• Registrarse
  • Iniciar sesión


  • Página 2 de 3 PrimeroPrimero 123 ÚltimoÚltimo
    Resultados 11 al 20 de 28

    Virus en google chorme

    Buenas, te pego el reporte del adware después de limpiar: # AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 04 18:52:09 2017 # Updated on 2017/27/10 by Malwarebytes # Running on Windows 7 Ultimate (X64) ...

    1. #11
      Usuario Avatar de Nestares
      Registrado
      ene 2017
      Ubicación
      España
      Mensajes
      24

      Re: Virus en google chorme

      Buenas, te pego el reporte del adware después de limpiar:

      # AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 04 18:52:09 2017
      # Updated on 2017/27/10 by Malwarebytes
      # Running on Windows 7 Ultimate (X64)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      No malicious folders deleted.

      ***** [ Files ] *****

      No malicious files deleted.

      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries deleted.

      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[C0].txt - [5069 B] - [2017/1/21 1842]
      C:/AdwCleaner/AdwCleaner[C1].txt - [2987 B] - [2017/8/11 9:33:45]
      C:/AdwCleaner/AdwCleaner[C2].txt - [4090 B] - [2017/11/1 9:19:20]
      C:/AdwCleaner/AdwCleaner[C3].txt - [3969 B] - [2017/11/1 9:29:29]
      C:/AdwCleaner/AdwCleaner[C4].txt - [2217 B] - [2017/11/1 9:50:37]
      C:/AdwCleaner/AdwCleaner[C5].txt - [2175 B] - [2017/11/1 9:57:57]
      C:/AdwCleaner/AdwCleaner[C6].txt - [2310 B] - [2017/11/1 17:28:46]
      C:/AdwCleaner/AdwCleaner[C7].txt - [2446 B] - [2017/11/3 9:44:48]
      C:/AdwCleaner/AdwCleaner[S0].txt - [4929 B] - [2017/1/21 17:53:12]
      C:/AdwCleaner/AdwCleaner[S10].txt - [2286 B] - [2017/11/3 9:43:52]
      C:/AdwCleaner/AdwCleaner[S11].txt - [2421 B] - [2017/11/4 18:50:52]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1539 B] - [2017/2/10 16:42:41]
      C:/AdwCleaner/AdwCleaner[S2].txt - [3005 B] - [2017/8/11 9:33:20]
      C:/AdwCleaner/AdwCleaner[S3].txt - [20004 B] - [2017/10/31 1939]
      C:/AdwCleaner/AdwCleaner[S4].txt - [7554 B] - [2017/10/31 20:15:28]
      C:/AdwCleaner/AdwCleaner[S5].txt - [6922 B] - [2017/11/1 9:18:10]
      C:/AdwCleaner/AdwCleaner[S6].txt - [4445 B] - [2017/11/1 9:26:20]
      C:/AdwCleaner/AdwCleaner[S7].txt - [2255 B] - [2017/11/1 9:46:27]
      C:/AdwCleaner/AdwCleaner[S8].txt - [2193 B] - [2017/11/1 9:57:23]
      C:/AdwCleaner/AdwCleaner[S9].txt - [2149 B] - [2017/11/1 17:28:11]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C8].txt ##########

    2. #12
      Usuario Avatar de Nestares
      Registrado
      ene 2017
      Ubicación
      España
      Mensajes
      24

      Re: Virus en google chorme

      El reporte del FRT en partes que es muy largo

      FRT 1

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
      Ran by Edu (administrator) on EDU-PC (04-11-2017 19:02:30)
      Running from C:\Users\Edu\Desktop
      Loaded Profiles: Edu (Available Profiles: Edu)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Microsoft Corporation) C:\Windows\System32\rundll32.exe
      (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\eEBAPI\eEBSvc.exe
      (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      () C:\Program Files (x86)\EpsonNet\common\bin\ensrvmgr.exe
      () C:\Program Files (x86)\EpsonNet\common\bin\emwchsrv.exe
      (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
      (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
      (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
      (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
      (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
      (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
      (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
      (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      () C:\Program Files (x86)\EpsonNet\EpsonNet SOAP Server\bin\emsoaprr.exe
      () C:\Program Files (x86)\EpsonNet\EpsonNet Web Pages Service\bin\ewpsrr.exe
      () C:\Program Files (x86)\EpsonNet\common\bin\emalmmon.exe
      (Apache Software Foundation) C:\Program Files (x86)\EpsonNet\EpsonNet HTTP Server\bin\Apache.exe
      (Apache Software Foundation) C:\Program Files (x86)\EpsonNet\EpsonNet HTTP Server\bin\Apache.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
      (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
      (Spotify Ltd) C:\Users\Edu\AppData\Roaming\Spotify\SpotifyWebHelper.exe
      (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
      () C:\Users\Edu\Desktop\DS4Windows\DS4Windows.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      (Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
      (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
      (Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
      (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      (AppWork GmbH) C:\Users\Edu\AppData\Local\JDownloader 2.0\JDownloader2.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
      HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
      HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
      HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
      HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
      HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
      HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2687488 2015-09-29] (Sony Corporation)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
      Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\Run: [AdobeBridge] => [X]
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\Run: [Spotify Web Helper] => C:\Users\Edu\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-07-03] (Spotify Ltd)
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [953880 2016-04-12] (BlueStack Systems, Inc.)
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [4338880 2016-02-02] (Disc Soft Ltd)
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: F - F:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {101bb017-358d-11e7-b66c-d43d7e925eca} - I:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {267d6a93-0d99-11e7-ad86-d43d7e925eca} - H:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {267d6a9f-0d99-11e7-ad86-d43d7e925eca} - I:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {7df9c740-753f-11e7-8ed0-d43d7e925eca} - H:\CMADownloader.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {82ae296c-323b-11e7-84f4-d43d7e925eca} - H:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {9105f33c-4439-11e7-80d1-d43d7e925eca} - K:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {9105f341-4439-11e7-80d1-d43d7e925eca} - L:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {ec5797f6-6bdf-11e4-af36-d43d7e925eca} - H:\unlock.exe autoplay=true
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {f935197b-3b9d-11e7-9a7d-d43d7e925eca} - H:\setup.exe
      HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-08-02] (Microsoft Corporation)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Asistente del gestor de contenido para PlayStation(R).lnk [2017-10-31]
      ShortcutTarget: Asistente del gestor de contenido para PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
      Startup: C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2017-10-31]
      ShortcutTarget: DS4Windows.lnk -> C:\Users\Edu\Desktop\DS4Windows\DS4Windows.exe ()
      Startup: C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winexe.exe [2014-11-14] ()

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
      Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
      Tcpip\..\Interfaces\{14F42FFF-EC48-4C1F-B7CA-B617FB347D99}: [DhcpNameServer] 192.168.1.1 192.168.1.1

      Internet Explorer:
      ==================
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
      SearchScopes: HKLM-x32 -> DefaultScope value is missing
      SearchScopes: HKU\S-1-5-21-117417332-1347312225-1001307004-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
      BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-08-05] (DVDVideoSoft Ltd.)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-23] (Oracle Corporation)
      BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
      BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-23] (Oracle Corporation)
      StartMenuInternet: IEXPLORE.EXE - iexplore.exe

      FireFox:
      ========
      FF DefaultProfile: 79uvon2h.default
      FF ProfilePath: C:\Users\Edu\AppData\Roaming\Mozilla\Firefox\Profiles\79uvon2h.default [2017-11-01]
      FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
      FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-16] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] ()
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
      FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-23] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-23] (Oracle Corporation)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-27] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-27] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
      FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)

      Chrome:
      =======
      CHR DefaultProfile: Default
      CHR HomePage: Default -> inline.go.mail.ru
      CHR StartupUrls: Default -> "hxxps://www.google.es/"
      CHR Profile: C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default [2017-11-04]
      CHR Extension: (Google Drive) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
      CHR Extension: (YouTube) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
      CHR Extension: (Adblock Plus) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-27]
      CHR Extension: (Búsqueda de Google) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
      CHR Extension: (Adobe Acrobat) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
      CHR Extension: (AdBlock) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-20]
      CHR Extension: (Download with JDownloader) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpmbokkdeapjommajdfmmheiiakdlgo [2017-11-01]
      CHR Extension: (Gmail) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
      CHR Extension: (Chrome Media Router) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-01]
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-03-24] ()
      S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-12] (BlueStack Systems, Inc.)
      R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-12] (BlueStack Systems, Inc.)
      S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [433688 2016-04-12] (BlueStack Systems, Inc.)
      S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-12] (BlueStack Systems, Inc.)
      R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd)
      R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\eEBAPI\eEBSVC.exe [90112 2004-11-17] (SEIKO EPSON CORPORATION) [File not signed]
      R2 EpsonNet_Primitive_Service; C:\Program Files (x86)\EpsonNet\common\bin\ensrvmgr.exe [126976 2004-02-09] () [File not signed]
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
      R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation)
      R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4948992 2009-07-17] (Native Instruments GmbH) [File not signed]
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
      R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-27] (NVIDIA Corporation)
      R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
      R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [496128 2015-09-29] (Sony Corporation)
      R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
      S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation)
      R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-04-12] (BlueStack Systems)
      R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )
      S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-03-20] (Disc Soft Ltd)
      S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-03-20] (Disc Soft Ltd)
      R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2017-03-20] (Disc Soft Ltd)
      R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2017-03-20] (Disc Soft Ltd)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-11-01] ()
      S1 hwinterface; C:\Windows\SysWOW64\Drivers\hwinterface.sys [3026 2017-08-10] (Logix4u) [File not signed]
      S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-11-01] (Malwarebytes)
      R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-03] (Malwarebytes)
      R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-11-03] (Malwarebytes)
      R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-11-01] (Malwarebytes)
      R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-11-04] (Malwarebytes)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
      R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-06-27] (NVIDIA Corporation)
      R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
      R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2017-03-20] (Duplex Secure Ltd.)
      S3 ysusb64; C:\Windows\System32\drivers\ysusb64.sys [110952 2012-09-27] (Yamaha Corporation)
      U3 aet3ydsd; C:\Windows\System32\Drivers\aet3ydsd.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
      S3 MSICDSetup; \??\E:\CDriver64.sys [X]
      S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    3. #13
      Usuario Avatar de Nestares
      Registrado
      ene 2017
      Ubicación
      España
      Mensajes
      24

      Re: Virus en google chorme

      FRT 2

      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-04 19:02 - 2017-11-04 19:02 - 000024953 _____ C:\Users\Edu\Desktop\FRST.txt
      2017-11-04 19:01 - 2017-11-04 19:02 - 000000000 ____D C:\FRST
      2017-11-04 18:58 - 2017-11-04 18:59 - 002403328 _____ (Farbar) C:\Users\Edu\Desktop\FRST64.exe
      2017-11-03 12:16 - 2017-11-03 12:16 - 000000000 ____D C:\Windows\LastGood
      2017-11-03 12:16 - 2017-10-11 02:05 - 000050624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
      2017-11-03 10:15 - 2017-11-03 10:15 - 000040976 _____ C:\Users\Edu\Downloads\6212002504653.pdf
      2017-11-03 09:51 - 2017-11-03 10:46 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2017-11-01 21:38 - 2017-11-01 21:38 - 000000750 _____ C:\Users\Edu\Documents\cc_20171101_213843.reg
      2017-11-01 19:56 - 2017-11-01 19:56 - 000029320 _____ C:\Users\Edu\Documents\cc_20171101_195642.reg
      2017-11-01 19:30 - 2017-11-01 19:30 - 000434684 _____ C:\Users\Edu\Documents\cc_20171101_193002.reg
      2017-11-01 15:17 - 2017-11-01 15:17 - 000000000 ____D C:\Users\Edu\Downloads\S v2
      2017-11-01 15:13 - 2017-11-01 15:21 - 463214580 _____ C:\Users\Edu\Downloads\Sentinels-of-the-Multiverse[dlandroid.com].zip
      2017-11-01 15:13 - 2017-11-01 15:19 - 289095489 _____ C:\Users\Edu\Downloads\Ticket-to-Ride[dlandroid.com].zip
      2017-11-01 15:13 - 2017-11-01 15:14 - 030943920 _____ C:\Users\Edu\Downloads\Sentinels-of-the-Multiverse[dlandroid.com].apk
      2017-11-01 15:13 - 2017-11-01 15:13 - 027538235 _____ C:\Users\Edu\Downloads\Ticket-to-Ride-u[dlandroid.com].apk
      2017-11-01 15:12 - 2017-11-01 15:15 - 134762213 _____ C:\Users\Edu\Downloads\Jaipur-A-Card-Game-of-Duels[dlandroid.com].zip
      2017-11-01 15:12 - 2017-11-01 15:15 - 112500001 _____ C:\Users\Edu\Downloads\Colt-Express[dlandroid.com].zip
      2017-11-01 15:12 - 2017-11-01 15:13 - 031635344 _____ C:\Users\Edu\Downloads\Jaipur-A-Card-Game-of-Duels[dlandroid.com].apk
      2017-11-01 15:12 - 2017-11-01 15:13 - 029617586 _____ C:\Users\Edu\Downloads\Colt-Express[dlandroid.com].apk
      2017-11-01 15:11 - 2017-11-01 15:11 - 009874624 _____ C:\Users\Edu\Downloads\Zombie-in-my-pocket[dlandroid.com].apk
      2017-11-01 15:09 - 2017-11-01 15:10 - 081511418 _____ C:\Users\Edu\Downloads\Splendor[dlandroid.com].zip
      2017-11-01 15:09 - 2017-11-01 15:09 - 018938060 _____ C:\Users\Edu\Downloads\Splendor[dlandroid.com].apk
      2017-11-01 14:54 - 2017-11-04 17:58 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2017-11-01 14:54 - 2017-11-03 10:46 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2017-11-01 14:54 - 2017-11-01 14:54 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2017-11-01 14:54 - 2017-11-01 14:54 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2017-11-01 12:44 - 2017-11-01 14:54 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
      2017-11-01 12:44 - 2017-11-01 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-11-01 12:44 - 2017-11-01 12:44 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-11-01 12:42 - 2017-11-01 12:42 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Obsidium
      2017-11-01 12:22 - 2017-11-01 12:22 - 066596129 _____ C:\Users\Edu\Downloads\MP 3.2.2 [www.tecnotutoshd.net].zip
      2017-11-01 12:08 - 2017-11-01 12:08 - 066861920 _____ C:\Users\Edu\Downloads\Malwabytes Premium 3.2.2 Activado.rar
      2017-11-01 11:10 - 2017-11-01 11:10 - 001538079 _____ C:\Users\Edu\Downloads\Malwarebytes Anti-Malware Premium 3.1.2 _s Only.zip
      2017-11-01 10:47 - 2017-11-01 10:47 - 000983168 _____ (Bleeping Computer, LLC) C:\Users\Edu\Downloads\iExplore64.exe
      2017-11-01 10:46 - 2017-11-01 10:46 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Edu\Downloads\iExplore.exe
      2017-11-01 10:46 - 2017-11-01 10:46 - 001790024 _____ (Malwarebytes) C:\Users\Edu\Downloads\JRT.exe
      2017-11-01 10:41 - 2017-11-01 10:41 - 000002265 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-10-31 23:49 - 2017-11-01 00:15 - 000000000 ____D C:\Users\Edu\Downloads\PRO EVOLUTION SOCCER 2018 PC OF EOL v9 2 ED by InMortal
      2017-10-31 22:06 - 2017-10-31 22:06 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-10-31 19:58 - 2017-10-31 19:58 - 008261584 _____ (Malwarebytes) C:\Users\Edu\Downloads\adwcleaner_7.0.4.0.exe
      2017-10-31 19:56 - 2017-10-31 19:56 - 000000000 ____D C:\Users\Edu\AppData\Roaming\sdu
      2017-10-31 19:56 - 2017-10-31 19:56 - 000000000 ____D C:\Program Files (x86)\Secure Driver Updater
      2017-10-31 19:53 - 2017-10-31 19:53 - 000000000 _____ C:\Windows\SysWOW64\__010C123B__C0000005.dmp
      2017-10-31 19:49 - 2017-10-31 19:49 - 000000000 ____H C:\Windows\system32\BIT3707.tmp
      2017-10-31 19:46 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Roaming\ccaee14a203643ff8d265a4c25ea1d71
      2017-10-31 19:46 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Roaming\b08cbb117b9b43349c9d04738c7cac98
      2017-10-31 19:46 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Roaming\23fcc9938b614e7693fff46ce3ab6242
      2017-10-31 19:46 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Roaming\00867b46be744d87ad73bc039cab13f8
      2017-10-31 19:46 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Local\ff99201f853f45159c4d2811aec52eac
      2017-10-31 19:46 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Local\a87569bdcabf4fa180f159564591a317
      2017-10-31 19:46 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Local\3a29dfef57914283ae9a86184bcb0278
      2017-10-31 19:45 - 2017-10-31 19:52 - 000000008 __RSH C:\Users\Edu\ntuser.pol
      2017-10-31 19:40 - 2017-10-31 19:40 - 000003564 _____ C:\Windows\System32\Tasks\{E9326759-40A8-1B33-19B6-F46B837AD563}
      2017-10-31 19:40 - 2017-10-31 19:40 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Tortoise
      2017-10-31 19:39 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Local\868b65eaff8f4eef9cabbfec328c7c68
      2017-10-31 19:39 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Local\865cd95baad54f40a92f118ed5abc3a1
      2017-10-31 19:39 - 2017-10-31 20:00 - 000016764 _____ C:\Windows\System32\Tasks\SFP Distory Clocks Editor
      2017-10-31 19:38 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Local\a77a2f642b8e4745bdb0ad03393fbbca
      2017-10-31 19:38 - 2017-10-31 20:44 - 000000000 ____D C:\Users\Edu\AppData\Local\9272d9cde1664c7ba64378b103756195
      2017-10-31 19:33 - 2017-10-31 19:33 - 000000508 _____ C:\Users\Edu\Downloads\fix_pes_2018_1c0-d34.torrent
      2017-10-31 19:23 - 2017-10-31 19:28 - 000000000 ____D C:\Users\Edu\Downloads\wehk pes2018 ps4 0
      2017-10-31 17:29 - 2017-10-31 17:32 - 000000000 ____D C:\Users\Edu\Downloads\PES 2018 Crack CPYGAMES
      2017-10-31 17:19 - 2017-10-31 17:19 - 000000000 ____D C:\Users\Edu\ansel
      2017-10-31 06:04 - 2017-10-31 06:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2018
      2017-10-31 05:41 - 2017-11-04 11:27 - 000000000 ____D C:\Users\Edu\Downloads\A2QI4316L5
      2017-10-31 05:37 - 2017-10-31 17:33 - 000000000 ____D C:\Program Files (x86)\Pro Evolution Soccer 2018
      2017-10-30 21:25 - 2015-03-16 13:58 - 000444840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshflxgd.ocx
      2017-10-30 21:25 - 2013-11-25 06:27 - 000416408 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
      2017-10-30 21:25 - 2013-11-25 06:27 - 000253080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
      2017-10-30 21:25 - 2013-11-25 06:27 - 000219288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
      2017-10-30 21:25 - 2013-11-25 06:27 - 000218776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
      2017-10-30 21:25 - 2013-11-25 06:27 - 000212112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
      2017-10-30 21:25 - 2013-11-25 06:27 - 000179352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
      2017-10-30 21:25 - 2013-11-25 06:27 - 000127640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
      2017-10-30 21:25 - 2013-11-25 06:27 - 000119960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
      2017-10-30 21:25 - 2013-11-25 06:27 - 000108696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
      2017-10-30 21:25 - 2013-11-25 06:27 - 000104088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
      2017-10-30 21:25 - 2013-11-25 06:27 - 000084624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
      2017-10-30 21:25 - 2011-01-12 13:36 - 001054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
      2017-10-30 21:25 - 2011-01-12 13:25 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71deu.dll
      2017-10-30 21:25 - 2011-01-12 13:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71ita.dll
      2017-10-30 21:25 - 2011-01-12 13:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71fra.dll
      2017-10-30 21:25 - 2011-01-12 13:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71esp.dll
      2017-10-30 21:25 - 2011-01-12 13:25 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71enu.dll
      2017-10-30 21:25 - 2011-01-12 13:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71kor.dll
      2017-10-30 21:25 - 2011-01-12 13:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71jpn.dll
      2017-10-30 21:25 - 2011-01-12 13:25 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71cht.dll
      2017-10-30 21:25 - 2011-01-12 13:25 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71chs.dll
      2017-10-30 21:25 - 2011-01-12 12:53 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
      2017-10-30 21:25 - 2007-02-01 22:13 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
      2017-10-30 21:25 - 2006-08-26 00:28 - 001017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
      2017-10-30 21:25 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
      2017-10-30 21:25 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
      2017-10-30 21:25 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
      2017-10-30 21:25 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
      2017-10-30 21:25 - 2006-08-26 00:15 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
      2017-10-30 21:25 - 2006-08-26 00:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
      2017-10-30 21:25 - 2006-08-26 00:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
      2017-10-30 21:25 - 2006-08-26 00:15 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
      2017-10-30 21:25 - 2006-08-26 00:15 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
      2017-10-30 21:25 - 2006-08-26 00:07 - 001024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
      2017-10-30 21:25 - 2006-08-25 23:17 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
      2017-10-30 21:25 - 2005-01-20 19:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
      2017-10-30 21:25 - 2002-01-05 05:40 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
      2017-10-30 21:25 - 2001-08-23 00:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
      2017-10-30 21:25 - 1996-01-12 03:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb40032.dll
      2017-10-30 21:25 - 1993-07-23 19:31 - 000210944 _____ C:\Windows\SysWOW64\msvcrt10.dll
      2017-10-30 21:12 - 2017-10-30 21:12 - 000051634 _____ C:\Windows\uninstaller.dat
      2017-10-30 21:08 - 2017-10-30 21:08 - 000000000 ____D C:\Users\Edu\AppData\Local\TslGame
      2017-10-30 20:55 - 2017-10-30 20:55 - 000000000 ____D C:\Users\Edu\Downloads\CRACK ORIGINS
      2017-10-30 20:47 - 2017-10-30 20:55 - 000000000 ____D C:\Users\Edu\Downloads\TextoEspañol ZL
      2017-10-30 20:45 - 2017-10-30 23:50 - 000000000 ____D C:\Users\Edu\Downloads\3DMGAME-Assassins.Creed.Origins.Gold.Edition.Uplay-3DM
      2017-10-26 10:08 - 2017-10-26 10:08 - 000000000 ____D C:\Users\Edu\AppData\LocalLow\Tower Studios
      2017-10-26 10:06 - 2017-10-26 10:06 - 110941363 _____ C:\Users\Edu\Downloads\Sociable.Soccer.rar
      2017-10-24 11:59 - 2017-10-24 12:00 - 018368362 _____ C:\Users\Edu\Downloads\UPDATE TRANSFERS V1 1718 - 15072017.zip
      2017-10-24 11:54 - 2017-10-24 11:54 - 009556945 _____ C:\Users\Edu\Downloads\UPDATE 10.1.zip
      2017-10-24 10:52 - 2017-10-24 10:54 - 081818436 _____ C:\Users\Edu\Downloads\AGN 1.0 OPTION FILE....rar
      2017-10-23 09:33 - 2017-10-23 09:33 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
      2017-10-23 09:25 - 2017-10-23 09:44 - 523955456 _____ C:\Users\Edu\Downloads\OF ALBER 2017 DEFINITIVO A DIA 10092017.zip
      2017-10-23 09:25 - 2017-10-23 09:39 - 390775883 _____ C:\Users\Edu\Downloads\UPDATE TRANSFERS V9 1718 - 10092017.zip
      2017-10-23 09:24 - 2017-10-23 09:24 - 263610706 _____ C:\Users\Edu\Downloads\OF ALBER 2017 DEFINITIVO.zip
      2017-10-23 09:23 - 2017-09-13 16:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2017-10-23 09:23 - 2017-09-08 16:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2017-10-23 09:23 - 2017-09-08 16:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
      2017-10-23 09:23 - 2017-09-08 16:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
      2017-10-23 09:23 - 2017-09-08 16:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
      2017-10-23 09:23 - 2017-09-08 16:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
      2017-10-23 09:23 - 2017-09-08 16:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2017-10-23 09:23 - 2017-09-07 22:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2017-10-23 09:23 - 2017-09-07 22:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2017-10-23 09:23 - 2017-09-07 22:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2017-10-23 09:23 - 2017-09-07 21:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2017-10-23 09:23 - 2017-09-07 20:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2017-10-23 09:23 - 2017-09-07 20:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2017-10-23 09:23 - 2017-09-07 20:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2017-10-23 09:23 - 2017-09-07 20:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2017-10-23 09:23 - 2017-09-07 20:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2017-10-23 09:23 - 2017-09-07 20:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2017-10-23 09:23 - 2017-09-07 19:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2017-10-23 09:23 - 2017-09-07 19:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2017-10-23 09:23 - 2017-09-07 19:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2017-10-23 09:23 - 2017-09-07 19:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2017-10-23 09:23 - 2017-09-07 18:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2017-10-23 09:23 - 2017-08-19 16:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
      2017-10-23 09:23 - 2017-08-14 18:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
      2017-10-23 09:23 - 2017-08-14 18:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
      2017-10-23 09:23 - 2017-08-13 22:46 - 001112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
      2017-10-23 09:22 - 2017-09-13 16:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
      2017-10-23 09:22 - 2017-09-13 16:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2017-10-23 09:22 - 2017-09-13 16:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
      2017-10-23 09:22 - 2017-09-13 16:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
      2017-10-23 09:22 - 2017-09-13 16:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
      2017-10-23 09:22 - 2017-09-13 16:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
      2017-10-23 09:22 - 2017-09-13 16:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
      2017-10-23 09:22 - 2017-09-13 16:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
      2017-10-23 09:22 - 2017-09-13 16:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 16:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
      2017-10-23 09:22 - 2017-09-13 16:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
      2017-10-23 09:22 - 2017-09-13 16:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
      2017-10-23 09:22 - 2017-09-13 16:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
      2017-10-23 09:22 - 2017-09-13 16:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
      2017-10-23 09:22 - 2017-09-13 15:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
      2017-10-23 09:22 - 2017-09-13 15:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
      2017-10-23 09:22 - 2017-09-13 15:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
      2017-10-23 09:22 - 2017-09-13 15:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2017-10-23 09:22 - 2017-09-13 15:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
      2017-10-23 09:22 - 2017-09-13 15:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2017-10-23 09:22 - 2017-09-13 15:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
      2017-10-23 09:22 - 2017-09-13 15:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
      2017-10-23 09:22 - 2017-09-13 15:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
      2017-10-23 09:22 - 2017-09-13 15:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
      2017-10-23 09:22 - 2017-09-13 15:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
      2017-10-23 09:22 - 2017-09-13 15:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
      2017-10-23 09:22 - 2017-09-13 15:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 15:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 15:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 15:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
      2017-10-23 09:22 - 2017-09-13 15:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
      2017-10-23 09:22 - 2017-09-09 01:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2017-10-23 09:22 - 2017-09-09 00:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
      2017-10-23 09:22 - 2017-09-08 16:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
      2017-10-23 09:22 - 2017-09-08 16:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
      2017-10-23 09:22 - 2017-09-08 16:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
      2017-10-23 09:22 - 2017-09-08 16:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
      2017-10-23 09:22 - 2017-09-08 16:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
      2017-10-23 09:22 - 2017-09-08 16:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
      2017-10-23 09:22 - 2017-09-08 16:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
      2017-10-23 09:22 - 2017-09-08 16:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
      2017-10-23 09:22 - 2017-09-08 16:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
      2017-10-23 09:22 - 2017-09-08 16:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
      2017-10-23 09:22 - 2017-09-08 16:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
      2017-10-23 09:22 - 2017-09-08 16:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
      2017-10-23 09:22 - 2017-09-08 16:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
      2017-10-23 09:22 - 2017-09-08 16:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
      2017-10-23 09:22 - 2017-09-08 16:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
      2017-10-23 09:22 - 2017-09-08 16:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
      2017-10-23 09:22 - 2017-09-08 16:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
      2017-10-23 09:22 - 2017-09-08 16:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
      2017-10-23 09:22 - 2017-09-08 16:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
      2017-10-23 09:22 - 2017-09-08 16:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
      2017-10-23 09:22 - 2017-09-08 16:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
      2017-10-23 09:22 - 2017-09-08 16:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
      2017-10-23 09:22 - 2017-09-08 16:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
      2017-10-23 09:22 - 2017-09-08 16:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
      2017-10-23 09:22 - 2017-09-08 15:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
      2017-10-23 09:22 - 2017-09-08 15:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
      2017-10-23 09:22 - 2017-09-08 15:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
      2017-10-23 09:22 - 2017-09-08 15:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
      2017-10-23 09:22 - 2017-09-08 15:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
      2017-10-23 09:22 - 2017-09-07 22:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
      2017-10-23 09:22 - 2017-09-07 22:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
      2017-10-23 09:22 - 2017-09-07 22:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
      2017-10-23 09:22 - 2017-09-07 22:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2017-10-23 09:22 - 2017-09-07 22:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2017-10-23 09:22 - 2017-09-07 22:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2017-10-23 09:22 - 2017-09-07 22:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
      2017-10-23 09:22 - 2017-09-07 22:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
      2017-10-23 09:22 - 2017-09-07 22:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
      2017-10-23 09:22 - 2017-09-07 22:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2017-10-23 09:22 - 2017-09-07 22:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2017-10-23 09:22 - 2017-09-07 22:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
      2017-10-23 09:22 - 2017-09-07 22:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2017-10-23 09:22 - 2017-09-07 21:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
      2017-10-23 09:22 - 2017-09-07 21:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2017-10-23 09:22 - 2017-09-07 21:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
      2017-10-23 09:22 - 2017-09-07 21:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
      2017-10-23 09:22 - 2017-09-07 21:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
      2017-10-23 09:22 - 2017-09-07 21:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2017-10-23 09:22 - 2017-09-07 21:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
      2017-10-23 09:22 - 2017-09-07 21:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2017-10-23 09:22 - 2017-09-07 21:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
      2017-10-23 09:22 - 2017-09-07 21:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
      2017-10-23 09:22 - 2017-09-07 21:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2017-10-23 09:22 - 2017-09-07 21:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2017-10-23 09:22 - 2017-09-07 21:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2017-10-23 09:22 - 2017-09-07 21:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
      2017-10-23 09:22 - 2017-09-07 20:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
      2017-10-23 09:22 - 2017-09-07 20:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2017-10-23 09:22 - 2017-09-07 20:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
      2017-10-23 09:22 - 2017-09-07 20:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
      2017-10-23 09:22 - 2017-09-07 20:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
      2017-10-23 09:22 - 2017-09-07 20:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
      2017-10-23 09:22 - 2017-09-07 20:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
      2017-10-23 09:22 - 2017-09-07 20:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
      2017-10-23 09:22 - 2017-09-07 19:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
      2017-10-23 09:22 - 2017-09-07 19:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
      2017-10-23 09:22 - 2017-09-07 19:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
      2017-10-23 09:22 - 2017-09-07 19:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
      2017-10-23 09:22 - 2017-09-07 19:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
      2017-10-23 09:22 - 2017-09-07 19:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
      2017-10-23 09:22 - 2017-09-07 19:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
      2017-10-23 09:22 - 2017-09-07 19:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
      2017-10-23 09:22 - 2017-09-07 19:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
      2017-10-23 09:22 - 2017-09-07 19:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
      2017-10-23 09:22 - 2017-09-07 19:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
      2017-10-23 09:22 - 2017-09-07 19:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
      2017-10-23 09:22 - 2017-09-07 19:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
      2017-10-23 09:22 - 2017-09-07 19:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
      2017-10-23 09:22 - 2017-09-07 19:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
      2017-10-23 09:22 - 2017-09-07 18:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
      2017-10-23 09:22 - 2017-09-07 16:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
      2017-10-23 09:22 - 2017-09-07 16:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
      2017-10-23 09:22 - 2017-09-07 15:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2017-10-23 09:22 - 2017-09-07 15:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2017-10-23 09:22 - 2017-09-07 15:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2017-10-23 09:22 - 2017-08-19 16:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
      2017-10-23 09:22 - 2017-08-19 16:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
      2017-10-23 09:22 - 2017-08-19 16:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
      2017-10-23 09:22 - 2017-08-19 16:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
      2017-10-23 09:22 - 2017-08-19 16:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
      2017-10-23 09:22 - 2017-08-19 16:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
      2017-10-23 09:22 - 2017-08-19 16:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
      2017-10-23 09:22 - 2017-08-19 15:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
      2017-10-23 09:22 - 2017-08-19 15:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
      2017-10-23 09:22 - 2017-08-14 18:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
      2017-10-23 09:22 - 2017-08-13 22:45 - 000162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
      2017-10-23 09:22 - 2017-08-13 22:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
      2017-10-23 09:22 - 2017-08-13 22:45 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
      2017-10-23 09:20 - 2017-10-23 09:20 - 002493669 _____ C:\Users\Edu\Downloads\UPDATE 10.4.zip
      2017-10-16 16:15 - 2017-10-16 16:15 - 000028218 _____ C:\Users\Edu\Downloads\movimiento_INGDIRECT (24).pdf
      2017-10-15 12:45 - 2017-10-15 12:45 - 057465892 _____ C:\Users\Edu\Downloads\LM - 02- LM.rar
      2017-10-10 10:29 - 2017-10-10 10:29 - 000028224 _____ C:\Users\Edu\Downloads\movimiento_INGDIRECT (23).pdf
      2017-10-10 10:24 - 2017-10-10 10:24 - 000009982 _____ C:\Users\Edu\Downloads\Factura_Simplificada-248827.pdf
      2017-10-09 11:03 - 2017-10-09 11:04 - 000013824 _____ C:\Users\Edu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2017-10-08 18:42 - 2017-10-08 20:34 - 000000000 ____D C:\Users\Edu\Downloads\Audioslave - Like a Stone (Official Video)
      2017-10-06 18:25 - 2017-10-06 18:25 - 000000000 ____D C:\Users\Edu\Downloads\El Ultimo Ke Zierre - Ay, de mí! (Álbum Completo)

    4. #14
      Usuario Avatar de Nestares
      Registrado
      ene 2017
      Ubicación
      España
      Mensajes
      24

      Re: Virus en google chorme

      FRT 3

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-04 18:39 - 2013-07-31 19:05 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2017-11-04 12:25 - 2013-07-31 19:33 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-11-04 07:40 - 2009-07-14 05:45 - 000023632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-11-04 07:40 - 2009-07-14 05:45 - 000023632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-11-03 19:20 - 2015-01-15 10:57 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
      2017-11-03 16:36 - 2015-01-05 17:47 - 000000000 ____D C:\Users\Edu\AppData\Local\JDownloader 2.0
      2017-11-03 12:18 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
      2017-11-03 12:17 - 2017-07-07 11:43 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-03 12:17 - 2017-07-07 11:43 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-03 12:17 - 2013-07-31 19:32 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
      2017-11-03 12:17 - 2013-07-31 19:32 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2017-11-03 12:16 - 2017-07-07 11:43 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-03 12:16 - 2017-07-07 11:43 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-03 12:16 - 2017-07-07 11:43 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-03 12:16 - 2017-07-07 11:43 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-03 12:16 - 2017-07-07 11:43 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-03 12:16 - 2017-07-07 11:43 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-11-03 12:16 - 2013-07-31 19:32 - 000000000 ____D C:\Program Files\NVIDIA Corporation
      2017-11-03 10:46 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-11-03 10:44 - 2017-01-21 18:52 - 000000000 ____D C:\AdwCleaner
      2017-11-03 09:52 - 2017-05-02 23:39 - 000000000 ____D C:\Users\Edu\Desktop\DS4Windows
      2017-11-01 19:28 - 2013-07-31 17:47 - 000000000 ____D C:\Users\Edu\AppData\Roaming\uTorrent
      2017-11-01 18:47 - 2017-07-19 19:54 - 000000000 ____D C:\Users\Edu\AppData\Local\CrashDumps
      2017-11-01 15:03 - 2013-12-02 18:25 - 000000000 ___RD C:\Users\Edu\Desktop\Juegos
      2017-11-01 12:47 - 2013-07-31 17:44 - 000000000 ___RD C:\Users\Edu\Desktop\Programas
      2017-11-01 12:32 - 2014-11-18 16:03 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
      2017-11-01 10:41 - 2013-07-31 17:43 - 000000000 ____D C:\Program Files (x86)\Google
      2017-11-01 10:28 - 2013-09-04 16:50 - 000000000 ____D C:\Users\Edu\Documents\Letras y tablaturas
      2017-11-01 10:18 - 2009-07-14 10:31 - 000821872 _____ C:\Windows\system32\perfh00A.dat
      2017-11-01 10:18 - 2009-07-14 10:31 - 000188098 _____ C:\Windows\system32\perfc00A.dat
      2017-11-01 10:18 - 2009-07-14 06:13 - 001887126 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-10-31 21:07 - 2017-10-04 17:22 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
      2017-10-31 21:07 - 2017-08-28 21:48 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
      2017-10-31 21:07 - 2017-07-30 17:49 - 000001279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente del gestor de contenido para PlayStation(R).lnk
      2017-10-31 21:07 - 2017-07-20 18:54 - 000000980 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      2017-10-31 21:07 - 2017-07-18 16:57 - 000001028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
      2017-10-31 21:07 - 2017-07-18 16:52 - 000001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
      2017-10-31 21:07 - 2017-05-11 18:46 - 000000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProgramaSaalDesign.lnk
      2017-10-31 21:07 - 2016-06-30 18:09 - 000001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
      2017-10-31 21:07 - 2016-06-30 18:09 - 000001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
      2017-10-31 21:07 - 2015-11-24 10:01 - 000001327 _____ C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Horizon.lnk
      2017-10-31 21:07 - 2015-11-11 11:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2017-10-31 21:07 - 2015-08-10 16:07 - 000002185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
      2017-10-31 21:07 - 2015-01-13 20:09 - 000001877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
      2017-10-31 21:07 - 2014-02-04 13:38 - 000001743 _____ C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
      2017-10-31 21:07 - 2013-09-17 20:11 - 000000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
      2017-10-31 21:07 - 2013-07-31 21:50 - 000002001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
      2017-10-31 21:07 - 2013-07-31 21:50 - 000001945 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
      2017-10-31 21:07 - 2013-07-31 21:50 - 000001924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
      2017-10-31 21:07 - 2013-07-31 17:40 - 000001013 _____ C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
      2017-10-31 21:07 - 2013-07-31 17:38 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
      2017-10-31 21:07 - 2013-07-31 17:38 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
      2017-10-31 21:07 - 2009-07-14 06:01 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
      2017-10-31 21:07 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
      2017-10-31 21:07 - 2009-07-14 05:57 - 000001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
      2017-10-31 21:07 - 2009-07-14 05:57 - 000001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
      2017-10-31 21:07 - 2009-07-14 05:54 - 000001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
      2017-10-31 21:07 - 2009-07-14 05:49 - 000001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
      2017-10-31 21:06 - 2017-05-30 09:24 - 000001080 _____ C:\Users\Edu\Desktop\DS4Windows.lnk
      2017-10-31 21:06 - 2016-04-19 19:02 - 000001701 _____ C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
      2017-10-31 21:06 - 2013-09-09 17:59 - 000001051 _____ C:\Users\Edu\Desktop\Letras y tablaturas.lnk
      2017-10-31 21:06 - 2013-07-31 18:14 - 000000791 _____ C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
      2017-10-31 21:04 - 2015-07-07 15:05 - 000000000 ____D C:\Windows\Downloaded Installations
      2017-10-31 21:02 - 2017-07-20 18:54 - 000000000 ____D C:\Users\Edu\AppData\LocalLow\Mozilla
      2017-10-31 20:54 - 2017-07-20 18:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2017-10-31 20:46 - 2016-10-09 22:47 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
      2017-10-31 20:44 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\SFP Distory Clocks Editor
      2017-10-31 20:06 - 2017-07-30 17:31 - 000000000 ____D C:\Users\Edu\AppData\Roaming\psvimgtools-frontend
      2017-10-31 20:06 - 2015-08-29 00:09 - 000000155 _____ C:\Windows\EPSMTL32.TXT
      2017-10-31 20:01 - 2015-08-29 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
      2017-10-31 20:00 - 2017-05-25 20:18 - 000000000 ____D C:\Users\Edu\AppData\Local\citra
      2017-10-31 20:00 - 2015-08-24 11:41 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.1
      2017-10-31 19:55 - 2017-07-20 18:54 - 000000000 ____D C:\Users\Edu\AppData\Local\Mozilla
      2017-10-31 19:52 - 2017-08-10 11:11 - 000000008 __RSH C:\ProgramData\ntuser.pol
      2017-10-31 19:52 - 2013-07-31 17:39 - 000000000 ____D C:\Users\Edu
      2017-10-31 19:39 - 2017-10-04 17:28 - 000000000 ____D C:\Program Files\iTunes
      2017-10-31 19:38 - 2017-10-04 17:29 - 000000000 ____D C:\Program Files\iPod
      2017-10-31 19:38 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Photo Viewer
      2017-10-31 17:34 - 2017-05-04 21:45 - 000000000 ____D C:\Users\Edu\Documents\CPY_SAVES
      2017-10-31 17:19 - 2015-01-07 12:32 - 000000000 ____D C:\ProgramData\KONAMI
      2017-10-31 17:19 - 2015-01-07 11:55 - 000000000 ____D C:\Users\Edu\Documents\KONAMI
      2017-10-30 21:24 - 2016-10-09 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
      2017-10-30 21:24 - 2016-10-09 18:26 - 000000000 ____D C:\GOG Games
      2017-10-30 21:23 - 2016-10-09 11:05 - 000000000 ____D C:\Users\Edu\AppData\Local\Daedalic Entertainment GmbH
      2017-10-30 21:23 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
      2017-10-30 19:54 - 2017-05-23 19:23 - 000000000 ____D C:\Users\Edu\AppData\LocalLow\uTorrent
      2017-10-30 17:27 - 2017-04-27 15:47 - 000012585 _____ C:\Users\Edu\Documents\Netflix pagos.xlsx
      2017-10-26 11:21 - 2015-11-07 23:04 - 001117184 ___SH C:\Users\Edu\Desktop\Thumbs.db
      2017-10-25 13:27 - 2017-01-18 16:08 - 000004468 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2017-10-25 13:27 - 2013-08-27 06:11 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2017-10-25 13:27 - 2013-08-27 06:11 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2017-10-25 13:27 - 2013-08-27 06:11 - 000000000 ____D C:\Windows\system32\Macromed
      2017-10-25 13:27 - 2013-07-31 19:05 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2017-10-24 11:54 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
      2017-10-24 10:30 - 2009-07-14 05:45 - 005189456 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-10-23 12:35 - 2014-10-16 09:09 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
      2017-10-23 12:35 - 2014-10-16 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2017-10-23 12:35 - 2014-10-16 09:09 - 000000000 ____D C:\Program Files (x86)\Java
      2017-10-23 12:35 - 2013-10-21 17:34 - 000000000 ____D C:\ProgramData\Oracle
      2017-10-23 09:38 - 2013-07-31 20:08 - 000000000 ____D C:\Windows\system32\MRT
      2017-10-23 09:33 - 2013-07-31 19:38 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2017-10-23 09:31 - 2013-10-10 21:48 - 001860776 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
      2017-10-23 09:27 - 2009-07-14 03:34 - 000000580 _____ C:\Windows\win.ini
      2017-10-17 18:06 - 2016-10-25 15:42 - 000000000 ____D C:\ProgramData\MEGAsync
      2017-10-17 18:05 - 2016-10-25 15:43 - 000000000 ___RD C:\Users\Edu\Documents\MEGA
      2017-10-13 21:03 - 2014-02-04 13:38 - 000000000 ____D C:\Users\Edu\AppData\Local\Spotify
      2017-10-13 21:03 - 2014-02-04 13:37 - 000000000 ____D C:\Users\Edu\AppData\Roaming\Spotify
      2017-10-11 02:05 - 2017-07-07 11:43 - 001796032 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
      2017-10-11 02:05 - 2017-07-07 11:43 - 001577920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
      2017-10-11 02:05 - 2017-07-07 11:43 - 000918976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
      2017-10-11 02:05 - 2017-07-07 11:39 - 000186304 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
      2017-10-11 02:05 - 2017-07-07 11:39 - 000152512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
      2017-10-11 00:26 - 2017-07-07 11:43 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat

      ==================== Files in the root of some directories =======

      2017-10-09 11:03 - 2017-10-09 11:04 - 000013824 _____ () C:\Users\Edu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2017-01-18 20:27 - 2017-01-18 20:27 - 000000017 _____ () C:\Users\Edu\AppData\Local\resmon.resmoncfg

      Some files in TEMP:
      ====================
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\03xsS7E0tz0Q.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\2QcQCw9CK08F.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\2QCycQwGnWLO.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\4fJ6xB51fHQk.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\6nf25mmiPR0C.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\6qtQmBNTOU6I.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\7JEHZflbjUzT.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\7lBUpwO3aL5q.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\7LTWk37jCBg8.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000192000 _____ () C:\Users\Edu\AppData\Local\Temp\7MeKoH7pjUDm.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 021454848 _____ () C:\Users\Edu\AppData\Local\Temp\8iKWdBia5axj.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\A1pjVtbRhVXz.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\ahY4baMctlvF.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 028450816 _____ () C:\Users\Edu\AppData\Local\Temp\ALmHVvG9iema.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\apMO3Zgh9ftr.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\BXNVGG6IJ6D9.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\C1M8NWsmEtAj.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\cKt8b51GW6j9.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000386580 _____ () C:\Users\Edu\AppData\Local\Temp\E4EHM9Me599f.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\FAiS3U9yhFGq.exe
      2017-10-31 19:38 - 2017-10-31 19:38 - 000386580 _____ () C:\Users\Edu\AppData\Local\Temp\ffQZY7x03fqS.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 040394752 _____ () C:\Users\Edu\AppData\Local\Temp\fWCgrJn1Yj5A.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000341504 ____N () C:\Users\Edu\AppData\Local\Temp\FyBFeWB7EnCi.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\gWEIm2gtvee6.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\h20nWT1YR2GD.exe
      2017-10-31 19:38 - 2017-10-31 19:38 - 002643640 _____ () C:\Users\Edu\AppData\Local\Temp\HWOq0u8Yqtze.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\I5gGZ8ROYqD6.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\I8boa4YpTvWj.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\Iv9VXbyZRZpS.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\LuxK335UfhlL.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\M3H748ntQFyJ.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\N27JUfgdJYYx.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000192000 _____ () C:\Users\Edu\AppData\Local\Temp\onUK0gxwOUIs.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\oXlgLcO7BiMK.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\oXwQuMGbDeqf.exe
      2017-10-31 23:48 - 2017-10-31 23:48 - 000040448 _____ () C:\Users\Edu\AppData\Local\Temp\proxy_vole8912392664985638211.dll
      2017-10-31 19:39 - 2017-10-31 19:40 - 010526720 _____ () C:\Users\Edu\AppData\Local\Temp\PYCUAYuj279E.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\qXcgwYdvizpn.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\RAnYlP2QYcEp.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\RrWMpL6N5EHv.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000386580 _____ () C:\Users\Edu\AppData\Local\Temp\Sdolm66DemA6.exe
      2017-10-31 19:36 - 2017-10-31 19:37 - 002643640 _____ () C:\Users\Edu\AppData\Local\Temp\seLf1hJ3lVrC.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 040706048 _____ () C:\Users\Edu\AppData\Local\Temp\ssLV3wYqB8iO.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\SUdYltsp2LVC.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\TMpFm5LTLsdC.exe
      2017-10-31 19:56 - 2017-10-31 19:56 - 000046924 _____ () C:\Users\Edu\AppData\Local\Temp\tu17p84.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\uJh6JGJOy4PE.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\uOWOaVvF7sD6.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\vIwbliJhViCP.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\WgZliSBEOZyw.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\WqWsY8zGNLp8.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\YCze1Zk6Z32V.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 035627008 _____ () C:\Users\Edu\AppData\Local\Temp\YR4JUhJAhaHE.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 001264104 _____ () C:\Users\Edu\AppData\Local\Temp\zQSaMYCfh16X.exe

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-10-30 00:11

      ==================== End of FRST.txt ============================

    5. #15
      Usuario Avatar de Nestares
      Registrado
      ene 2017
      Ubicación
      España
      Mensajes
      24

      Re: Virus en google chorme

      Reporte Addition:

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
      Ran by Edu (04-11-2017 19:03:36)
      Running from C:\Users\Edu\Desktop
      Windows 7 Ultimate Service Pack 1 (X64) (2013-07-31 16:39:56)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-117417332-1347312225-1001307004-500 - Administrator - Disabled)
      Edu (S-1-5-21-117417332-1347312225-1001307004-1000 - Administrator - Enabled) => C:\Users\Edu
      HomeGroupUser$ (S-1-5-21-117417332-1347312225-1001307004-1007 - Limited - Enabled)
      Invitado (S-1-5-21-117417332-1347312225-1001307004-501 - Limited - Enabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      µTorrent (HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
      7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
      abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - )
      Actualización de NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
      Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
      Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
      Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.183 - Adobe Systems Incorporated)
      Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
      Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
      Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
      Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
      Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
      AIDA64 Extreme Edition v2.80 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.80 - FinalWire Ltd.)
      Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden
      Any Audio Converter 5.8.2 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)
      Any Video Converter 5.6.3 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
      Apple Application Support (32 bits) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
      Apple Application Support (64 bits) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
      Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
      Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
      ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
      Asistente del gestor de contenido para PlayStation(R) (HKLM-x32\...\{E5C1C342-5E78-4D91-85BE-40C716B09391}) (Version: 3.55.7671.0901 - Sony Computer Entertainment Inc.)
      bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
      BlueStacks App Player (HKLM-x32\...\{2A19A03A-A339-4697-99A4-EBA3D035D41A}) (Version: 2.2.19.6015 - BlueStack Systems, Inc.)
      Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
      Carmageddon_Reincarnation (HKLM-x32\...\Carmageddon_Reincarnation_is1) (Version: - )
      CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
      Corel Graphics - Windows Shell Extension (HKLM\...\_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}) (Version: 16.1.0.843 - Corel Corporation)
      Corel Graphics - Windows Shell Extension (HKLM\...\{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}) (Version: 16.1.843 - Corel Corporation) Hidden
      Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{0CEA94E0-E6F4-4F2D-AA98-D0EFD6833754}) (Version: 16.1.843 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Capture (x64) (HKLM\...\{1967EF95-E00B-4669-8B1C-A589BE8BF24F}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Common (x64) (HKLM\...\{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Connect (x64) (HKLM\...\{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Custom Data (x64) (HKLM\...\{7386B5FA-8715-481D-821F-7785110506DF}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Draw (x64) (HKLM\...\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - ES (x64) (HKLM\...\{839546C9-2E4E-4A42-B0D4-22E05E92E7AA}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Filters (x64) (HKLM\...\{E699230D-4B5E-411E-9F45-FF50789B18DD}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - FontNav (x64) (HKLM\...\{3933C06C-8239-432B-87FC-F2BDC5B49A10}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - IPM (HKLM\...\{B6DF7031-2843-44FD-9CAB-DECAB4257456}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (HKLM\...\{D7C2687D-924E-4485-B367-C7D95CBF8DDD}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (HKLM\...\{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Redist (x64) (HKLM\...\{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Setup Files (x64) (HKLM\...\{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - VBA (x64) (HKLM\...\{10762393-1B90-4AC2-AF1A-4C0C04AE303F}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (HKLM\...\{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - VSTA (x64) (HKLM\...\{1E3A578C-0A7D-4820-990F-B7545C0B2303}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 - Writing Tools (x64) (HKLM\...\{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}) (Version: 16.1 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1.0.843 - Corel Corporation)
      CorelDRAW Graphics Suite X6 (x64) (HKLM\...\{CCE7423E-1D84-4CD3-9E32-220EC9358D97}) (Version: 16.1 - Corel Corporation) Hidden
      CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
      CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1129 - CyberLink Corp.)
      D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.1.0.0489 - Disc Soft Ltd)
      Desinstalación de CopyTrans Control Center solamente (HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
      Easy Drive Data Recovery (HKLM-x32\...\Easy Drive Data Recovery) (Version: 3.0 - MunSoft)
      eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2133 - Steinberg Media Technologies GmbH)
      Epson Universal Laser P5 (HKLM\...\Epson Universal Laser P5) (Version: - )
      EpsonNet Config V1 (HKLM-x32\...\{7088EC18-1D00-43EA-B37B-608E71D88A5D}) (Version: - )
      EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
      EpsonNet SetupManager (HKLM-x32\...\{BB828C7B-44A6-4A83-A96E-EF80B8680B8D}) (Version: 1.7.2 - SEIKO EPSON CORPORATION) Hidden
      EpsonNet SetupManager (HKLM-x32\...\InstallShield_{BB828C7B-44A6-4A83-A96E-EF80B8680B8D}) (Version: 1.7.2 - SEIKO EPSON CORPORATION)
      EpsonNet WebManager (HKLM-x32\...\{E1D18A78-5A44-11D6-A296-000102985B39}) (Version: - )
      eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
      EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.1.0 - Toontrack)
      EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.0 - Toontrack)
      EZXClaustrophobic (HKLM-x32\...\{8094F7AE-CA21-4AF2-A256-BC918CE0E796}) (Version: 1.0 - Toontrack)
      EZXCocktail (HKLM-x32\...\{147567F0-8575-4BE0-B5B3-62706C67FA5A}) (Version: 1.0 - Toontrack)
      EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
      EZXFunkmasters (HKLM-x32\...\{BB5A44CB-3045-43E2-BEB0-B64E477D4633}) (Version: 1.0.0 - Toontrack)
      EZXJazz (HKLM-x32\...\{EED8D44F-CEBB-4298-8D0E-E01AF6AC0663}) (Version: 1.0.0 - Toontrack)
      EZXNashville (HKLM-x32\...\{82DF9225-13EC-41BD-BE31-AAB121B38166}) (Version: 1.0 - Toontrack)
      EZXPercussion (HKLM-x32\...\{2CC4BC82-41CF-43D3-B533-7283AA8BB86F}) (Version: 1.0 - Toontrack)
      EZXTwisted (HKLM-x32\...\{D1EBF11E-8CE3-4EF5-8E2D-FD5B8D6BD294}) (Version: 1.0 - Toontrack)
      EZXVintage (HKLM-x32\...\{430399DC-98BC-4A7F-8F8E-77981CABAE05}) (Version: 1.0 - Toontrack)
      Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
      FlacSquisher 1.3.8 (HKLM-x32\...\FlacSquisher) (Version: 1.3.8 - FlacSquisher)
      FlatOut 4 Total Insanity (HKLM-x32\...\FlatOut 4 Total Insanity_is1) (Version: - )
      Free Mp3 Wma Converter V 1.5.3 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: - Renan Broquin)
      Free Studio version 6.5.4.805 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.4.805 - DVDVideoSoft Ltd.)
      Freemake Video Converter versión 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
      Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      GDR 5520 para SQL Server 2008 (KB2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
      GDR 5538 para SQL Server 2008 (KB3045305) (HKLM-x32\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
      GonVisor 2.45.01 (HKLM-x32\...\GonVisor_is1) (Version: - GON)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.75 - Google Inc.)
      Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
      Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
      Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
      Herramienta de descarga USB/DVD de Windows 7 (HKLM-x32\...\{266F443F-A296-406F-9EE8-DF4A1061C6CE}) (Version: 1.0.30 - Microsoft Corporation)
      Horizon (HKLM-x32\...\{C1D4496A-E2BB-49A6-BBAF-307E15190A49}) (Version: 2.8.12 - Daring Development Inc.) Hidden
      Horizon (HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\{257ffc6a-7236-46bc-b629-33e8653018ef}) (Version: 2.8.12 - Daring Development Inc.)
      Horizon v2.8.9.1 (HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\d4cfeebc-b821-40b7-9f81-d366b1466f04_is1) (Version: 2.8.9.1 - Daring Development Inc.)
      ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
      Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
      Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
      Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
      iTunes (HKLM\...\{8251BA2E-05A9-441D-BC6D-B3A3B3E133F4}) (Version: 12.7.0.166 - Apple Inc.)
      Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
      JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
      JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
      jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
      K-Lite Codec Pack 13.3.3 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.3.3 - KLCP)
      Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
      Malwarebytes versión 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
      MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
      MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
      MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
      Microsoft .NET Framework 4.7 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02053 - Microsoft Corporation)
      Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
      Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
      Microsoft SQL Server 2008 Browser (HKLM-x32\...\{10E05081-646C-4130-A166-83283A3A0A45}) (Version: 10.3.5500.0 - Microsoft Corporation)
      Microsoft SQL Server 2008 Native Client (HKLM\...\{0ECCC2CC-F361-4325-A0FE-FAF1AD784BBD}) (Version: 10.3.5500.0 - Microsoft Corporation)
      Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{59C245FC-343C-4FEC-B3CB-B6F12B561C20}) (Version: 10.3.5538.0 - Microsoft Corporation)
      Microsoft SQL Server VSS Writer (HKLM\...\{DE63A8FE-80A6-4CA3-ACEA-F954B6370596}) (Version: 10.3.5500.0 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation)
      Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation)
      Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation)
      Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24406 (HKLM\...\{5F66DC83-1294-37C2-8F20-80B67FE08C3F}) (Version: 14.0.24406 - Microsoft Corporation)
      Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24406 (HKLM\...\{4669489D-D5F2-3A8E-BA68-B0DB3D58AD01}) (Version: 14.0.24406 - Microsoft Corporation)
      Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24406 (HKLM-x32\...\{16A41EF3-F204-3338-8EAC-623EE6BE05CC}) (Version: 14.0.24406 - Microsoft Corporation)
      Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24406 (HKLM-x32\...\{E8FA32DC-301E-32C5-8B4E-811C3B62CC4B}) (Version: 14.0.24406 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{7C0242A3-8B66-35D1-9FE0-13B426ACB609}) (Version: 10.0.60729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM-x32\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
      Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
      Might And Magic Heroes IV Repack (HKLM-x32\...\Might And Magic Heroes IV Repack) (Version: - )
      Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version: - )
      Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Mozilla Firefox 54.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 54.0.1 (x64 es-ES)) (Version: 54.0.1 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
      MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
      MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
      Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
      Native Instruments Guitar Rig 4 (HKLM-x32\...\Native Instruments Guitar Rig 4) (Version: - Native Instruments)
      Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version: - Native Instruments)
      Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
      Native Instruments Session IO Driver (HKLM-x32\...\Native Instruments Session IO Driver) (Version: - Native Instruments)
      Need for Speed Most Wanted Limited Edition (HKLM-x32\...\Need for Speed Most Wanted Limited Edition_is1) (Version: 1.0 - PLAZA)
      Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
      NVIDIA Controlador de 3D Vision 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.76 - NVIDIA Corporation)
      NVIDIA Controlador de audio HD 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
      NVIDIA Controlador de gráficos 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation)
      NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
      NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
      NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
      Panel de control de NVIDIA 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 384.76 - NVIDIA Corporation) Hidden
      Paquete de controladores de Windows - Microsoft PS Vita Type B (02/22/2013 6.1.7600.16385) (HKLM\...\A0EC80B5719D4DA4CF40C9219D7CB9CCAD6DBA40) (Version: 02/22/2013 6.1.7600.16385 - Microsoft)
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
      PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.0.02.09290 - Sony Corporation)
      PMB_ModeEditor (HKLM-x32\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden
      PMB_ServiceUploader (HKLM-x32\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 10.0.02 - Sony Corporation) Hidden
      PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
      Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
      Pro Evolution Soccer 2018 (HKLM-x32\...\{9C9C432B-A926-42D1-B16D-6C566431AC59}_is1) (Version: - Konami)
      Programa Saal Design (HKLM-x32\...\{CB151870-B711-E4E0-EDC2-19D7A047E986}) (Version: 4.1 - Saal Digital Fotoservice GmbH) Hidden
      Programa Saal Design (HKLM-x32\...\ProgramaSaalDesign) (Version: 4.1 - Saal Digital Fotoservice GmbH)
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
      Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation)
      RiffWorks T4 (HKLM-x32\...\RiffWorks T4) (Version: 2.2.1 - Sonoma Wire Works)
      Saga Commandos (HKLM-x32\...\Saga Commandos_is1) (Version: Saga Commandos - )
      Scalextric Track Designer v1.1.2 (HKLM-x32\...\Scalextric Track Designer_is1) (Version: - A-Lab Software Limited)
      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
      Service Pack 3 para SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
      Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
      Solid Edge ST6 (HKLM\...\{132B6ABB-431A-4DDA-8861-914AB7B0325A}) (Version: 106.00.00100 - Siemens)
      Solid Edge Standard Parts Administrator (HKLM\...\{5EAD6A05-7ECB-4689-90E3-AD0EF7AD1861}) (Version: 106.00.00100 - Siemens)
      Spotify (HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\Spotify) (Version: 1.0.57.474.gca9c9538 - Spotify AB)
      Spotydl 0.9.36.0 (HKLM-x32\...\Spotydl_is1) (Version: 0.9.36.0 - spotydl.com)
      Sql Server Customer Experience Improvement Program (HKLM-x32\...\{C965F01C-76EA-4BD7-973E-46236AE312D7}) (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
      Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.6 - Steinberg Media Technologies GmbH)
      Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
      Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
      Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
      Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
      Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
      Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
      Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
      Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
      Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
      Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
      Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
      Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
      Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
      Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
      Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
      Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
      Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
      Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
      The Flame in the Flood (HKLM-x32\...\1452692111_is1) (Version: 2.0.0.2 - GOG.com)
      TP-LINK TL-WN781ND Driver (HKLM-x32\...\{87C7B472-9BC2-43C8-9F03-86D2908E1A51}) (Version: 1.2.1 - TP-LINK)
      TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.2.1 - TP-LINK)
      Trials Evolution - Gold Edition (HKLM-x32\...\Trials Evolution - Gold Edition_is1) (Version: - )
      Uplay (HKLM-x32\...\Uplay) (Version: 3.2 - Ubisoft)
      Veoh Web Player (HKLM-x32\...\Veoh Web Player Beta) (Version: 1.1.2.0000 - Veoh Networks, Inc.)
      VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
      Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
      Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
      Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
      WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
      WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
      Wondershare PDF Converter Pro (Build 4.0.1) (HKLM-x32\...\{67CC8351-9D8B-4EDF-AAEE-B8CB17E5F3AC}_is1) (Version: 4.0.1 - Wondershare Software)
      Worms World Party Remastered (HKLM-x32\...\1433238834_is1) (Version: 2.1.0.2 - GOG.com)
      Yamaha Steinberg USB Driver (HKLM\...\{BD21DB89-00D4-4D6D-9614-E35A5DE792C6}) (Version: 1.7.1 - Yamaha Corporation) Hidden
      Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{BD21DB89-00D4-4D6D-9614-E35A5DE792C6}) (Version: 1.7.1 - Yamaha Corporation)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [TortoiseOverlay] -> {CBF88FC2-F150-4F29-BC80-CE30EFD1B62C} => C:\Users\Edu\AppData\Roaming\Tortoise\TortoiseOverlay.dll [2017-10-31] ()
      ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-17] ()
      ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
      ContextMenuHandlers1-x32: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
      ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
      ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
      ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft Development Team)
      ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft Development Team)
      ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
      ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-17] ()
      ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
      ContextMenuHandlers4-x32: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-27] (NVIDIA Corporation)
      ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
      ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {13BBCD20-0539-4467-982F-F7B5FB53D35B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
      Task: {16B3D5B6-6B3B-430C-9DD8-16FAA890D2EA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
      Task: {28222692-A8A7-442E-ADAF-EFFC6412EC42} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated)
      Task: {2EFB7174-4A1D-4631-AA7C-910F31ECC2A5} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-07-07] ()
      Task: {2F18FBE5-BBF2-43B8-9168-B28F11791D17} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
      Task: {363C3119-C152-4361-B4F4-3D27881ECA07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-21] (Google Inc.)
      Task: {393B787E-3C15-4C54-974C-4F5A29CB3B5B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
      Task: {3B747146-AD6D-4AF5-B401-D40F1BFBAAA9} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
      Task: {51F6C87B-9445-4F8A-A55D-F5137A18EBD2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
      Task: {5286EF8F-BF4F-4B1E-B486-BABE6C469271} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
      Task: {54C76E67-89C0-4D84-9632-C2A945D477DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
      Task: {6F247872-6A39-4E23-8204-9D8BE1C79A51} - System32\Tasks\{E9326759-40A8-1B33-19B6-F46B837AD563} => C:\PROGRA~2\FASTDA~1\FASTDA~1.EXE
      Task: {7858CEA4-99E8-4C5E-9AEB-C1710DF5FF23} - System32\Tasks\{F15EEE58-FE14-49EB-A1FA-9DA13ED8BA28} => C:\Windows\system32\pcalua.exe -a C:\Users\Edu\Desktop\Setup_FreeConverter.exe -d C:\Users\Edu\Desktop
      Task: {7BE5D34A-23FF-47DB-94F7-F896455E7279} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
      Task: {81EB8C9B-6353-48CC-AC59-C155E53857C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-21] (Google Inc.)
      Task: {8BCBF637-AC0B-4A9B-9990-D52FCDC4918D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
      Task: {B25E8D5B-D477-4490-968B-7F9C2AB98C12} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
      Task: {B6ED0E0C-3238-4876-A253-2AF669C82DF4} - System32\Tasks\{75EDD0C9-6F04-4621-B59B-140346911DD8} => C:\Users\Edu\Desktop\3DM-rocksmith\Rocksmith2014.exe
      Task: {BFB59BD2-A243-4496-9254-8DD99619D63E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
      Task: {C09847FF-EF90-4D5C-B2C8-4CC79EBD5390} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
      Task: {D1812E97-723C-49AD-AA2F-1342E03FD808} - System32\Tasks\SFP Distory Clocks Editor => C:\Windows\system32\rundll32.exe "C:\Program Files\SFP Distory Clocks Editor\SFP Distory Clocks Editor.dll",cAZLrpNSnYKz <==== ATTENTION
      Task: {D866FB50-115E-44A4-8498-4FA645297389} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
      Task: {DC10404E-97AD-432A-9568-7B4724BDF64E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-10-25] (Adobe Systems Incorporated)
      Task: {DF4AD209-1CDD-4E25-9340-ABFA8DFB98CA} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
      Task: {F16775F0-0A33-4499-8F36-1F2CCF27378D} - System32\Tasks\XboxStatTask => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [2009-09-30] (Microsoft Corporation)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2013-07-31 19:32 - 2017-06-27 22:03 - 000133568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
      2013-08-28 17:51 - 2012-10-04 18:49 - 000087152 _____ () C:\Windows\System32\cpwmon64.dll
      2017-09-01 01:49 - 2017-09-01 01:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
      2017-05-08 23:44 - 2017-05-08 23:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
      2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
      2017-10-31 19:40 - 2017-10-31 19:40 - 000148992 _____ () C:\Users\Edu\AppData\Roaming\Tortoise\TortoiseOverlay.dll
      2014-05-01 15:13 - 2017-10-17 18:06 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
      2015-08-29 09:31 - 2004-02-09 09:16 - 000126976 _____ () C:\Program Files (x86)\EpsonNet\common\bin\ensrvmgr.exe
      2015-08-29 09:31 - 2004-03-23 15:54 - 000524288 _____ () C:\Program Files (x86)\EpsonNet\common\bin\emwchsrv.exe
      2017-11-01 12:44 - 2017-11-01 14:54 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-11-01 12:44 - 2017-11-01 14:54 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
      2015-09-03 19:03 - 2004-02-10 17:02 - 000372736 _____ () C:\Program Files (x86)\EpsonNet\EpsonNet SOAP Server\bin\emsoaprr.exe
      2015-09-03 19:03 - 2004-02-09 09:06 - 000380928 _____ () C:\Program Files (x86)\EpsonNet\EpsonNet Web Pages Service\bin\ewpsrr.exe
      2015-08-29 09:31 - 2004-02-09 09:13 - 000118784 _____ () C:\Program Files (x86)\EpsonNet\common\bin\emalmmon.exe
      2017-09-11 13:45 - 2017-09-11 13:45 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
      2017-09-11 13:45 - 2017-09-11 13:45 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
      2017-05-02 23:39 - 2016-10-08 22:17 - 003168256 _____ () C:\Users\Edu\Desktop\DS4Windows\DS4Windows.exe
      2017-11-03 11:16 - 2017-11-03 11:16 - 000566439 _____ () C:\Users\Edu\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
      2017-11-03 11:16 - 2017-11-03 11:16 - 004078962 _____ () C:\Users\Edu\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
      2017-07-07 11:43 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-11-01 10:41 - 2017-10-26 07:30 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.75\libglesv2.dll
      2017-11-01 10:41 - 2017-10-26 07:30 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.75\libegl.dll
      2015-08-29 09:31 - 2003-01-14 12:35 - 000040960 _____ () C:\Program Files (x86)\EpsonNet\common\bin\entrace.dll
      2015-09-03 19:03 - 2003-07-29 09:48 - 000327680 _____ () C:\Program Files (x86)\EpsonNet\common\bin\emmibgw.dll
      2015-09-03 19:03 - 2000-06-01 13:35 - 000040960 _____ () C:\Program Files (x86)\EpsonNet\common\bin\empingi.dll
      2015-09-03 19:03 - 2000-01-14 12:44 - 000348160 _____ () C:\Program Files (x86)\EpsonNet\common\bin\ctreestd.dll
      2013-07-31 20:33 - 2012-06-25 03:41 - 001198912 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
      2017-07-07 11:43 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2017-07-18 17:03 - 2017-08-17 23:10 - 000002287 _____ C:\Windows\system32\Drivers\etc\hosts

      0.0.0.0 stats.hamrick.com
      0.0.0.0 static.hamrick.com
      0.0.0.0 VueScan Scanner Software for Windows, Mac OS X and Linux
      0.0.0.0 keystone.mwbsys.com
      0.0.0.0 data.service.malwarebytes.org
      0.0.0.0 telemetry.malwarebytes.com
      127.0.0.1 98.129.229.186
      127.0.0.1 Internet Assigned Numbers Authority
      127.0.0.1 iana.org# ::1 localhost
      127.0.0.1 activate.adobe.com
      127.0.0.1 practivate.adobe.com
      127.0.0.1 lmlicenses.wip4.adobe.com
      127.0.0.1 lm.licenses.adobe.com
      127.0.0.1 na1r.services.adobe.com
      127.0.0.1 hlrcv.stage.adobe.com
      127.0.0.1 licensing.ultraedit.com
      127.0.0.1 licensing2.ultraedit.com
      127.0.0.1 activation.cloud.techsmith.com
      127.0.0.1 oscount.techsmith.com
      127.0.0.1 65.52.240.48
      127.0.0.1 69.167.144.18
      0.0.0.0 serius.mwbsys.com
      127.0.0.1 acdid.acdsystems.com
      127.0.0.1 support.wondershare.net
      127.0.0.1 www.wondershare.net
      127.0.0.1 cbs.wondershare.com
      127.0.0.1 platform.wondershare.com
      127.0.0.1 Driver Genius - Backup, restore and update all your drivers easily
      127.0.0.1 asc55.iobit.com
      127.0.0.1 is360.iobit.com

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Edu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 192.168.1.1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
      MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
      MSCONFIG\startupreg: Spotify => "C:\Users\Edu\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
      MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Edu\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
      MSCONFIG\startupreg: YouCam Service => "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s

    6. #16
      Usuario Avatar de Nestares
      Registrado
      ene 2017
      Ubicación
      España
      Mensajes
      24

      Re: Virus en google chorme

      Reporte Addition 2:

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{6AA4768B-5D69-4ACB-B809-6E8EFA267C69}] => (Allow) C:\Users\Edu\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{79DD8AA2-3C99-4C35-B507-FE58DDD8DC13}] => (Allow) C:\Users\Edu\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [TCP Query User{994CD3AE-A034-4483-915D-2E238CF3530C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
      FirewallRules: [UDP Query User{B09A9ACD-6E9A-4C33-91C7-002A27B932B5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
      FirewallRules: [TCP Query User{E38E2811-15BE-4ABE-82D4-2F9CA8F3D95B}C:\program files (x86)\victorval\might and magic heroes iv repack\might & magic heroes vi.exe] => (Allow) C:\program files (x86)\victorval\might and magic heroes iv repack\might & magic heroes vi.exe
      FirewallRules: [UDP Query User{220A7EDB-5405-411A-AD03-C260D28DA558}C:\program files (x86)\victorval\might and magic heroes iv repack\might & magic heroes vi.exe] => (Allow) C:\program files (x86)\victorval\might and magic heroes iv repack\might & magic heroes vi.exe
      FirewallRules: [{4DCD28B3-ADA7-4845-9322-CAA3F96EEC82}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
      FirewallRules: [{6144F5D1-5E86-4804-81D4-36007EC2A605}] => (Allow) C:\Users\Edu\AppData\Roaming\Spotify\spotify.exe
      FirewallRules: [{81DC07B9-F935-4105-B03B-68B956A95BFA}] => (Allow) C:\Users\Edu\AppData\Roaming\Spotify\spotify.exe
      FirewallRules: [TCP Query User{AD1BEF78-43AC-4CC3-AEC5-E54D8C809A55}C:\users\edu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\edu\appdata\roaming\spotify\spotify.exe
      FirewallRules: [UDP Query User{9D539063-A7FC-4EDB-A05C-2FCA51432312}C:\users\edu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\edu\appdata\roaming\spotify\spotify.exe
      FirewallRules: [TCP Query User{2CCC9132-1BEB-43D0-B866-1FF0B312B24D}C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe
      FirewallRules: [UDP Query User{272E42E3-B6C2-49C2-A93B-C7F132FAC126}C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe
      FirewallRules: [TCP Query User{9B5E1A27-C899-4522-99F7-651D2C0975EA}C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe
      FirewallRules: [UDP Query User{C3898F8F-AF95-444C-94D3-77B7848F8687}C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe
      FirewallRules: [{0706ABC0-126A-4EDB-9B91-D7C18B3521B8}] => (Allow) C:\Users\Edu\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{4FE5B8DE-AB5D-45E4-9BCF-2D0291BEC681}] => (Allow) C:\Users\Edu\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{31F22671-B310-4B59-B2EF-4DCA08C9A8D5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{B9D96CB8-1844-470B-AEFC-0F399744083F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{E490A7E9-386D-4E19-B696-3BEDF2161163}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
      FirewallRules: [{5CC37535-E278-4853-9414-0356FF70AFA8}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
      FirewallRules: [{B8CE81B1-95D1-40B4-9246-D85EACAD8815}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
      FirewallRules: [{570CA86D-D264-49E2-B894-7BE2DB977A2D}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
      FirewallRules: [TCP Query User{64F51EDE-96A9-4F1C-B48F-F7FD518F3218}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Allow) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe
      FirewallRules: [UDP Query User{B3D11B6C-08DE-4C44-92E2-D107E6C87DEA}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Allow) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe
      FirewallRules: [TCP Query User{CA79F477-CC31-4CEE-BA4B-0ACCB3952CFB}C:\program files (x86)\epsonnet\epsonnet config v1\epsonnet config.exe] => (Allow) C:\program files (x86)\epsonnet\epsonnet config v1\epsonnet config.exe
      FirewallRules: [UDP Query User{8A139402-1F89-4DF4-80A5-6B935B3EBA4B}C:\program files (x86)\epsonnet\epsonnet config v1\epsonnet config.exe] => (Allow) C:\program files (x86)\epsonnet\epsonnet config v1\epsonnet config.exe
      FirewallRules: [{05D3094D-1215-4E10-8CCF-48EF9AD6A562}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
      FirewallRules: [{F98F9A37-3956-42D9-A330-B1ACA90B3355}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
      FirewallRules: [{586AAA30-93F7-40F5-92AE-6BD4DAD22AD1}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
      FirewallRules: [{89F773B3-39B6-45DD-B882-B0DBFBB25554}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
      FirewallRules: [{D844A31E-7C1E-414B-91D9-636A7095F4F6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
      FirewallRules: [{928639DE-2698-41E9-94A8-CA36543F40A3}] => (Allow) LPort=2869
      FirewallRules: [{50647846-8F99-4690-8583-E0E87D7D0223}] => (Allow) LPort=1900
      FirewallRules: [TCP Query User{D372D777-6860-43BD-B1DB-3056D1317371}C:\gog games\worms world party remastered\w2.exe] => (Allow) C:\gog games\worms world party remastered\w2.exe
      FirewallRules: [UDP Query User{E50B5603-EF8D-4E34-B7F3-F5F0C9A206DA}C:\gog games\worms world party remastered\w2.exe] => (Allow) C:\gog games\worms world party remastered\w2.exe
      FirewallRules: [TCP Query User{84DCC0C0-1FD3-430E-83C8-5D764EA1B93E}C:\program files (x86)\eidos\saga commandos\commandos 2 - men of courage\comm2.exe] => (Allow) C:\program files (x86)\eidos\saga commandos\commandos 2 - men of courage\comm2.exe
      FirewallRules: [UDP Query User{72092F46-995B-4559-8B34-5534B51A8460}C:\program files (x86)\eidos\saga commandos\commandos 2 - men of courage\comm2.exe] => (Allow) C:\program files (x86)\eidos\saga commandos\commandos 2 - men of courage\comm2.exe
      FirewallRules: [TCP Query User{871A42C9-DD73-407A-B4BE-639329129738}C:\gog games\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Allow) C:\gog games\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe
      FirewallRules: [UDP Query User{321C4426-2973-4748-AD29-A40B4D0FC849}C:\gog games\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Allow) C:\gog games\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe
      FirewallRules: [TCP Query User{0D42D1B8-625A-41E7-AB94-E5CC33C74502}C:\program files (x86)\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) C:\program files (x86)\mortal kombat xl\binaries\retail\mk10.exe
      FirewallRules: [UDP Query User{02A7DD34-6056-4037-A94A-E190C71BC750}C:\program files (x86)\mortal kombat xl\binaries\retail\mk10.exe] => (Allow) C:\program files (x86)\mortal kombat xl\binaries\retail\mk10.exe
      FirewallRules: [TCP Query User{AE5BEF96-4A8C-40FE-9006-2B447DA26C0A}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe
      FirewallRules: [UDP Query User{22E3F2C9-6999-4C39-A4B2-31CC8978CEA3}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe
      FirewallRules: [{E9447580-C9ED-496E-ACEE-204BBCBD45FF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{4D1DA761-0E2E-4153-9836-70D406B0A231}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{3EC148B8-4733-4663-B4FD-2C29567B5389}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{1F7CB6B5-6232-4FE2-9198-7AC8275203CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [TCP Query User{82A6CBD1-B58B-4F41-AEBB-1B4E2F7AC8BD}C:\program files (x86)\ubisoft\trials evolution - gold edition\datapack\trialsfmx.exe] => (Allow) C:\program files (x86)\ubisoft\trials evolution - gold edition\datapack\trialsfmx.exe
      FirewallRules: [UDP Query User{8C928557-FB64-48B7-AFAF-134075ADAE7D}C:\program files (x86)\ubisoft\trials evolution - gold edition\datapack\trialsfmx.exe] => (Allow) C:\program files (x86)\ubisoft\trials evolution - gold edition\datapack\trialsfmx.exe
      FirewallRules: [TCP Query User{ABFEE5FA-2D0E-4E3D-AB07-3B9888BA30E9}C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe
      FirewallRules: [UDP Query User{2791A971-D258-484E-B62A-99CC57D5F8B3}C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe] => (Allow) C:\program files (x86)\need for speed most wanted limited edition\nfs13.exe
      FirewallRules: [{716F22AA-A2CC-452B-B46F-FFD1A962EBAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{3B4BC019-2E8A-40CF-A717-B5E642630544}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{9397661A-C67B-420B-A07D-5E7139877E6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
      FirewallRules: [{38911C28-660F-465A-95B8-FC6C6C2E9E5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{5BA43C4B-A305-4FEC-8A3B-BF3EB33D675D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{792629E1-7B18-47A3-A0BB-40D8FDF371CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{C7DC13AE-058A-48B3-835B-DAC8CBDFC544}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{EFBB108F-F0A3-4ED9-B5EC-AB38BC760834}] => (Allow) C:\Program Files\iTunes\iTunes.exe
      FirewallRules: [TCP Query User{C724BA7E-F9DB-4A51-BB17-2651F0FC33C6}C:\program files (x86)\pro evolution soccer 2018\pes2018.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2018\pes2018.exe
      FirewallRules: [UDP Query User{30DDCA06-2513-4DC2-8CF7-CD3014E02C3D}C:\program files (x86)\pro evolution soccer 2018\pes2018.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2018\pes2018.exe
      FirewallRules: [{E50C5645-7193-4898-A785-731DFD2A892B}] => (Allow) C:\Windows\system32\rundll32.exe
      FirewallRules: [{B061BD7B-3B17-4730-B96E-4B872FD00D28}] => (Allow) C:\Program Files (x86)\Secure Driver Updater\SDU.exe
      FirewallRules: [{C6FB9DCD-9519-426C-A875-7B1A432B0D1D}] => (Allow) C:\Windows\System32\rundll32.exe
      FirewallRules: [{232BF164-77DC-4A26-A4E3-A427BADF979F}] => (Allow) C:\Windows\System32\rundll32.exe
      FirewallRules: [{EB4C4D19-5CC0-487A-9E04-4424BC108568}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{0957ACDD-844D-42F5-8952-29B6390751AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{545ECC95-85DC-44D1-8759-CCE0BA2D70A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{ED530C32-2B3F-41E9-9A87-53E80869E45F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{8B630FED-CF8C-4E66-A2B3-F2640A5BBE7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{A7946539-63FE-4090-B406-60D9AB1C85F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

      ==================== Restore Points =========================

      01-11-2017 17:19:57 JRT Pre-Junkware Removal
      01-11-2017 17:23:18 JRT Pre-Junkware Removal
      04-11-2017 02:15:00 Windows Update

      ==================== Faulty Device Manager Devices =============

      Name:
      Description:
      Class Guid:
      Manufacturer:
      Service:
      Problem: : The drivers for this device are not installed. (Code 28)
      Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

      Name: Adaptador de tunelización Teredo de Microsoft
      Description: Adaptador de tunelización Teredo de Microsoft
      Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
      Manufacturer: Microsoft
      Service: tunnel
      Problem: : This device cannot start. (Code10)
      Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
      On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (11/04/2017 06:58:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: El programa JetAudio.exe, versión 8.1.5.10314, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

      Identificador de proceso: 1ad8

      Hora de inicio: 01d354ef1c7725c2

      Hora de finalización: 166

      Ruta de acceso de la aplicación: C:\Program Files (x86)\JetAudio\JetAudio.exe

      Identificador de informe: 8689db3c-c189-11e7-983f-d43d7e925eca

      Error: (11/04/2017 04:21:10 AM) (Source: SideBySide) (EventID: 35) (User: )
      Description: Error al generar el contexto de activación para "c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifest". Error en el archivo de manifiesto o directiva "c:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST" en la línea 3.
      La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
      La referencia es SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
      La definición es SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (11/03/2017 10:46:32 AM) (Source: emntflog) (EventID: 4) (User: )
      Description: EpsonNet Notification Service was not started because of next error.

      13000:API(bind) generated error(10049).

      Error: (11/03/2017 10:46:17 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
      Description: No se puede iniciar el servicio. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
      en BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
      en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

      Error: (11/03/2017 10:31:08 AM) (Source: PerfNet) (EventID: 2004) (User: )
      Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

      Error: (11/03/2017 10:31:06 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
      Description: No se puede iniciar el servicio. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
      en BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
      en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

      Error: (11/03/2017 10:30:38 AM) (Source: emntflog) (EventID: 4) (User: )
      Description: EpsonNet Notification Service was not started because of next error.

      13000:API(bind) generated error(10049).

      Error: (11/03/2017 10:17:54 AM) (Source: SideBySide) (EventID: 35) (User: )
      Description: Error al generar el contexto de activación para "c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifest". Error en el archivo de manifiesto o directiva "c:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST" en la línea 3.
      La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
      La referencia es SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
      La definición es SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (11/03/2017 09:49:00 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
      Description: No se puede iniciar el servicio. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
      en BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
      en System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

      Error: (11/03/2017 09:48:43 AM) (Source: emntflog) (EventID: 4) (User: )
      Description: EpsonNet Notification Service was not started because of next error.

      13000:API(bind) generated error(10049).


      System errors:
      =============
      Error: (11/03/2017 10:46:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
      Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente:
      hwinterface

      Error: (11/03/2017 10:46:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio BlueStacks Android Service se cerró con el siguiente error:
      Se presentó una excepción en el servicio al administrar la solicitud de control.

      Error: (11/03/2017 10:45:42 AM) (Source: Application Popup) (EventID: 1060) (User: )
      Description: Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\hwinterface.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

      Error: (11/03/2017 10:45:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio debido a un error en el inicio de sesión.

      Error: (11/03/2017 10:45:15 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
      Description: El servicio WMPNetworkSvc no se pudo iniciarse como NT AUTHORITY\NetworkService con la contraseña configurada actualmente debido al siguiente error:
      Solicitud no compatible.


      Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).

      Error: (11/03/2017 10:44:48 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/03/2017 10:44:47 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/03/2017 10:44:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio SQL Server (SQLEXPRESS) se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (11/03/2017 10:44:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

      Error: (11/03/2017 10:44:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Intel(R) Management and Security Application User Notification Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


      CodeIntegrity:
      ===================================
      Date: 2016-12-26 16:52:18.091
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-12-26 16:52:11.793
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-12-26 16:52:11.709
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-12-26 16:48:06.293
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-12-26 16:48:06.204
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-12-26 15:15:00.388
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-12-26 15:15:00.138
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-12-23 10:36:24.903
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-12-23 10:36:24.825
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

      Date: 2016-12-23 10:01:42.544
      Description: Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\MBWrp64.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
      Percentage of memory in use: 53%
      Total physical RAM: 8137 MB
      Available physical RAM: 3766.86 MB
      Total Virtual: 16272.19 MB
      Available Virtual: 11687.92 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:934.01 GB) (Free:69.23 GB) NTFS
      Drive d: (Datos) (Fixed) (Total:928.91 GB) (Free:36.48 GB) NTFS
      Drive i: (DISCO NUEVO 2TB) (Fixed) (Total:1863.01 GB) (Free:1333.42 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 63032418)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=934 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=928.9 GB) - (Type=07 NTFS)

      ========================================================
      Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: A8A77C3B)
      Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    7. #17
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      23.998

      Re: Virus en google chorme

      Hola

      Sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

      • Para hacerlo descarga >> DelFix en tu escritorio.
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca unicamente la casilla "Create registry backup".
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación inicia tu equipo desde el >> Modo Seguro de Windows con función de red.

      Si tu SO es Windows 8/8.1/10 usa el 2º MÉTODO: de esta Faq de Windows 8 (aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.


      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\Run: [AdobeBridge] => [X]
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: F - F:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {101bb017-358d-11e7-b66c-d43d7e925eca} - I:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {267d6a93-0d99-11e7-ad86-d43d7e925eca} - H:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {267d6a9f-0d99-11e7-ad86-d43d7e925eca} - I:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {7df9c740-753f-11e7-8ed0-d43d7e925eca} - H:\CMADownloader.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {82ae296c-323b-11e7-84f4-d43d7e925eca} - H:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {9105f33c-4439-11e7-80d1-d43d7e925eca} - K:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {9105f341-4439-11e7-80d1-d43d7e925eca} - L:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {ec5797f6-6bdf-11e4-af36-d43d7e925eca} - H:\unlock.exe autoplay=true
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {f935197b-3b9d-11e7-9a7d-d43d7e925eca} - H:\setup.exe
      SearchScopes: HKLM-x32 -> DefaultScope value is missing
      SearchScopes: HKU\S-1-5-21-117417332-1347312225-1001307004-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
      FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-16] [not signed]
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      CHR HomePage: Default -> inline.go.mail.ru
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
      CHR Extension: (Download with JDownloader) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpmbokkdeapjommajdfmmheiiakdlgo [2017-11-01]
      CHR Extension: (Chrome Media Router) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-01]
      CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
      U3 aet3ydsd; C:\Windows\System32\Drivers\aet3ydsd.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
      S3 MSICDSetup; \??\E:\CDriver64.sys [X]
      S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      2017-10-31 19:40 - 2017-10-31 19:40 - 000003564 _____ C:\Windows\System32\Tasks\{E9326759-40A8-1B33-19B6-F46B837AD563}
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\03xsS7E0tz0Q.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\2QcQCw9CK08F.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\2QCycQwGnWLO.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\4fJ6xB51fHQk.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\6nf25mmiPR0C.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\6qtQmBNTOU6I.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\7JEHZflbjUzT.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\7lBUpwO3aL5q.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\7LTWk37jCBg8.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000192000 _____ () C:\Users\Edu\AppData\Local\Temp\7MeKoH7pjUDm.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 021454848 _____ () C:\Users\Edu\AppData\Local\Temp\8iKWdBia5axj.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\A1pjVtbRhVXz.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\ahY4baMctlvF.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 028450816 _____ () C:\Users\Edu\AppData\Local\Temp\ALmHVvG9iema.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\apMO3Zgh9ftr.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\BXNVGG6IJ6D9.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\C1M8NWsmEtAj.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\cKt8b51GW6j9.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000386580 _____ () C:\Users\Edu\AppData\Local\Temp\E4EHM9Me599f.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\FAiS3U9yhFGq.exe
      2017-10-31 19:38 - 2017-10-31 19:38 - 000386580 _____ () C:\Users\Edu\AppData\Local\Temp\ffQZY7x03fqS.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 040394752 _____ () C:\Users\Edu\AppData\Local\Temp\fWCgrJn1Yj5A.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000341504 ____N () C:\Users\Edu\AppData\Local\Temp\FyBFeWB7EnCi.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\gWEIm2gtvee6.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\h20nWT1YR2GD.exe
      2017-10-31 19:38 - 2017-10-31 19:38 - 002643640 _____ () C:\Users\Edu\AppData\Local\Temp\HWOq0u8Yqtze.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\I5gGZ8ROYqD6.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\I8boa4YpTvWj.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\Iv9VXbyZRZpS.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\LuxK335UfhlL.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\M3H748ntQFyJ.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\N27JUfgdJYYx.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000192000 _____ () C:\Users\Edu\AppData\Local\Temp\onUK0gxwOUIs.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\oXlgLcO7BiMK.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\oXwQuMGbDeqf.exe
      2017-10-31 23:48 - 2017-10-31 23:48 - 000040448 _____ () C:\Users\Edu\AppData\Local\Temp\proxy_vole8912392664985638211.dll
      2017-10-31 19:39 - 2017-10-31 19:40 - 010526720 _____ () C:\Users\Edu\AppData\Local\Temp\PYCUAYuj279E.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\qXcgwYdvizpn.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\RAnYlP2QYcEp.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\RrWMpL6N5EHv.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000386580 _____ () C:\Users\Edu\AppData\Local\Temp\Sdolm66DemA6.exe
      2017-10-31 19:36 - 2017-10-31 19:37 - 002643640 _____ () C:\Users\Edu\AppData\Local\Temp\seLf1hJ3lVrC.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 040706048 _____ () C:\Users\Edu\AppData\Local\Temp\ssLV3wYqB8iO.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\SUdYltsp2LVC.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\TMpFm5LTLsdC.exe
      2017-10-31 19:56 - 2017-10-31 19:56 - 000046924 _____ () C:\Users\Edu\AppData\Local\Temp\tu17p84.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\uJh6JGJOy4PE.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\uOWOaVvF7sD6.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\vIwbliJhViCP.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\WgZliSBEOZyw.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\WqWsY8zGNLp8.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\YCze1Zk6Z32V.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 035627008 _____ () C:\Users\Edu\AppData\Local\Temp\YR4JUhJAhaHE.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 001264104 _____ () C:\Users\Edu\AppData\Local\Temp\zQSaMYCfh16X.exe
      Task: {3B747146-AD6D-4AF5-B401-D40F1BFBAAA9} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
      Task: {D1812E97-723C-49AD-AA2F-1342E03FD808} - System32\Tasks\SFP Distory Clocks Editor => C:\Windows\system32\rundll32.exe "C:\Program Files\SFP Distory Clocks Editor\SFP Distory Clocks Editor.dll",cAZLrpNSnYKz <==== ATTENTION
      Task: {DF4AD209-1CDD-4E25-9340-ABFA8DFB98CA} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION 
      
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Pon el reporte y comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de Nestares
      Registrado
      ene 2017
      Ubicación
      España
      Mensajes
      24

      Re: Virus en google chorme

      Hola, de momento sigue todo igual... sin cambios, te adjunto el report del Fix:

      Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
      Ran by Edu (06-11-2017 07:42:35) Run:1
      Running from C:\Users\Edu\Desktop
      Loaded Profiles: Edu (Available Profiles: Edu)
      Boot Mode: Safe Mode (with Networking)
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\Run: [AdobeBridge] => [X]
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: F - F:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {101bb017-358d-11e7-b66c-d43d7e925eca} - I:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {267d6a93-0d99-11e7-ad86-d43d7e925eca} - H:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {267d6a9f-0d99-11e7-ad86-d43d7e925eca} - I:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {7df9c740-753f-11e7-8ed0-d43d7e925eca} - H:\CMADownloader.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {82ae296c-323b-11e7-84f4-d43d7e925eca} - H:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {9105f33c-4439-11e7-80d1-d43d7e925eca} - K:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {9105f341-4439-11e7-80d1-d43d7e925eca} - L:\setup.exe
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {ec5797f6-6bdf-11e4-af36-d43d7e925eca} - H:\unlock.exe autoplay=true
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\...\MountPoints2: {f935197b-3b9d-11e7-9a7d-d43d7e925eca} - H:\setup.exe
      SearchScopes: HKLM-x32 -> DefaultScope value is missing
      SearchScopes: HKU\S-1-5-21-117417332-1347312225-1001307004-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
      FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-16] [not signed]
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      CHR HomePage: Default -> inline.go.mail.ru
      CHR Extension: (Documentos de Google sin conexi�n) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
      CHR Extension: (Download with JDownloader) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpmbokkdeapjommajdfmmheiiakdlgo [2017-11-01]
      CHR Extension: (Chrome Media Router) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-01]
      CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
      U3 aet3ydsd; C:\Windows\System32\Drivers\aet3ydsd.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
      S3 MSICDSetup; \??\E:\CDriver64.sys [X]
      S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      2017-10-31 19:40 - 2017-10-31 19:40 - 000003564 _____ C:\Windows\System32\Tasks\{E9326759-40A8-1B33-19B6-F46B837AD563}
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\03xsS7E0tz0Q.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\2QcQCw9CK08F.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\2QCycQwGnWLO.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\4fJ6xB51fHQk.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\6nf25mmiPR0C.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\6qtQmBNTOU6I.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\7JEHZflbjUzT.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\7lBUpwO3aL5q.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\7LTWk37jCBg8.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000192000 _____ () C:\Users\Edu\AppData\Local\Temp\7MeKoH7pjUDm.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 021454848 _____ () C:\Users\Edu\AppData\Local\Temp\8iKWdBia5axj.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\A1pjVtbRhVXz.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\ahY4baMctlvF.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 028450816 _____ () C:\Users\Edu\AppData\Local\Temp\ALmHVvG9iema.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\apMO3Zgh9ftr.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\BXNVGG6IJ6D9.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\C1M8NWsmEtAj.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\cKt8b51GW6j9.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000386580 _____ () C:\Users\Edu\AppData\Local\Temp\E4EHM9Me599f.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\FAiS3U9yhFGq.exe
      2017-10-31 19:38 - 2017-10-31 19:38 - 000386580 _____ () C:\Users\Edu\AppData\Local\Temp\ffQZY7x03fqS.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 040394752 _____ () C:\Users\Edu\AppData\Local\Temp\fWCgrJn1Yj5A.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000341504 ____N () C:\Users\Edu\AppData\Local\Temp\FyBFeWB7EnCi.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\gWEIm2gtvee6.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\h20nWT1YR2GD.exe
      2017-10-31 19:38 - 2017-10-31 19:38 - 002643640 _____ () C:\Users\Edu\AppData\Local\Temp\HWOq0u8Yqtze.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\I5gGZ8ROYqD6.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\I8boa4YpTvWj.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\Iv9VXbyZRZpS.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\LuxK335UfhlL.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\M3H748ntQFyJ.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\N27JUfgdJYYx.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 000192000 _____ () C:\Users\Edu\AppData\Local\Temp\onUK0gxwOUIs.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\oXlgLcO7BiMK.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\oXwQuMGbDeqf.exe
      2017-10-31 23:48 - 2017-10-31 23:48 - 000040448 _____ () C:\Users\Edu\AppData\Local\Temp\proxy_vole8912392664985638211.dll
      2017-10-31 19:39 - 2017-10-31 19:40 - 010526720 _____ () C:\Users\Edu\AppData\Local\Temp\PYCUAYuj279E.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\qXcgwYdvizpn.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 ____N () C:\Users\Edu\AppData\Local\Temp\RAnYlP2QYcEp.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\RrWMpL6N5EHv.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000386580 _____ () C:\Users\Edu\AppData\Local\Temp\Sdolm66DemA6.exe
      2017-10-31 19:36 - 2017-10-31 19:37 - 002643640 _____ () C:\Users\Edu\AppData\Local\Temp\seLf1hJ3lVrC.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 040706048 _____ () C:\Users\Edu\AppData\Local\Temp\ssLV3wYqB8iO.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\SUdYltsp2LVC.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\TMpFm5LTLsdC.exe
      2017-10-31 19:56 - 2017-10-31 19:56 - 000046924 _____ () C:\Users\Edu\AppData\Local\Temp\tu17p84.exe
      2017-10-31 19:40 - 2017-10-31 19:40 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\uJh6JGJOy4PE.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\uOWOaVvF7sD6.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\vIwbliJhViCP.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 001655800 _____ () C:\Users\Edu\AppData\Local\Temp\WgZliSBEOZyw.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\WqWsY8zGNLp8.exe
      2017-10-31 19:39 - 2017-10-31 19:39 - 000000000 _____ () C:\Users\Edu\AppData\Local\Temp\YCze1Zk6Z32V.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 035627008 _____ () C:\Users\Edu\AppData\Local\Temp\YR4JUhJAhaHE.exe
      2017-10-31 19:39 - 2017-10-31 19:40 - 001264104 _____ () C:\Users\Edu\AppData\Local\Temp\zQSaMYCfh16X.exe
      Task: {3B747146-AD6D-4AF5-B401-D40F1BFBAAA9} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
      Task: {D1812E97-723C-49AD-AA2F-1342E03FD808} - System32\Tasks\SFP Distory Clocks Editor => C:\Windows\system32\rundll32.exe "C:\Program Files\SFP Distory Clocks Editor\SFP Distory Clocks Editor.dll",cAZLrpNSnYKz <==== ATTENTION
      Task: {DF4AD209-1CDD-4E25-9340-ABFA8DFB98CA} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION

      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      *****************

      Error: Restore point can only be created in normal mode.
      Processes closed successfully.
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => key removed successfully
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{101bb017-358d-11e7-b66c-d43d7e925eca} => key removed successfully
      HKLM\Software\Classes\CLSID\{101bb017-358d-11e7-b66c-d43d7e925eca} => key not found.
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{267d6a93-0d99-11e7-ad86-d43d7e925eca} => key removed successfully
      HKLM\Software\Classes\CLSID\{267d6a93-0d99-11e7-ad86-d43d7e925eca} => key not found.
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{267d6a9f-0d99-11e7-ad86-d43d7e925eca} => key removed successfully
      HKLM\Software\Classes\CLSID\{267d6a9f-0d99-11e7-ad86-d43d7e925eca} => key not found.
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7df9c740-753f-11e7-8ed0-d43d7e925eca} => key removed successfully
      HKLM\Software\Classes\CLSID\{7df9c740-753f-11e7-8ed0-d43d7e925eca} => key not found.
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82ae296c-323b-11e7-84f4-d43d7e925eca} => key removed successfully
      HKLM\Software\Classes\CLSID\{82ae296c-323b-11e7-84f4-d43d7e925eca} => key not found.
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9105f33c-4439-11e7-80d1-d43d7e925eca} => key removed successfully
      HKLM\Software\Classes\CLSID\{9105f33c-4439-11e7-80d1-d43d7e925eca} => key not found.
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9105f341-4439-11e7-80d1-d43d7e925eca} => key removed successfully
      HKLM\Software\Classes\CLSID\{9105f341-4439-11e7-80d1-d43d7e925eca} => key not found.
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ec5797f6-6bdf-11e4-af36-d43d7e925eca} => key removed successfully
      HKLM\Software\Classes\CLSID\{ec5797f6-6bdf-11e4-af36-d43d7e925eca} => key not found.
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f935197b-3b9d-11e7-9a7d-d43d7e925eca} => key removed successfully
      HKLM\Software\Classes\CLSID\{f935197b-3b9d-11e7-9a7d-d43d7e925eca} => key not found.
      HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
      C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => moved successfully
      HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
      HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
      Chrome HomePage => removed successfully
      CHR Extension: (Documentos de Google sin conexi�n) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] => Error: No automatic fix found for this entry.
      CHR Extension: (Download with JDownloader) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpmbokkdeapjommajdfmmheiiakdlgo [2017-11-01] => Error: No automatic fix found for this entry.
      CHR Extension: (Chrome Media Router) - C:\Users\Edu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-01] => Error: No automatic fix found for this entry.
      HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh => key removed successfully
      aet3ydsd => service not found.
      HKLM\System\CurrentControlSet\Services\MSICDSetup => key removed successfully
      MSICDSetup => service removed successfully
      HKLM\System\CurrentControlSet\Services\NTIOLib_1_0_C => key removed successfully
      NTIOLib_1_0_C => service removed successfully
      HKLM\System\CurrentControlSet\Services\Synth3dVsc => key removed successfully
      Synth3dVsc => service removed successfully
      HKLM\System\CurrentControlSet\Services\tsusbhub => key removed successfully
      tsusbhub => service removed successfully
      HKLM\System\CurrentControlSet\Services\VGPU => key removed successfully
      VGPU => service removed successfully
      C:\Windows\System32\Tasks\{E9326759-40A8-1B33-19B6-F46B837AD563} => moved successfully
      C:\Users\Edu\AppData\Local\Temp\03xsS7E0tz0Q.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\2QcQCw9CK08F.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\2QCycQwGnWLO.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\4fJ6xB51fHQk.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\6nf25mmiPR0C.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\6qtQmBNTOU6I.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\7JEHZflbjUzT.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\7lBUpwO3aL5q.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\7LTWk37jCBg8.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\7MeKoH7pjUDm.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\8iKWdBia5axj.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\A1pjVtbRhVXz.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\ahY4baMctlvF.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\ALmHVvG9iema.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\apMO3Zgh9ftr.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\BXNVGG6IJ6D9.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\C1M8NWsmEtAj.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\cKt8b51GW6j9.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\E4EHM9Me599f.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\FAiS3U9yhFGq.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\ffQZY7x03fqS.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\fWCgrJn1Yj5A.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\FyBFeWB7EnCi.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\gWEIm2gtvee6.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\h20nWT1YR2GD.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\HWOq0u8Yqtze.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\I5gGZ8ROYqD6.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\I8boa4YpTvWj.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\Iv9VXbyZRZpS.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\LuxK335UfhlL.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\M3H748ntQFyJ.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\N27JUfgdJYYx.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\onUK0gxwOUIs.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\oXlgLcO7BiMK.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\oXwQuMGbDeqf.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\proxy_vole8912392664985638211.dll => moved successfully
      C:\Users\Edu\AppData\Local\Temp\PYCUAYuj279E.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\qXcgwYdvizpn.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\RAnYlP2QYcEp.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\RrWMpL6N5EHv.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\Sdolm66DemA6.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\seLf1hJ3lVrC.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\ssLV3wYqB8iO.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\SUdYltsp2LVC.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\TMpFm5LTLsdC.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\tu17p84.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\uJh6JGJOy4PE.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\uOWOaVvF7sD6.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\vIwbliJhViCP.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\WgZliSBEOZyw.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\WqWsY8zGNLp8.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\YCze1Zk6Z32V.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\YR4JUhJAhaHE.exe => moved successfully
      C:\Users\Edu\AppData\Local\Temp\zQSaMYCfh16X.exe => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B747146-AD6D-4AF5-B401-D40F1BFBAAA9} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B747146-AD6D-4AF5-B401-D40F1BFBAAA9} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D1812E97-723C-49AD-AA2F-1342E03FD808} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1812E97-723C-49AD-AA2F-1342E03FD808} => key removed successfully
      C:\Windows\System32\Tasks\SFP Distory Clocks Editor => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SFP Distory Clocks Editor => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF4AD209-1CDD-4E25-9340-ABFA8DFB98CA} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF4AD209-1CDD-4E25-9340-ABFA8DFB98CA} => key removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => key removed successfully

      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows

      No se puede realizar ninguna operaci¢n en Conexi¢n de red inal*mbrica 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.

      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 2:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica:

      Sufijo DNS espec¡fico para la conexi¢n. . : home
      Direcci¢n IPv6 . . . . . . . . . . : fdf0:4347:1b89:4100:419e:28dc:f43d:91ac
      Direcci¢n IPv6 temporal. . . . . . : fdf0:4347:1b89:4100:a13e:eec:2155:91ae
      V¡nculo: direcci¢n IPv6 local. . . : fe80::419e:28dc:f43d:91ac%11
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.134
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : fe80::1%11
      192.168.1.1

      Adaptador de Ethernet Conexi¢n de *rea local:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de t£nel isatap.home:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.5.7601 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007042c
      No se puede iniciar el servicio o grupo de dependencia.



      ========= End of CMD: =========


      ========= RemoveProxy: =========

      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-21-117417332-1347312225-1001307004-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


      ========= End of RemoveProxy: =========

      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      =========== EmptyTemp: ==========

      BITS transfer queue => 8388608 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18118783 B
      Java, Flash, Steam htmlcache => 506 B
      Windows/system/drivers => 7382884 B
      Edge => 0 B
      Chrome => 151658075 B
      Firefox => 2926805 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Users => 0 B
      Default => 0 B
      Public => 0 B
      ProgramData => 0 B
      systemprofile => 42339258 B
      systemprofile32 => 71928 B
      LocalService => 0 B
      NetworkService => 68050 B
      Edu => 292514736 B
      UpdatusUser => 0 B

      RecycleBin => 9866 B
      EmptyTemp: => 499.2 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 07:46:12 ====

    9. #19
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      23.998

      Re: Virus en google chorme

      Hola

      Resetea todos los navegadores:



      Comenta como sigue.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #20
      Usuario Avatar de Nestares
      Registrado
      ene 2017
      Ubicación
      España
      Mensajes
      24

      Re: Virus en google chorme

      Buenas, he reseteado los 3 y sigue igual, cuando arranco el google chrome me sale la pagina rusa...