-05-14 16:03 - 000000000 ____D C:\Users\Administrador\AppData\Local\Microsoft Help
      2017-10-20 08:16 - 2015-05-10 04:17 - 000000000 ____D C:\Users\Administrador\AppData\Local\SRS Labs
      2017-10-20 08:16 - 2011-01-12 16:49 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
      2017-10-20 08:16 - 2009-07-14 08:44 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Media Center Programs
      2017-10-20 08:06 - 2017-10-20 08:06 - 000117304 _____ C:\Users\Asus\AppData\Local\GDIPFONTCACHEV1.DAT
      2017-10-20 07:59 - 2017-10-20 12:04 - 000591436 _____ C:\Windows\ntbtlog.txt
      2017-10-20 07:59 - 2017-10-20 07:59 - 000432280 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-10-20 07:57 - 2017-10-20 07:57 - 000002946 _____ C:\Users\Asus\Documents\cc_20171020_085718.reg
      2017-10-20 07:56 - 2017-10-20 07:56 - 000024116 _____ C:\Users\Asus\Documents\cc_20171020_085652.reg
      2017-10-20 07:08 - 2017-10-20 07:08 - 000000000 ____D C:\Windows\pss
      2017-10-19 20:04 - 2017-10-19 20:04 - 000000000 ____D C:\SUPERDelete
      2017-10-19 19:57 - 2017-10-19 19:57 - 000000282 __RSH C:\Users\Asus\ntuser.pol
      2017-10-19 19:51 - 2017-10-24 09:39 - 000000000 ____D C:\Users\Asus\AppData\Local\syslog
      2017-10-19 19:49 - 2017-10-19 19:57 - 000000282 __RSH C:\ProgramData\ntuser.pol
      2017-10-19 19:48 - 2017-10-19 19:48 - 000140800 _____ C:\Users\Asus\AppData\Local\installer.dat
      2017-10-19 19:13 - 2017-10-27 10:32 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Jungler
      2017-10-19 10:11 - 2017-10-19 10:11 - 000051620 _____ C:\Windows\uninstaller.dat
      2017-10-18 19:40 - 2017-10-18 21:09 - 2178940928 _____ C:\Users\Asus\Downloads\wifislax64-1.1-final.iso
      2017-10-18 18:55 - 2017-10-18 19:09 - 000000000 ____D C:\Users\Asus\Desktop\auditorio albacete
      2017-10-15 19:08 - 2017-10-15 19:08 - 000000000 ____D C:\Users\Asus\AppData\Local\CEF
      2017-10-15 19:06 - 2017-10-19 20:08 - 000000000 ____D C:\Program Files (x86)\BlueStacks
      2017-10-15 19:05 - 2017-10-19 20:07 - 000000000 ____D C:\Users\Asus\AppData\Local\Bluestacks
      2017-10-15 18:56 - 2017-10-15 19:04 - 265186656 _____ (BlueStack Systems Inc.) C:\Users\Asus\Downloads\BlueStacks-Installer_BS3_native_56f04bd3a115b7835aa20ef657e67bad.exe
      2017-10-15 17:34 - 2017-10-15 17:34 - 000001158 _____ C:\Users\Asus\Documents\cc_20171015_183425.reg
      2017-10-15 15:08 - 2017-11-01 16:00 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
      2017-10-15 15:06 - 2017-10-15 15:11 - 071535032 _____ (Malwarebytes ) C:\Users\Asus\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951.exe
      2017-10-15 15:05 - 2017-10-15 15:07 - 030711896 _____ (SUPERAntiSpyware) C:\Users\Asus\Downloads\SUPERAntiSpyware.exe
      2017-10-15 11:59 - 2017-10-15 11:59 - 000008380 _____ C:\Users\Asus\Documents\cc_20171015_125921.reg
      2017-10-15 09:08 - 2017-10-15 09:08 - 000000000 ____D C:\Users\Asus\Desktop\aparato abel
      2017-10-13 21:57 - 2017-10-13 21:57 - 000014204 _____ C:\Users\Asus\Documents\cc_20171013_225724.reg
      2017-10-13 21:57 - 2017-10-13 21:57 - 000000360 _____ C:\Users\Asus\Documents\cc_20171013_225740.reg
      2017-10-13 10:47 - 2017-10-13 10:48 - 000000000 ____D C:\Users\Asus\Desktop\aparato satelite fonestar
      2017-10-10 14:28 - 2017-10-10 14:43 - 084457591 _____ C:\Users\Asus\Downloads\English instructions.zip
      2017-10-10 13:58 - 2017-10-10 13:58 - 000000000 ____D C:\Windows\SysWOW64\SYSM-Monitor
      2017-10-10 13:57 - 2017-10-10 13:57 - 000000000 ____D C:\Users\Asus\Downloads\SYSM Monitor-NEW
      2017-10-10 13:32 - 2017-10-10 13:34 - 019873960 _____ C:\Users\Asus\Downloads\SYSM Monitor-NEW.zip
      2017-10-09 17:59 - 2017-10-09 17:59 - 000000000 ____D C:\Users\Asus\Downloads\RDS-581WHD_20130221_sw_upgrade
      2017-10-09 17:46 - 2017-10-09 17:47 - 029665817 _____ C:\Users\Asus\Downloads\RDS-581WHD_20130221_sw_upgrade.zip
      2017-10-09 17:39 - 2017-10-09 17:39 - 000000000 ____D C:\Users\Asus\Downloads\Softkey_SW106_RDS-580HD_RDS-581WHD
      2017-10-09 17:39 - 2017-10-09 17:39 - 000000000 ____D C:\Users\Asus\Downloads\Emu_SW106_Sha_RDS-581WHD_Fonestar_www.fonesteros.com
      2017-10-09 17:39 - 2017-10-09 17:39 - 000000000 ____D C:\Users\Asus\Downloads\Emu Base v150_Sha AU RDS-580HD-RDS-581WHD_Fonestar_www.fonesteros.com
      2017-10-09 17:36 - 2017-10-09 17:36 - 000004759 _____ C:\Users\Asus\Downloads\Softkey_SW106_RDS-580HD_RDS-581WHD.rar
      2017-10-09 17:34 - 2017-10-09 17:35 - 027990075 _____ C:\Users\Asus\Downloads\Emu Base v150_Sha AU RDS-580HD-RDS-581WHD_Fonestar_www.fonesteros.com.zip
      2017-10-09 17:32 - 2017-10-09 17:33 - 030256047 _____ C:\Users\Asus\Downloads\Emu_SW106_Sha_RDS-581WHD_Fonestar_www.fonesteros.com.zip
      2017-10-09 17:23 - 2017-10-09 17:37 - 000000000 ____D C:\Users\Asus\Downloads\Fonespatch_A04_580-581_Fonestar_www.fonesteros.com
      2017-10-09 16:55 - 2017-10-09 16:56 - 000000000 ____D C:\Users\Asus\Desktop\disco extraible amarillo 091017
      2017-10-09 16:51 - 2017-10-09 16:51 - 001348847 _____ C:\Users\Asus\Downloads\Guia Fonestar 581 V 1.1.pdf
      2017-10-09 16:49 - 2017-10-09 16:49 - 000316031 _____ C:\Users\Asus\Downloads\Fonespatch_A04_580-581_Fonestar_www.fonesteros.com.zip
      2017-10-09 13:29 - 2017-10-09 13:22 - 013857695 _____ C:\Users\Asus\Desktop\20.29.07_A.mkv
      2017-10-09 13:03 - 2017-10-09 13:03 - 000000000 ____D C:\Users\Asus\AppData\Local\bunkus.org
      2017-10-09 12:54 - 2017-10-11 17:57 - 000000000 ____D C:\Users\Asus\AppData\Roaming\vlc
      2017-10-09 12:54 - 2017-10-09 12:54 - 000001072 _____ C:\Users\Public\Desktop\VLC media player.lnk
      2017-10-09 12:54 - 2017-10-09 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-02 09:54 - 2015-06-28 13:18 - 000000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
      2017-11-02 09:04 - 2009-07-14 05:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-11-02 09:04 - 2009-07-14 05:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-11-02 08:55 - 2009-08-04 10:57 - 000759156 _____ C:\Windows\system32\perfh00A.dat
      2017-11-02 08:55 - 2009-08-04 10:57 - 000162936 _____ C:\Windows\system32\perfc00A.dat
      2017-11-02 08:55 - 2009-07-14 06:13 - 001708066 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-11-02 08:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
      2017-11-02 08:48 - 2015-05-10 04:20 - 000000000 ____D C:\Program Files\P4G
      2017-11-02 08:48 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-11-01 19:08 - 2016-10-04 13:53 - 000000000 ____D C:\Users\Asus\AppData\Roaming\Audacity
      2017-11-01 17:39 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
      2017-11-01 10:54 - 2015-06-19 18:25 - 000000000 ____D C:\Program Files\WinRAR
      2017-10-29 12:50 - 2017-04-14 10:31 - 000574927 _____ C:\Users\Asus\Documents\starburn.txt
      2017-10-27 11:23 - 2017-04-14 10:25 - 000000000 ____D C:\Users\Asus\PROGRAMA FIMONA FULL
      2017-10-27 11:01 - 2016-09-11 11:47 - 000000000 ____D C:\Users\Asus\Documents\total video converter
      2017-10-27 10:58 - 2015-08-30 15:17 - 000000000 ____D C:\Users\Asus\Documents\MAGIX_Speed2_burnR_mxcdr
      2017-10-27 08:34 - 2017-06-19 14:28 - 000000000 ____D C:\Users\Asus\Downloads\ACTION KAFTAGAME
      2017-10-26 19:46 - 2015-05-10 04:21 - 000001415 _____ C:\Windows\system32\ServiceFilter.ini
      2017-10-24 16:00 - 2016-11-28 17:48 - 000000000 ____D C:\ESD
      2017-10-24 13:24 - 2017-08-18 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2017-10-24 13:24 - 2017-08-18 15:36 - 000000000 ____D C:\ProgramData\Oracle
      2017-10-24 13:24 - 2017-08-18 15:35 - 000000000 ____D C:\Program Files\Java
      2017-10-24 13:22 - 2017-08-18 15:37 - 000110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
      2017-10-24 12:35 - 2009-07-29 07:03 - 000000000 ____D C:\Windows\Panther
      2017-10-23 17:29 - 2016-07-30 22:19 - 000000000 ____D C:\Users\Asus\Documents\boda
      2017-10-21 22:58 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\MB Free Gear
      2017-10-20 10:54 - 2015-05-09 04:49 - 000001231 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      2017-10-20 10:54 - 2011-01-12 16:50 - 000002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-10-20 09:38 - 2009-07-14 06:08 - 000032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2017-10-20 09:20 - 2015-05-10 04:21 - 000002446 _____ C:\Windows\system32\AutoRunFilter.ini
      2017-10-20 08:17 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
      2017-10-20 07:55 - 2015-06-28 13:45 - 000000981 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-10-19 19:57 - 2015-05-09 04:48 - 000000000 ____D C:\Users\Asus
      2017-10-19 19:49 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
      2017-10-19 19:43 - 2015-05-12 11:11 - 000000000 ____D C:\Program Files\Microsoft Office
      2017-10-15 17:33 - 2017-01-16 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PL-2303 USB-Serial Driver
      2017-10-15 17:33 - 2017-01-10 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Melody Assistant
      2017-10-15 17:33 - 2011-01-12 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
      2017-10-14 13:29 - 2015-07-30 18:39 - 000000000 ____D C:\Windows\SysWOW64\ShellExt
      2017-10-14 13:29 - 2015-07-30 18:39 - 000000000 ____D C:\Windows\system32\ShellExt
      2017-10-13 22:06 - 2017-06-25 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hacker de Cuenta v2.7.8
      2017-10-13 19:58 - 2017-02-13 16:51 - 000000000 ____D C:\Users\Asus\Documents\MAGIX_Samplitude_Music_Studio_16_Version_para_descargar
      2017-10-11 19:10 - 2016-09-04 14:21 - 000000000 ____D C:\Users\Asus\Documents\NeroVision
      2017-10-09 12:53 - 2016-02-13 21:18 - 000000000 ____D C:\Program Files (x86)\VideoLAN
      2017-10-09 10:48 - 2016-01-19 12:27 - 000000000 ____D C:\Users\Asus\Downloads\fotos xperia 2
      2017-10-09 10:48 - 2016-01-19 12:25 - 000000000 ____D C:\Users\Asus\Downloads\fotos xperia 1

      ==================== Files in the root of some directories =======

      2017-10-19 19:48 - 2017-10-19 19:48 - 000140800 _____ () C:\Users\Asus\AppData\Local\installer.dat
      2017-04-07 09:45 - 2017-04-07 09:45 - 000000001 _____ () C:\Users\Asus\AppData\Local\llftool.4.40.agreement
      2011-01-12 17:02 - 2010-07-07 01:10 - 000131472 _____ () C:\ProgramData\FullRemove.exe
      2011-01-12 16:48 - 2011-01-12 16:49 - 000000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
      2011-01-12 16:48 - 2011-01-12 16:48 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

      Some files in TEMP:
      ====================
      2017-11-01 15:59 - 2017-10-26 11:36 - 011584088 _____ (SurfRight B.V.) C:\Users\Asus\AppData\Local\Temp\HitmanPro.exe
      2017-10-24 13:15 - 2017-10-24 13:15 - 001856576 _____ (Oracle Corporation) C:\Users\Asus\AppData\Local\Temp\jre-8u151-windows-au.exe

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2016-02-01 15:42

      ==================== End of FRST.txt ============================


      No me cabe, lo pongo en el siguiente...

    7. #17
      Usuario Avatar de azair22
      Registrado
      abr 2008
      Ubicación
      España
      Mensajes
      11

      Re: virus que ejecuta cosas en mi pc y no se que hacer mas

      Addition.txt

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2017
      Ran by Asus (02-11-2017 09:58:42)
      Running from C:\Users\Asus\Desktop
      Windows 7 Home Premium Service Pack 1 (X64) (2015-05-09 03:48:34)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-2006136963-1127275496-1322106195-500 - Administrator - Disabled) => C:\Users\Administrador
      Asus (S-1-5-21-2006136963-1127275496-1322106195-1000 - Administrator - Enabled) => C:\Users\Asus
      HomeGroupUser$ (S-1-5-21-2006136963-1127275496-1322106195-1002 - Limited - Enabled)
      Invitado (S-1-5-21-2006136963-1127275496-1322106195-501 - Limited - Disabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
      AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
      AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      µTorrent (HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
      7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov)
      Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
      Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
      Apple Application Support (32 bits) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
      Apple Application Support (64 bits) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
      Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
      Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
      ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
      ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
      ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
      ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
      ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
      ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)
      ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.40 - ASUS)
      ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
      ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
      ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
      ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
      AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.3.585 - ASUSTEK)
      ATI AVIVO64 Codecs (HKLM\...\{2E414A76-E6A7-3504-4235-29EAB3FE1F7A}) (Version: 11.6.0.50811 - ATI Technologies Inc.) Hidden
      ATI Catalyst Install Manager (HKLM\...\{FDB61EAE-7C1D-7EB6-E1EE-14528E3EB266}) (Version: 3.0.790.0 - ATI Technologies, Inc.)
      ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0006 - ASUS)
      aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
      Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
      Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
      Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
      Care Suite PST 5 (HKLM-x32\...\{9FE618D3-969D-4E60-9FF6-3C4D1518F576}) (Version: 5.5.132.1446 - Nokia)
      CCcamInfoPHP v0.8.6 (DT6) (HKLM-x32\...\{BFB382CC-0A92-4A40-B6D1-4E72E0E6D2D1}) (Version: 6.0.0 - Zegato/DragTeam)
      ccc-core-static (HKLM-x32\...\{DAB623DC-33F2-E22E-7B24-2270E8AB1EB3}) (Version: 2010.0811.2122.36462 - ATI) Hidden
      CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
      Complément Messenger (HKLM-x32\...\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Complemento Messenger (HKLM-x32\...\{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.127.0.63 - Conexant)
      Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
      ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.8 - ASUS)
      Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
      CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
      CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
      D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      Emergency Download Driver (HKLM-x32\...\{05DBF996-83D0-4C40-8D3A-A6850800BC88}) (Version: 1.1.7.1439 - Nokia)
      ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
      Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.8 - ASUS)
      FFmpeg (Windows) for Audacity versión 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
      Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.18.5 - Androxyde)
      Fuse Drivers x64 (HKLM-x32\...\{06904B2B-5000-4C58-9471-256BA1A303BE}) (Version: 11.34.1 - Nokia)
      Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
      Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
      Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
      Governor of Poker (HKLM-x32\...\Governor of Poker) (Version: - Oberon Media Inc.)
      Harmony Assistant (HKLM-x32\...\Harmony Assistant) (Version: - )
      High-Definition Video Playback 10 (HKLM-x32\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.0.11400.29.0 - Nero AG) Hidden
      Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
      iTunes (HKLM\...\{8251BA2E-05A9-441D-BC6D-B3A3B3E133F4}) (Version: 12.7.0.166 - Apple Inc.)
      Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
      JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
      JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
      Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version: - )
      MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR ES) (Version: 6.0.1.2 - MAGIX AG)
      Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version: - Oberon Media Inc.)
      MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
      Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
      Messenger Companion (HKLM-x32\...\{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Messenger Companion (HKLM-x32\...\{8142D25E-028A-4563-86ED-5755783C8029}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Messenger Companion (HKLM-x32\...\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Messenger Companion (HKLM-x32\...\{96403552-88D1-429F-9C92-388B814B885E}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Messenger Companion (HKLM-x32\...\{C7DAD22D-29D4-438F-B986-03B9ED582EA4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Messenger 分享元件 (HKLM-x32\...\{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01055 - Microsoft Corporation)
      Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
      Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
      Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROPLUS_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
      Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
      Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROPLUS_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
      Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROPLUS_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
      Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
      Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROPLUS_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
      Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
      Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
      MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
      MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
      Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
      Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
      Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
      Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
      Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
      Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
      Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
      Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
      Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
      Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
      Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
      Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
      Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
      Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
      Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
      Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
      Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
      PC Connectivity Solution (HKLM-x32\...\{9590C850-8A55-43DB-A413-DFF6E5636570}) (Version: 10.30.0.0 - Nokia)
      Photoshop Cs6 versión Final (HKLM-x32\...\{5CF1F901-ED27-4C34-A9CE-A10E8C1DDDB2}_is1) (Version: Final - Braian Urzagaste)
      PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
      Plex Media Server (HKLM-x32\...\{33d48e3a-c66d-45f3-a607-9a77a93164d0}) (Version: 1.1.4.2757 - Plex, Inc.)
      Plex Media Server (HKLM-x32\...\{8321A46B-5A07-4EE9-863B-BE9AA419992E}) (Version: 1.1.2757 - Plex, Inc.) Hidden
      QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
      Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Samplitude Music Studio 16 Versión para descargar (HKLM-x32\...\{E2D95DB3-DC6F-4589-B9C1-0D9766FA796C}) (Version: 16.0.0.2 - MAGIX AG) Hidden
      Samplitude Music Studio 16 Versión para descargar (HKLM-x32\...\ms16dlx_DLV) (Version: 16.0.0.2 - MAGIX AG)
      Stopping Plex (HKLM-x32\...\{C546E749-439C-469F-ADB0-8AECD2614DF1}) (Version: 1.1.2757 - Plex, Inc.) Hidden
      syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
      Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
      Type Label Fonts (HKLM-x32\...\{799BF338-BC01-4F7A-BC79-A67B75E772CB}) (Version: 1.1.0.1 - Microsoft)
      UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
      Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
      USB Serial Port Driver (x64) (HKLM-x32\...\{53012BD2-D1A3-4530-9AE2-B0C503B5C1C2}) (Version: 2013.30.0.313 - Nokia)
      USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.54000.207 - Sonix)
      VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
      Windows Driver Package - OPTO ELECTRONICS CO.,LTD (optousb) Ports (06/02/2008 2.0.5.5) (HKLM\...\245A139F08D3D69654D8822673D0B5EBFB63EF38) (Version: 06/02/2008 2.0.5.5 - OPTO ELECTRONICS CO.,LTD)
      Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
      Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
      WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
      WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
      WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia)
      WinUSB Compatible ID Drivers (HKLM-x32\...\{316ED84C-ACDA-4F1F-8E64-52B7AFF8677D}) (Version: 1.1.9.1439 - Nokia)
      WinUSB Drivers ext (HKLM-x32\...\{238EAE31-4E9E-43CF-B244-C4879279E6AF}) (Version: 1.1.12.1439 - Nokia)
      Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.17 - ASUS)
      Wondershare Filmora(Build 7.8.0) (HKLM-x32\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
      Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
      World of Goo (HKLM-x32\...\World of Goo) (Version: - Oberon Media Inc.)
      Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      מסייע Messenger (HKLM-x32\...\{AB5977C5-11AE-4003-BA7D-261C48F2BC35}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
      適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] ()
      ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] ()
      ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.)
      ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.)
      ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] ()
      ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] ()
      ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov)
      ContextMenuHandlers1: [ADSMEnDecExt] -> {8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmendecExt.dll [2009-09-29] (ASUSTek Computer Inc.)
      ContextMenuHandlers1: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
      ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-08-30] (Microsoft Corporation)
      ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => C:\Program Files (x86)\Total Video Converter\TVCShellExtx64.dll [2010-07-29] ()
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-08-30] (Microsoft Corporation)
      ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.)
      ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
      ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov)
      ContextMenuHandlers4: [ADSMEnDecExt] -> {8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmendecExt.dll [2009-09-29] (ASUSTek Computer Inc.)
      ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-08-30] (Microsoft Corporation)
      ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.)
      ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-08-12] (Advanced Micro Devices, Inc.)
      ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-09-17] (Igor Pavlov)
      ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2014-01-02] (EZB Systems, Inc.)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {0F870506-5A9E-42D7-AC31-750C8F849A0E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
      Task: {0F8C2B43-0EDB-456F-9A22-8E9C55A102EC} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-08-12] (ASUS)
      Task: {10B90479-40F3-464C-9F8B-B96311A9BD79} - System32\Tasks\{DF6C7A04-C27F-4B25-A34A-B89E3CF2772D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\MAGIX\Samplitude_Music_Studio_16_Version_para_descargar\ms16dlx_DLV_es-ES_setup.exe"
      Task: {239A3855-8C44-4EFB-946C-E7F9C2511CBB} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
      Task: {25383B5B-BEDB-4F5D-9C0D-FE6658E6401E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
      Task: {25383B5B-BEDB-4F5D-9C0D-FE6658E6401E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
      Task: {4F3D6353-686E-4645-AC6D-B7F3E4DC9AF7} - System32\Tasks\{D23CDEEB-5CF2-4EC8-B651-241D3EEFB3FA} => C:\Windows\system32\pcalua.exe -a "D:\Windows\PL2303HXA\SETUP\wd_pl2303h-hx-x_v20019v2021\PL-2303 Driver Installer.exe" -d D:\Windows\PL2303HXA\SETUP\wd_pl2303h-hx-x_v20019v2021
      Task: {5121A1C8-A7FE-4F69-85DA-6583C03601F4} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-06-09] (asus)
      Task: {57D695F2-2F47-4387-8C11-6BFA52C6EE6F} - System32\Tasks\{4AE7FA9B-8A6C-4C06-948C-C05600CC56BA} => C:\Windows\system32\pcalua.exe -a "C:\Users\Asus\Downloads\Cool Edit Pro 2.1 - Richar262\Cool Edit Pro 2.1 - Richar262\Crack\cep2reg.exe" -d "C:\Users\Asus\Downloads\Cool Edit Pro 2.1 - Richar262\Cool Edit Pro 2.1 - Richar262\Crack"
      Task: {6454799E-A467-4F70-881E-4C5B66B78103} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-09] (Google Inc.)
      Task: {65E71A51-3755-43DA-8E24-4796665A602A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16] (Adobe Systems Incorporated)
      Task: {6A6DFA87-7B66-4957-8453-CB8220D5532B} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
      Task: {6A6DFA87-7B66-4957-8453-CB8220D5532B} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
      Task: {797554B4-F3D0-456D-8ECD-18379EA5772F} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
      Task: {797554B4-F3D0-456D-8ECD-18379EA5772F} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
      Task: {7B1742AC-F17D-4805-8BD5-2784C34715C2} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
      Task: {8BD6985F-A41E-4767-B091-71C3379CDB0C} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
      Task: {8BD6985F-A41E-4767-B091-71C3379CDB0C} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
      Task: {8BD6985F-A41E-4767-B091-71C3379CDB0C} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
      Task: {96769DF2-BDB5-4291-8236-4D653BDCF248} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
      Task: {C12012C5-397F-4104-98C2-396321DCF603} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-09] (Google Inc.)
      Task: {D8BF6889-40D3-4D3A-89CE-C1903999E007} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
      Task: {E269A2EB-1F96-42C9-9366-CBD5BFB21FDE} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
      Task: {E5222446-3273-4D21-9F2E-831FA495A3AF} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
      Task: {F9AE4C81-0C51-4298-B00C-2CC1A5D6DF74} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ShortcutWithArgument: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

      ==================== Loaded Modules (Whitelisted) ==============

      2017-06-07 21:09 - 2017-06-07 21:09 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
      2007-06-15 18:28 - 2007-06-15 18:28 - 000104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
      2007-06-02 00:52 - 2007-06-02 00:52 - 000159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
      2010-03-16 02:48 - 2010-03-16 02:48 - 000148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
      2011-01-12 17:01 - 2011-01-12 17:01 - 000030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
      2011-01-12 17:01 - 2011-01-12 17:01 - 000931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
      2016-10-12 11:52 - 2010-07-29 17:19 - 000293888 _____ () C:\Program Files (x86)\Total Video Converter\TVCShellExtx64.dll
      2017-09-01 01:49 - 2017-09-01 01:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
      2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
      2010-07-15 00:11 - 2010-07-15 00:11 - 000031360 _____ () C:\Program Files\P4G\DevMng.dll
      2015-05-10 04:21 - 2007-11-30 19:20 - 000051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
      2008-10-01 07:02 - 2008-10-01 07:08 - 000011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
      2010-03-16 02:48 - 2010-03-16 02:48 - 001754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
      2010-07-02 21:36 - 2010-07-02 21:36 - 001597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
      2016-09-12 14:45 - 2016-09-12 14:45 - 000091464 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
      2016-09-12 14:45 - 2016-09-12 14:45 - 000211272 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
      2009-11-02 23:20 - 2009-11-02 23:20 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
      2009-11-02 23:23 - 2009-11-02 23:23 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
      2017-04-19 18:25 - 2016-10-08 15:48 - 001506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
      2017-04-19 18:25 - 2016-07-21 09:54 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
      2010-02-23 23:14 - 2010-02-23 23:14 - 000041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
      2010-02-23 23:14 - 2010-02-23 23:14 - 000071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
      2010-02-23 23:11 - 2010-02-23 23:11 - 000076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
      2010-02-23 23:12 - 2010-02-23 23:12 - 000186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
      2010-02-23 23:14 - 2010-02-23 23:14 - 000050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData\Temp:B755D674 [270]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)

      IE trusted site: HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\localhost -> localhost

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 80.58.61.250 - 80.58.61.254
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\startupfolder: C:^Users^Asus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Jungler.lnk => C:\Windows\pss\Jungler.lnk.Startup
      MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
      MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
      MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{465423EC-0915-46CA-BA76-A9FC64226E5C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
      FirewallRules: [{DA78110C-2370-4EB5-9B93-16E4CC27C9EF}] => (Allow) LPort=2869
      FirewallRules: [{53158159-126F-443C-8507-1D4526A6A587}] => (Allow) LPort=1900
      FirewallRules: [{5345F2F6-1E95-470E-883C-D25315BE7F08}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
      FirewallRules: [{B6CE2B8A-3326-4CC7-A7B0-A840B904C03F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
      FirewallRules: [{3B2D6E27-6F8A-47D0-8F73-7AA9B9DB2770}] => (Allow) LPort=5353
      FirewallRules: [{1DEF9043-1413-470B-B7AC-463B9A6D6772}] => (Allow) LPort=8182
      FirewallRules: [{2C0EF38F-DC4B-4EB8-A910-0F41EBC5D05E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{5123160A-5B68-4218-920C-D94C2DFD795D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{D4E80D47-E054-42FC-8764-163EC93FA0D3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{EDA0E1A0-E02E-4B30-9330-7777A9AC851F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [TCP Query User{5CAE3093-6951-4A21-8448-BC67461826E9}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files (x86)\common files\nokia\fuse\fuseservice.exe
      FirewallRules: [UDP Query User{151C773E-6C96-4769-8949-8A193B3124A6}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files (x86)\common files\nokia\fuse\fuseservice.exe
      FirewallRules: [{DB5A226F-AD20-4129-9A74-DF2456395262}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
      FirewallRules: [{BB69E2A8-9F6C-493B-9218-FF964C8DDBB2}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
      FirewallRules: [{41B22E35-D472-4F88-9571-267A78BB69A5}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
      FirewallRules: [TCP Query User{B2C119CB-48A0-46E7-B632-76FCF64A5B32}C:\users\asus\downloads\dcc295\dcc295\dcc.exe] => (Allow) C:\users\asus\downloads\dcc295\dcc295\dcc.exe
      FirewallRules: [UDP Query User{8FD9A33B-B9FD-4C17-9970-1516AC6C5A4C}C:\users\asus\downloads\dcc295\dcc295\dcc.exe] => (Allow) C:\users\asus\downloads\dcc295\dcc295\dcc.exe
      FirewallRules: [TCP Query User{1B1D2910-B3A6-4042-BD43-06F557A79C02}C:\users\asus\downloads\dreamset232\dreamset.exe] => (Allow) C:\users\asus\downloads\dreamset232\dreamset.exe
      FirewallRules: [UDP Query User{D69F9EAF-1744-46A9-96A2-B4D1414DAB34}C:\users\asus\downloads\dreamset232\dreamset.exe] => (Allow) C:\users\asus\downloads\dreamset232\dreamset.exe
      FirewallRules: [{F4BF13F3-0BBC-461F-8337-916BDBEAF8BA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
      FirewallRules: [{2AA78F91-F548-46E3-BF04-710512A4175D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{AED40737-5EB2-4071-B90E-EE437B42992E}] => (Allow) C:\Windows\system32\rundll32.exe
      FirewallRules: [{784A4D94-D0ED-45BA-A5C9-1B921B5CCEA8}] => (Allow) C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{9459A2E7-C914-4FF8-82D0-520630CF582E}] => (Allow) C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{A74886A7-708B-43C9-8932-68DAFC5F1847}] => (Allow) C:\Windows\System32\rundll32.exe
      FirewallRules: [{44B331B6-DB96-4AEF-BD02-84D0A67985FD}] => (Allow) C:\Windows\System32\rundll32.exe

      ==================== Restore Points =========================

      ATTENTION: System Restore is disabled

      ==================== Faulty Device Manager Devices =============

      Name: Teredo Tunneling Pseudo-Interface
      Description: Adaptador de tunelización Teredo de Microsoft
      Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
      Manufacturer: Microsoft
      Service: tunnel
      Problem: : This device cannot start. (Code10)
      Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
      On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

      Name: JMicron PCI Express Gigabit Ethernet Adapter
      Description: JMicron PCI Express Gigabit Ethernet Adapter
      Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
      Manufacturer: JMicron Technology Corp.
      Service: JME
      Problem: : This device is disabled. (Code 22)
      Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (10/30/2017 04:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: IEXPLORE.EXE, versión: 11.0.9600.18377, marca de tiempo: 0x575afa93
      Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23418, marca de tiempo: 0x5708a73e
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x0004e6df
      Id. del proceso con errores: 0x12e0
      Hora de inicio de la aplicación con errores: 0x01d35190b5e60b8f
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      Ruta de acceso del módulo con errores: C:\Windows\SysWOW64\ntdll.dll
      Id. del informe: dba00dd8-bd84-11e7-93d3-81ffdd9069c9

      Error: (10/30/2017 04:06:12 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: wmpnetwk.exe, versión: 12.0.7601.17514, marca de tiempo: 0x4ce7ae7f
      Nombre del módulo con errores: wmp.dll, versión: 12.0.7601.19148, marca de tiempo: 0x56b9b871
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x00000000001facc7
      Id. del proceso con errores: 0xeb4
      Hora de inicio de la aplicación con errores: 0x01d351875d7862ee
      Ruta de acceso de la aplicación con errores: C:\Program Files\Windows Media Player\wmpnetwk.exe
      Ruta de acceso del módulo con errores: C:\Windows\system32\wmp.dll
      Id. del informe: ddd483d4-bd83-11e7-93d3-81ffdd9069c9

      Error: (10/24/2017 0817 AM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: El programa Explorer.EXE, versión 6.1.7601.19135, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

      Identificador de proceso: 71c

      Hora de inicio: 01d34c96145a8dc2

      Hora de finalización: 0

      Ruta de acceso de la aplicación: C:\Windows\Explorer.EXE

      Identificador de informe: 5dd12ba7-b88a-11e7-8cf4-cac0fb2503bd

      Error: (10/23/2017 05:58:50 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: wmprph.exe, versión: 12.0.7600.16385, marca de tiempo: 0x4a5bd018
      Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.23418, marca de tiempo: 0x5708a857
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x0000000000048d84
      Id. del proceso con errores: 0x13e0
      Hora de inicio de la aplicación con errores: 0x01d34c202edc8bc7
      Ruta de acceso de la aplicación con errores: C:\Program Files\Windows Media Player\wmprph.exe
      Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
      Id. del informe: 70f131c5-b813-11e7-8b82-d8cd8decd6cb

      Error: (10/21/2017 03:41:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: El programa Explorer.EXE, versión 6.1.7601.19135, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

      Identificador de proceso: 710

      Hora de inicio: 01d34a52c9b1b4d9

      Hora de finalización: 156

      Ruta de acceso de la aplicación: C:\Windows\Explorer.EXE

      Identificador de informe: e92c220b-b66d-11e7-90ed-f5cb79b8ccc9

      Error: (10/21/2017 03:22:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: El programa iexplore.exe, versión 11.0.9600.18377, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

      Identificador de proceso: 14e0

      Hora de inicio: 01d34a771bf825cf

      Hora de finalización: 0

      Ruta de acceso de la aplicación: C:\Program Files\Internet Explorer\iexplore.exe

      Identificador de informe:

      Error: (10/20/2017 02:49:24 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: mbam.exe, versión: 3.0.0.1169, marca de tiempo: 0x599723f1
      Nombre del módulo con errores: Qt5Core.dll, versión: 5.6.2.0, marca de tiempo: 0x59a63e00
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x001aa3b6
      Id. del proceso con errores: 0x11a8
      Hora de inicio de la aplicación con errores: 0x01d349aa3cb771f7
      Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
      Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
      Id. del informe: 7aebab47-b59d-11e7-91d7-ceb5055be0ca

      Error: (10/20/2017 01:38:14 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: 007.exe, versión: 3.0.0.1169, marca de tiempo: 0x599723f1
      Nombre del módulo con errores: Qt5Core.dll, versión: 5.6.2.0, marca de tiempo: 0x59a63e00
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x001aa3b6
      Id. del proceso con errores: 0x11d0
      Hora de inicio de la aplicación con errores: 0x01d349a04b9a696f
      Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\007.exe
      Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
      Id. del informe: 89cd9b11-b593-11e7-91d7-ceb5055be0ca

      Error: (10/20/2017 01:32:12 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: mbam.exe, versión: 3.0.0.1169, marca de tiempo: 0x599723f1
      Nombre del módulo con errores: Qt5Core.dll, versión: 5.6.2.0, marca de tiempo: 0x59a63e00
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x001aa3b6
      Id. del proceso con errores: 0xbb8
      Hora de inicio de la aplicación con errores: 0x01d3499f71d2a079
      Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
      Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
      Id. del informe: b2222a54-b592-11e7-91d7-ceb5055be0ca

      Error: (10/20/2017 12:16:40 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: mbam.exe, versión: 3.0.0.1169, marca de tiempo: 0x599723f1
      Nombre del módulo con errores: Qt5Core.dll, versión: 5.6.2.0, marca de tiempo: 0x59a63e00
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x001aa3b6
      Id. del proceso con errores: 0x710
      Hora de inicio de la aplicación con errores: 0x01d34994db6fc6de
      Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
      Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
      Id. del informe: 24b31eea-b588-11e7-884c-ec1f530861cf


      System errors:
      =============
      Error: (11/02/2017 09:50:34 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.

      Error: (11/02/2017 09:23:49 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.

      Error: (11/02/2017 08:57:40 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.

      Error: (11/02/2017 08:50:26 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.

      Error: (11/02/2017 08:49:45 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.

      Error: (11/02/2017 08:49:08 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.

      Error: (11/01/2017 07:53:12 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.

      Error: (11/01/2017 07:24:35 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.

      Error: (11/01/2017 06:19:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.

      Error: (11/01/2017 06:19:03 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
      Description: Error al intentar leer el archivo local de hosts.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
      Percentage of memory in use: 42%
      Total physical RAM: 3948.54 MB
      Available physical RAM: 2276.48 MB
      Total Virtual: 7895.27 MB
      Available Virtual: 5879.25 MB

      ==================== Drives ================================

      Drive c: (OS) (Fixed) (Total:273.09 GB) (Free:49.7 GB) NTFS ==>[drive with boot components (obtained from BCD)]

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 727B3521)
      Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
      Partition 2: (Active) - (Size=273.1 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

      Un saludo

    8. #18
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      23.998

      Re: virus que ejecuta cosas en mi pc y no se que hacer mas

      Hola

      Sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

      • Para hacerlo descarga >> DelFix en tu escritorio.
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca unicamente la casilla "Create registry backup".
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación inicia tu equipo desde el >> Modo Seguro de Windows con función de red.

      Si tu SO es Windows 8/8.1/10 usa el 2º MÉTODO: de esta Faq de Windows 8 (aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.


      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\MountPoints2: E - E:\setup.exe
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\MountPoints2: {1d602a62-3c6e-11e7-a7a6-e4847fa601b2} - E:\setup.exe
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      GroupPolicy\User: Restriction <==== ATTENTION
      FF HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=HAJzbcnbl1BU,c851ec36-91de-43c2-8ae8-add82969c9fe,&vp=ch&prd=set_ch
      CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=HAJzbcnbl1BU,c851ec36-91de-43c2-8ae8-add82969c9fe,&vp=ch&prd=set_ch"
      CHR Extension: (LadyCashback) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkgopncbadmfaeimfjobhilkpgnkkno [2017-09-29]
      CHR Extension: (ae) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndiecnlfaibiffoeijpjnblnmdlcpog [2017-10-19]
      CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-01]
      CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
      S3 UCOREW64; \??\C:\Users\Asus\Downloads\sp46442\UCOREW64.SYS [X]
      2017-11-01 15:59 - 2017-10-26 11:36 - 011584088 _____ (SurfRight B.V.) C:\Users\Asus\AppData\Local\Temp\HitmanPro.exe
      2017-10-24 13:15 - 2017-10-24 13:15 - 001856576 _____ (Oracle Corporation) C:\Users\Asus\AppData\Local\Temp\jre-8u151-windows-au.exe
      AlternateDataStreams: C:\ProgramData\Temp:B755D674 [270] 
      
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Pon el reporte y comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #19
      Usuario Avatar de azair22
      Registrado
      abr 2008
      Ubicación
      España
      Mensajes
      11

      Re: virus que ejecuta cosas en mi pc y no se que hacer mas

      Hola!! A continuacion te dejo el reporte Fixlog.txt

      El pc parece que ya no se ralentiza tanto, pero sigo sin poder actualizar windows, cuando descargo me sigue pidiendo los mismos permisos, de momento parece que ya no salen esas ventanitas que desaparecen al segundo, parece que ha mejorado, pero como resuelvo esto?

      Reporte Fixlog.txt

      Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
      Ran by Asus (06-11-2017 17:38:32) Run:1
      Running from C:\Users\Asus\Desktop
      Loaded Profiles: Asus (Available Profiles: Asus & Administrador)
      Boot Mode: Safe Mode (with Networking)
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\MountPoints2: E - E:\setup.exe
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\MountPoints2: {1d602a62-3c6e-11e7-a7a6-e4847fa601b2} - E:\setup.exe
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      GroupPolicy\User: Restriction <==== ATTENTION
      FF HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      CHR HomePage: Default -> hxxp://www-searching.com/?pid=s&s=HAJzbcnbl1BU,c851ec36-91de-43c2-8ae8-add82969c9fe,&vp=ch&prd=set_ch
      CHR StartupUrls: Default -> "hxxp://www-searching.com/?pid=s&s=HAJzbcnbl1BU,c851ec36-91de-43c2-8ae8-add82969c9fe,&vp=ch&prd=set_ch"
      CHR Extension: (LadyCashback) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkgopncbadmfaeimfjobhilkpgnkkno [2017-09-29]
      CHR Extension: (ae) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndiecnlfaibiffoeijpjnblnmdlcpog [2017-10-19]
      CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-01]
      CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
      S3 UCOREW64; \??\C:\Users\Asus\Downloads\sp46442\UCOREW64.SYS [X]
      2017-11-01 15:59 - 2017-10-26 11:36 - 011584088 _____ (SurfRight B.V.) C:\Users\Asus\AppData\Local\Temp\HitmanPro.exe
      2017-10-24 13:15 - 2017-10-24 13:15 - 001856576 _____ (Oracle Corporation) C:\Users\Asus\AppData\Local\Temp\jre-8u151-windows-au.exe
      AlternateDataStreams: C:\ProgramData\Temp:B755D674 [270]

      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      *****************

      Error: Restore point can only be created in normal mode.
      Processes closed successfully.
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => key removed successfully
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d602a62-3c6e-11e7-a7a6-e4847fa601b2} => key removed successfully
      HKLM\Software\Classes\CLSID\{1d602a62-3c6e-11e7-a7a6-e4847fa601b2} => key not found.
      C:\Windows\system32\GroupPolicy\Machine => moved successfully
      C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
      C:\Windows\system32\GroupPolicy\User => moved successfully
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\Software\Mozilla\SeaMonkey\Extensions\\[email protected] => value removed successfully
      HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
      HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer => key removed successfully
      HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
      Chrome HomePage => removed successfully
      Chrome StartupUrls => removed successfully
      CHR Extension: (LadyCashback) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkgopncbadmfaeimfjobhilkpgnkkno [2017-09-29] => Error: No automatic fix found for this entry.
      CHR Extension: (ae) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndiecnlfaibiffoeijpjnblnmdlcpog [2017-10-19] => Error: No automatic fix found for this entry.
      CHR Extension: (Chrome Media Router) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-01] => Error: No automatic fix found for this entry.
      HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek => key removed successfully
      HKLM\System\CurrentControlSet\Services\UCOREW64 => key removed successfully
      UCOREW64 => service removed successfully
      C:\Users\Asus\AppData\Local\Temp\HitmanPro.exe => moved successfully
      C:\Users\Asus\AppData\Local\Temp\jre-8u151-windows-au.exe => moved successfully
      C:\ProgramData\Temp => ":B755D674" ADS removed successfully.

      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows

      Error al renovar la interfaz Conexi¢n de red inal*mbrica: no se puede establecer contacto con el
      servidor DHCP. La solicitud super¢ el tiempo de espera.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.5.7601 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007042c
      No se puede iniciar el servicio o grupo de dependencia.



      ========= End of CMD: =========


      ========= RemoveProxy: =========

      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-21-2006136963-1127275496-1322106195-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


      ========= End of RemoveProxy: =========

      Hosts restored successfully.

      =========== EmptyTemp: ==========

      BITS transfer queue => 0 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 73153456 B
      Java, Flash, Steam htmlcache => 3074 B
      Windows/system/drivers => 276200 B
      Edge => 0 B
      Chrome => 155501460 B
      Firefox => 0 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Users => 0 B
      Default => 33058 B
      Public => 0 B
      ProgramData => 0 B
      systemprofile => 257853 B
      systemprofile32 => 69326 B
      LocalService => 33326 B
      NetworkService => 10383582 B
      Asus => 912070400 B
      Administrador => 279582 B

      RecycleBin => 0 B
      EmptyTemp: => 1.1 GB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 17:40:44 ====

    10. #20
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      23.998

      Re: virus que ejecuta cosas en mi pc y no se que hacer mas

      Hola

      Realiza los pasos que se indican en esta Guía general para la solución de problemas con Windows Update .

      Comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 2 de 2 PrimeroPrimero 12