• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 11

    PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

    Bueno, después de haberme infectado por un adware/virus pude solucionar la infección al darme cuenta rapidamente utilizando el Malwarebytes (qué marco 222 amenazas) y el adwcleaner, pero hay un problema que persiste. Al volver a ...

    1. #1
      Usuario Avatar de PhoneDestroyer
      Registrado
      nov 2017
      Ubicación
      Argentina
      Mensajes
      7

      PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

      Bueno, después de haberme infectado por un adware/virus pude solucionar la infección al darme cuenta rapidamente utilizando el Malwarebytes (qué marco 222 amenazas) y el adwcleaner, pero hay un problema que persiste. Al volver a analizar con el Malwarebytes todo esta bien, pero el adwclener me marca que un PUP quedo en Heuristic, paso seguido lo limpio, la computadora se vuelve a reiniciar y dice que todo fue removido. Vuelvo a analizar con el adwcleaner y ningun resultado, nada extraño. A los cinco minutos lo vuelvo a analizar con el adwcleaner, y sorpresa, el PUP vuelve a aparecer (probablemente fue antes abrí chrome). Necesito que me digan como deshacerme de este Adware, y de como definitivamente eliminar este gran adware que me infecto en un principio.
      Saludos.
      Y aquí dejo el registro del ultimo analísis:

      # AdwCleaner 7.0.4.0 - Logfile created on Thu Nov 23 23:24:26 2017
      # Updated on 2017/27/10 by Malwarebytes
      # Running on Windows 7 Ultimate (X86)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      Deleted: C:\Program Files\73263a84e426ecba5eb15e541b024b53


      ***** [ Files ] *****

      No malicious files deleted.

      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      No malicious registry entries deleted.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries deleted.

      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[C0].txt - [1484 B] - [2017/6/7 0:32:14]
      C:/AdwCleaner/AdwCleaner[C2].txt - [1906 B] - [2017/6/28 2028]
      C:/AdwCleaner/AdwCleaner[S0].txt - [1453 B] - [2017/5/1 15:47:42]
      C:/AdwCleaner/AdwCleaner[S10].txt - [1803 B] - [2017/11/23 23:15:11]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1928 B] - [2017/6/7 0:26:35]
      C:/AdwCleaner/AdwCleaner[S2].txt - [1983 B] - [2017/6/28 2033]
      C:/AdwCleaner/AdwCleaner[S3].txt - [1327 B] - [2017/8/26 21:21:30]
      C:/AdwCleaner/AdwCleaner[S4].txt - [1395 B] - [2017/8/26 23:14:53]
      C:/AdwCleaner/AdwCleaner[S5].txt - [1950 B] - [2017/9/1 1:22:28]
      C:/AdwCleaner/AdwCleaner[S6].txt - [2018 B] - [2017/9/2 22:53:40]
      C:/AdwCleaner/AdwCleaner[S7].txt - [1596 B] - [2017/10/3 19:54:47]
      C:/AdwCleaner/AdwCleaner[S8].txt - [1732 B] - [2017/11/23 22:29:44]
      C:/AdwCleaner/AdwCleaner[S9].txt - [1733 B] - [2017/11/23 22:35:45]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########

    2. #2
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.352

      Re: PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

      Hola PhoneDestroyer


      Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

      1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

      • Realiza un Análisis Completo, actualizando si te lo pide.
      • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
      • En el apartado del manual "Historial" >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.



      2) Descargar Junkware Removal Tool

      • Desactiva temporalmente el Antivirus
      • Ejecuta JRT.exe, (en Windows 7 u 8 ejecutar como "Administrador")
      • Presiona cualquier tecla para continuar y espera pacientemente a que termine su proceso.
      • Al finalizar, un registro (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próximo mensaje de respuesta



      3) Descarga >> AdwCleaner | InfoSpyware en el escritorio.

      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Cierra también todos los programas que tengas abiertos.
      • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botónLimpiar.
      • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistemaAceptas.
      • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
      • El informe también se puede encontrar en "C:\AdwCleaner\AdwCleaner[C1].txt"



      4) Descarga CCleaner

      • Instala Ccleaner
      • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador
      • clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad
      • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.


      Pega los reportes de Malwarebytes, AdwCleaner y JRT y comentas como va el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de PhoneDestroyer
      Registrado
      nov 2017
      Ubicación
      Argentina
      Mensajes
      7

      Re: PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

      Seguí correctamente todos los pasos. Debo decir que cada vez que tenía que descargar algo, el mensaje (el tipico que sale con chrome en la barra de descargas) de "este archivo puede dañar tu ordenador: rechazar o aceptar" o como sea, me aparecía siempre, cosa que antes no me sucedía. También puedo decir que me aparecen algunas extensiones como "weather no se que" o "search manager". Ninguna extensión fue añadida desde que entre y recién volví a utilizar el ordenador luego de realizar estos procedimientos. Si el problema persiste hare saberlo.

      Informes:
      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 23/11/17
      Hora del análisis: 21:48
      Archivo de registro: 2b064d48-d0b1-11e7-8a0a-50465d06f976.json
      Administrador: Sí

      -Información del software-
      Versión: 3.3.1.2183
      Versión de los componentes: 1.0.236
      Versión del paquete de actualización: 1.0.3335
      Licencia: Gratis

      -Información del sistema-
      SO: Windows 7
      CPU: x86
      Sistema de archivos: NTFS
      Usuario: Laura-PC\Laura

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 303329
      Amenazas detectadas: 0
      (No hay elementos maliciosos detectados)
      Amenazas en cuarentena: 0
      (No hay elementos maliciosos detectados)
      Tiempo transcurrido: 6 min, 22 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 7 Ultimate x86
      Ran by Laura (Administrator) on 23/11/2017 at 22:00:39,43
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 25

      Failed to delete: C:\Users\Laura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XTCGEDWE (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\Tasks\update-S-1-5-21-639967415-54274893-1491004558-1000 (Task)
      Successfully deleted: C:\Windows\System32\Tasks\update-sys (Task)
      Successfully deleted: C:\Windows\Tasks\update-S-1-5-21-639967415-54274893-1491004558-1000.job (Task)
      Successfully deleted: C:\Windows\Tasks\update-sys.job (Task)
      Successfully deleted: C:\Windows\wininit.ini (File)
      Successfully deleted: C:\Users\Laura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2DKIW8KR (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Laura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\37SBEX0I (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Laura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\57GJHRXB (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Laura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6SXCE7PX (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Laura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ORUPTAP (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Laura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9RDW9ZF9 (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Laura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BWHIEBKZ (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Laura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E46EYMVM (Temporary Internet Files Folder)
      Successfully deleted: C:\Users\Laura\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISC59RAD (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2DKIW8KR (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\37SBEX0I (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\57GJHRXB (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6SXCE7PX (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ORUPTAP (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9RDW9ZF9 (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BWHIEBKZ (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E46EYMVM (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISC59RAD (Temporary Internet Files Folder)
      Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XTCGEDWE (Temporary Internet Files Folder)



      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 23/11/2017 at 22:02:54,73
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      # AdwCleaner 7.0.4.0 - Logfile created on Fri Nov 24 01:06:09 2017
      # Updated on 2017/27/10 by Malwarebytes
      # Running on Windows 7 Ultimate (X86)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      Deleted: C:\Program Files\73263a84e426ecba5eb15e541b024b53


      ***** [ Files ] *****

      No malicious files deleted.

      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      No malicious registry entries deleted.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries deleted.

      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[C0].txt - [1484 B] - [2017/6/7 0:32:14]
      C:/AdwCleaner/AdwCleaner[C2].txt - [2046 B] - [2017/6/28 2028]
      C:/AdwCleaner/AdwCleaner[S0].txt - [1453 B] - [2017/5/1 15:47:42]
      C:/AdwCleaner/AdwCleaner[S10].txt - [1803 B] - [2017/11/23 23:15:11]
      C:/AdwCleaner/AdwCleaner[S11].txt - [1873 B] - [2017/11/23 23:46:27]
      C:/AdwCleaner/AdwCleaner[S12].txt - [1943 B] - [2017/11/24 155]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1928 B] - [2017/6/7 0:26:35]
      C:/AdwCleaner/AdwCleaner[S2].txt - [1983 B] - [2017/6/28 2033]
      C:/AdwCleaner/AdwCleaner[S3].txt - [1327 B] - [2017/8/26 21:21:30]
      C:/AdwCleaner/AdwCleaner[S4].txt - [1395 B] - [2017/8/26 23:14:53]
      C:/AdwCleaner/AdwCleaner[S5].txt - [1950 B] - [2017/9/1 1:22:28]
      C:/AdwCleaner/AdwCleaner[S6].txt - [2018 B] - [2017/9/2 22:53:40]
      C:/AdwCleaner/AdwCleaner[S7].txt - [1596 B] - [2017/10/3 19:54:47]
      C:/AdwCleaner/AdwCleaner[S8].txt - [1732 B] - [2017/11/23 22:29:44]
      C:/AdwCleaner/AdwCleaner[S9].txt - [1733 B] - [2017/11/23 22:35:45]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########

    4. #4
      Usuario Avatar de PhoneDestroyer
      Registrado
      nov 2017
      Ubicación
      Argentina
      Mensajes
      7

      Re: PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

      Hola de nuevo. Te agradecería muchísimo si me puedes contestar hoy mi respuesta anterior.
      Saludos.

    5. #5
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.352

      Re: PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

      Hola

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de PhoneDestroyer
      Registrado
      nov 2017
      Ubicación
      Argentina
      Mensajes
      7

      Re: PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

      Hola. Respecto al PUP te tengo que decir algo, y es que creo que finalmente lo elimine. Lo logre haciéndolo manualmente (lo destruí con AVG) y eliminando algunos archivos del registro de google (toolbar y todo eso). Luego de eso, analice con adwcleaner y todo limpio.
      Scan FRST
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-11-2017 01
      Ran by Laura (administrator) on LAURA-PC (24-11-2017 23:43:41)
      Running from C:\Users\Laura\Downloads
      Loaded Profiles: Laura (Available Profiles: Laura & Invitado)
      Platform: Microsoft Windows 7 Ultimate (X86) Language: Español (España, internacional)
      Internet Explorer Version 8 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AMD) C:\Windows\System32\atiesrxx.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
      (Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
      (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
      (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
      (Malwarebytes) C:\Archivos de programa\Anti-Malware\MBAMService.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
      (Malwarebytes) C:\Archivos de programa\Anti-Malware\mbamtray.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
      (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (Skillbrains) C:\Program Files\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
      (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
      (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
      (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
      (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
      (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATIPCE.EXE
      (Disc Soft Ltd) C:\Archivos de programa\DAEMON Tools Lite\DTAgent.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
      (Disc Soft Ltd) C:\Archivos de programa\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
      (Farbar) C:\Users\Laura\Downloads\FRST (1).exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-10] (Advanced Micro Devices, Inc.)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [5708432 2012-06-12] (Realtek Semiconductor)
      HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
      HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-10-31] (AVG Technologies CZ, s.r.o.)
      HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
      HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [302744 2017-11-18] (AVG Technologies CZ, s.r.o.)
      HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-21-639967415-54274893-1491004558-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
      HKU\S-1-5-21-639967415-54274893-1491004558-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIPCE.EXE [380400 2015-03-26] (SEIKO EPSON CORPORATION)
      HKU\S-1-5-21-639967415-54274893-1491004558-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Archivos de programa\DAEMON Tools Lite\DTAgent.exe [3880640 2017-08-14] (Disc Soft Ltd)
      HKU\S-1-5-21-639967415-54274893-1491004558-1000\...\Run: [Steam] => C:\Archivos de programa\Valve\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
      HKU\S-1-5-21-639967415-54274893-1491004558-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7814600 2017-11-08] (Piriform Ltd)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acelerador de inicio de AutoCAD.lnk [2017-06-30]
      ShortcutTarget: Acelerador de inicio de AutoCAD.lnk -> C:\Program Files\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
      BootExecute: autocheck autochk * sdnclean.exe
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
      Tcpip\Parameters: [DhcpNameServer] 186.130.128.76 200.63.155.203
      Tcpip\..\Interfaces\{6E4BDABC-8491-43DE-A3C7-25E0C8FCEA58}: [DhcpNameServer] 186.130.128.76 200.63.155.203

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
      HKU\S-1-5-21-639967415-54274893-1491004558-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ar/?ocid=iehp
      SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-27] (Oracle Corporation)
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
      BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-27] (Oracle Corporation)

      FireFox:
      ========
      FF ProfilePath: C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\4ztx6fce.default-1500499523340 [2017-11-24]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
      FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
      FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-27] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-27] (Oracle Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
      FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
      FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
      FF Plugin HKU\S-1-5-21-639967415-54274893-1491004558-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Laura\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-19] (Unity Technologies ApS)

      Chrome:
      =======
      CHR DefaultProfile: Default
      CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
      CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
      CHR Profile: C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default [2017-11-24]
      CHR Extension: (Adblock Plus) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-11-23]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-23]
      CHR Extension: (Chrome Media Router) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-23]
      CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [282536 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5954792 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-10-31] (AVG Technologies CZ, s.r.o.)
      R3 Disc Soft Lite Bus Service; C:\Archivos de programa\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2354368 2017-08-14] (Disc Soft Ltd)
      S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [182304 2014-12-16] (EasyAntiCheat Ltd)
      R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [593392 2015-06-25] (SEIKO EPSON CORPORATION)
      R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
      R2 MBAMService; C:\Archivos de programa\Anti-Malware\mbamservice.exe [4563920 2017-11-01] (Malwarebytes)
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5315584 2010-05-21] (ATI Technologies Inc.)
      R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [149592 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R1 avgbdisk; C:\Windows\System32\drivers\avgbdiskx.sys [135872 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriverx.sys [249232 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R0 avgbidsh; C:\Windows\System32\drivers\avgbidshx.sys [151024 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R0 avgblog; C:\Windows\System32\drivers\avgblogx.sys [270344 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R0 avgbuniv; C:\Windows\System32\drivers\avgbunivx.sys [43992 2017-11-18] (AVG Technologies CZ, s.r.o.)
      S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [35264 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [117368 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [91976 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [63280 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [775552 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [381184 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [143264 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [290776 2017-11-18] (AVG Technologies CZ, s.r.o.)
      R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2016-05-20] (Disc Soft Ltd)
      R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-05-20] (Disc Soft Ltd)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [221112 2017-11-24] (Malwarebytes)
      R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-18] ()
      R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [104064 2016-07-29] (BigNox Corporation)
      R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [203392 2016-07-29] (BigNox Corporation)
      S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-24 23:43 - 2017-11-24 23:44 - 000013702 _____ C:\Users\Laura\Downloads\FRST.txt
      2017-11-24 23:42 - 2017-11-24 23:43 - 000000000 ____D C:\FRST
      2017-11-24 23:42 - 2017-11-24 23:42 - 001789440 _____ (Farbar) C:\Users\Laura\Downloads\FRST (1).exe
      2017-11-23 22:18 - 2017-11-23 22:18 - 000000278 _____ C:\Users\Laura\Documents\cc_20171123_221845.reg
      2017-11-23 22:17 - 2017-11-23 22:17 - 000158734 _____ C:\Users\Laura\Documents\cc_20171123_221739.reg
      2017-11-23 22:16 - 2017-11-23 22:16 - 000000961 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-11-23 22:16 - 2017-11-23 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2017-11-23 22:16 - 2017-11-23 22:16 - 000000000 ____D C:\Program Files\CCleaner
      2017-11-23 22:14 - 2017-11-23 22:14 - 010849904 _____ (Piriform Ltd) C:\Users\Laura\Downloads\ccsetup537.exe
      2017-11-23 22:08 - 2017-11-23 22:08 - 000002114 _____ C:\Users\Laura\Desktop\AdwCleaner[C2].txt
      2017-11-23 22:02 - 2017-11-23 22:02 - 000004221 _____ C:\Users\Laura\Desktop\JRT.txt
      2017-11-23 21:58 - 2017-11-23 21:58 - 001790024 _____ (Malwarebytes) C:\Users\Laura\Downloads\JRT.exe
      2017-11-23 21:55 - 2017-11-23 21:55 - 000001542 _____ C:\Users\Laura\Desktop\malware.txt
      2017-11-23 20:23 - 2017-11-23 20:23 - 001789440 _____ (Farbar) C:\Users\Laura\Downloads\FRST.exe
      2017-11-23 20:20 - 2017-11-23 20:20 - 000001803 _____ C:\Users\Laura\Desktop\AdwCleaner[S10].txt
      2017-11-23 20:13 - 2017-11-23 20:13 - 008261584 _____ (Malwarebytes) C:\Users\Laura\Desktop\adwcleaner_7.0.4.0.exe
      2017-11-23 20:12 - 2017-11-23 20:13 - 008261584 _____ (Malwarebytes) C:\Users\Invitado\Desktop\adwcleaner_7.0.4.0.exe
      2017-11-22 23:38 - 2017-11-23 20:41 - 000000000 ____D C:\Users\Laura\AppData\Local\CrashDumps
      2017-11-22 23:38 - 2017-11-22 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV Cradle of Civilization
      2017-11-22 19:06 - 2017-11-22 19:06 - 000000043 _____ C:\Users\Laura\Downloads\hbpix (3)
      2017-11-22 16:39 - 2017-11-22 16:39 - 000058233 _____ C:\Users\Laura\Downloads\pagos.pdf
      2017-11-20 23:58 - 2017-11-20 23:58 - 000072928 _____ C:\Users\Invitado\Downloads\PIEZAFINAL POR CANO.bak
      2017-11-20 23:32 - 2017-11-20 23:58 - 000072928 _____ C:\Users\Invitado\Downloads\PIEZAFINAL POR CANO.dwg
      2017-11-20 13:12 - 2017-11-20 13:12 - 000022173 _____ C:\Users\Invitado\Downloads\Europa-Universalis-IV-Mare-Nostrum-[MULTI][SKIDROW]-(Torrent).torrent
      2017-11-19 22:14 - 2017-11-24 23:35 - 000221112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2017-11-18 17:54 - 2017-11-18 17:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2017-11-18 15:46 - 2017-11-18 15:46 - 001588401 _____ C:\Users\Invitado\Downloads\UTN-FRBAPowerPointAvanz.zip
      2017-11-18 15:44 - 2017-11-18 15:45 - 011307456 _____ C:\Users\Invitado\Downloads\UTN-FRBA_Tutoriales_MS_Power_Point_2007_Parte_2.zip
      2017-11-18 15:44 - 2017-11-18 15:45 - 009062822 _____ C:\Users\Invitado\Downloads\UTN-FRBA_Tutoriales_MS_Power_Point_2007_Parte_1.zip
      2017-11-18 15:44 - 2017-11-18 15:44 - 000574154 _____ C:\Users\Invitado\Downloads\Teatro por Uriel Cano.pptx
      2017-11-18 15:43 - 2017-11-18 15:43 - 000574455 _____ C:\Users\Invitado\Downloads\Teatro por Facundo Giffoni.pptx
      2017-11-18 13:42 - 2017-11-18 13:42 - 000001914 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
      2017-11-18 13:41 - 2017-11-18 13:41 - 000306448 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
      2017-11-18 13:41 - 2017-11-18 13:41 - 000149592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
      2017-11-17 18:55 - 2017-11-17 18:55 - 004550451 _____ C:\Users\Invitado\Downloads\doom2.7z
      2017-11-17 18:54 - 2017-11-17 18:54 - 005770107 _____ C:\Users\Invitado\Downloads\tnt.7z
      2017-11-17 18:54 - 2017-11-17 18:54 - 005338603 _____ C:\Users\Invitado\Downloads\plutonia.7z
      2017-11-17 18:54 - 2017-11-17 18:54 - 003427446 _____ C:\Users\Invitado\Downloads\doomu.7z
      2017-11-17 18:54 - 2017-11-17 18:54 - 000000000 ____D C:\Users\Invitado\AppData\Roaming\DAEMON Tools Lite
      2017-11-17 18:45 - 2017-11-17 18:47 - 080229867 _____ C:\Users\Invitado\Downloads\bd21testnov5.zip
      2017-11-13 20:55 - 2017-11-13 20:55 - 005311909 _____ (ClasicosBasicos.com) C:\Users\Invitado\Downloads\ultimate-doom.exe
      2017-11-13 20:55 - 2017-11-13 20:55 - 000000000 ____D C:\Users\Invitado\Documents\ClasicosBasicos
      2017-11-13 20:55 - 2017-11-13 20:55 - 000000000 ____D C:\Users\Invitado\AppData\Local\DOSBox
      2017-11-13 19:00 - 2017-11-13 19:03 - 141452541 _____ C:\Users\Invitado\Downloads\Microsoft Word 2007 WinDroid Tech.rar
      2017-11-12 12:53 - 2017-11-12 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2017-11-12 12:53 - 2017-11-12 12:53 - 000000000 ____D C:\ProgramData\MB3CoreBackup
      2017-11-09 21:47 - 2017-11-09 21:55 - 000053120 _____ C:\Users\Invitado\Downloads\tp9 URIEL CANO.dwg
      2017-11-09 21:47 - 2017-11-09 21:47 - 000049502 _____ C:\Users\Invitado\Downloads\tp9 URIEL CANO.bak
      2017-11-01 22:19 - 2017-11-01 22:19 - 000000043 _____ C:\Users\Laura\Downloads\hbpix (2)
      2017-10-29 18:50 - 2017-10-29 18:50 - 000047140 _____ C:\Users\Invitado\Downloads\lamina8porCano.dwg
      2017-10-28 17:39 - 2017-10-28 17:39 - 000026482 _____ C:\Users\Laura\Downloads\Municipio de Lomas de Zamora.html
      2017-10-28 17:39 - 2017-10-28 17:39 - 000000000 ____D C:\Users\Laura\Downloads\Municipio de Lomas de Zamora_files
      2017-10-26 21:54 - 2017-10-26 21:54 - 000000000 ____D C:\Users\Laura\AppData\Roaming\iterate_GmbH
      2017-10-26 21:54 - 2017-10-26 21:54 - 000000000 ____D C:\Users\Laura\AppData\Roaming\Cyberduck
      2017-10-26 21:53 - 2017-10-26 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberduck
      2017-10-26 21:53 - 2017-10-26 21:53 - 000000000 ____D C:\ProgramData\Apple
      2017-10-26 21:53 - 2017-10-26 21:53 - 000000000 ____D C:\Program Files\Cyberduck
      2017-10-26 21:53 - 2017-10-26 21:53 - 000000000 ____D C:\Program Files\Bonjour
      2017-10-26 21:51 - 2017-10-26 21:51 - 046371624 _____ (iterate GmbH) C:\Users\Laura\Downloads\Cyberduck-Installer-6.2.9.26659.exe
      2017-10-26 21:34 - 2017-10-26 21:34 - 002241216 _____ (FileZilla Project) C:\Users\Laura\Downloads\FileZilla_Server-0_9_60_2 (1).exe
      2017-10-25 20:31 - 2017-10-26 21:49 - 000000000 ____D C:\Users\Laura\AppData\Roaming\FileZilla
      2017-10-25 20:31 - 2017-10-26 21:37 - 000000000 ____D C:\Users\Laura\AppData\Local\FileZilla
      2017-10-25 20:28 - 2017-10-25 20:28 - 002241216 _____ (FileZilla Project) C:\Users\Laura\Downloads\FileZilla_Server-0_9_60_2.exe
      2017-10-25 20:20 - 2017-10-25 20:25 - 116274328 _____ C:\Users\Laura\Downloads\DW PORTABLE ISNEYLER AW.exe
      2017-10-25 20:20 - 2017-10-25 20:20 - 000000043 _____ C:\Users\Laura\Downloads\hbpix (1)

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-11-24 23:41 - 2009-07-14 01:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-11-24 23:41 - 2009-07-14 01:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-11-24 23:34 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-11-24 23:02 - 2016-05-09 20:02 - 000000917 _____ C:\Windows\Tasks\EPSON XP-230 Series Update {C7ACCD46-7CA6-4F25-B94B-3968850EA70B}.job
      2017-11-24 21:23 - 2017-05-01 12:42 - 000000000 ____D C:\AdwCleaner
      2017-11-23 23:08 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
      2017-11-23 20:42 - 2017-08-26 16:32 - 000000000 ____D C:\Users\Laura\AppData\Roaming\uTorrent
      2017-11-23 20:42 - 2016-05-20 19:57 - 000000000 ____D C:\Users\Laura\AppData\Roaming\DAEMON Tools Lite
      2017-11-23 19:31 - 2017-03-23 20:38 - 000000282 __RSH C:\ProgramData\ntuser.pol
      2017-11-23 19:15 - 2009-07-13 23:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
      2017-11-22 23:39 - 2017-08-27 00:25 - 000000000 ____D C:\Users\Laura\Documents\Paradox Interactive
      2017-11-22 23:39 - 2017-04-27 22:20 - 000000000 ____D C:\Users\Laura\Desktop\DR
      2017-11-22 23:37 - 2017-02-11 02:08 - 000000000 ____D C:\Users\Laura\Documents\GTA San Andreas User Files
      2017-11-22 23:31 - 2013-01-05 07:11 - 000000000 ___RD C:\Archivos de programa
      2017-11-21 17:58 - 2009-07-14 01:53 - 000032520 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2017-11-20 23:50 - 2017-06-30 16:01 - 000000000 ____D C:\Users\Invitado\Desktop\autocad
      2017-11-18 21:01 - 2017-01-13 20:38 - 000000000 ____D C:\Users\Invitado\Desktop\Plague INC
      2017-11-18 18:43 - 2016-02-19 09:18 - 000000000 ___SD C:\Users\Laura\AppData\LocalLow\Temp
      2017-11-18 13:42 - 2017-05-26 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
      2017-11-18 13:42 - 2017-05-26 19:37 - 000381184 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
      2017-11-18 13:41 - 2017-05-26 19:37 - 000775552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
      2017-11-18 13:41 - 2017-05-26 19:37 - 000290776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
      2017-11-18 13:41 - 2017-05-26 19:37 - 000143264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
      2017-11-18 13:41 - 2017-05-26 19:37 - 000117368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
      2017-11-18 13:41 - 2017-05-26 19:37 - 000091976 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
      2017-11-18 13:41 - 2017-05-26 19:37 - 000063280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
      2017-11-18 13:41 - 2017-05-26 19:37 - 000035264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
      2017-11-18 13:40 - 2017-05-26 19:37 - 000270344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblogx.sys
      2017-11-18 13:40 - 2017-05-26 19:37 - 000249232 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriverx.sys
      2017-11-18 13:40 - 2017-05-26 19:37 - 000151024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidshx.sys
      2017-11-18 13:40 - 2017-05-26 19:37 - 000135872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiskx.sys
      2017-11-18 13:40 - 2017-05-26 19:37 - 000043992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbunivx.sys
      2017-11-14 19:27 - 2014-12-12 18:13 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
      2017-11-14 19:27 - 2014-12-12 18:13 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
      2017-11-14 19:27 - 2014-12-12 18:13 - 000000000 ____D C:\Windows\system32\Macromed
      2017-11-13 18:36 - 2016-06-19 10:56 - 000000000 ____D C:\Users\Invitado\Documents\Pendrive
      2017-11-12 12:53 - 2017-10-08 21:18 - 000001705 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2017-11-07 16:16 - 2017-09-04 22:31 - 000000978 _____ C:\Users\Public\Desktop\AVG.lnk
      2017-11-04 23:12 - 2014-12-11 22:27 - 000000000 ____D C:\Program Files\Common Files\Steam
      2017-11-01 08:54 - 2017-10-08 21:18 - 000059896 _____ C:\Windows\system32\Drivers\mbae.sys
      2017-10-27 19:51 - 2015-02-13 14:44 - 000000000 ____D C:\Users\Laura\AppData\Roaming\Skype
      2017-10-26 21:53 - 2017-02-20 22:42 - 000000000 ____D C:\ProgramData\Package Cache

      ==================== Files in the root of some directories =======

      2017-07-02 15:43 - 2017-07-02 15:43 - 038270608 _____ () C:\Users\Laura\AppData\Roaming\gameboxsetup.exe
      2017-03-24 13:39 - 2017-05-21 00:39 - 000000281 _____ () C:\Users\Laura\AppData\Roaming\WB.CFG
      2015-02-11 12:51 - 2015-02-11 12:51 - 000000003 _____ () C:\Users\Laura\AppData\Local\updater.log
      2015-02-11 12:51 - 2017-05-06 20:52 - 000000413 _____ () C:\Users\Laura\AppData\Local\UserProducts.xml

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-11-20 17:52

      ==================== End of FRST.txt ============================

    7. #7
      Usuario Avatar de PhoneDestroyer
      Registrado
      nov 2017
      Ubicación
      Argentina
      Mensajes
      7

      Re: PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

      Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-11-2017 01
      Ran by Laura (24-11-2017 23:44:29)
      Running from C:\Users\Laura\Downloads
      Microsoft Windows 7 Ultimate (X86) (2014-12-09 21:46:02)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-639967415-54274893-1491004558-500 - Administrator - Disabled)
      Invitado (S-1-5-21-639967415-54274893-1491004558-501 - Limited - Enabled) => C:\Users\Invitado
      Laura (S-1-5-21-639967415-54274893-1491004558-1000 - Administrator - Enabled) => C:\Users\Laura

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
      AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      µTorrent (HKU\S-1-5-21-639967415-54274893-1491004558-1000\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
      Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
      Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
      Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.)
      Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.11.12 - Atheros Communications Inc.)
      ATI Catalyst Install Manager (HKLM\...\{2333AFB1-D26D-8C62-A253-89C91DAA993A}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
      Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
      AutoCAD 2007 - Español (HKLM\...\{5783F2D7-5001-040A-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk)
      Autodesk DWF Viewer (HKLM\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
      AVG (HKLM\...\{18B25CA1-A325-4ED8-A494-C764D914D57E}) (Version: 1.211.3 - AVG Technologies) Hidden
      AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.8.3036 - AVG Technologies)
      Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.) Hidden
      ccc-core-static (HKLM\...\{8ADE5280-35CA-CF98-A456-F66B98C77244}) (Version: 2010.0210.2206.39615 - Nombre de su organización) Hidden
      CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
      Company of Heroes - Complete Edition (HKLM\...\Company of Heroes - Complete Edition_is1) (Version: - )
      Cyberduck (HKLM\...\{04d4f060-c671-4fb6-8352-dec09dfb3be6}) (Version: 6.2.9.26659 - iterate GmbH)
      Cyberduck (HKLM\...\{29AA7FF5-77D8-4959-87A9-C3795297660F}) (Version: 6.2.9.26659 - iterate GmbH) Hidden
      D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
      Desinstalar impresora EPSON XP-230 Series (HKLM\...\EPSON XP-230 Series) (Version: - Seiko Epson Corporation)
      DkZ Studio (HKLM\...\{F656DC79-013A-4683-8692-B938FC00B941}) (Version: 1.0.0.0 - abScroll (c) 2005)
      Easy Photo Scan (HKLM\...\{1A6DED1E-A024-455D-AA82-203D6B3B0CBC}) (Version: 1.00.0006 - Seiko Epson Corporation)
      Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.80.0000 - Seiko Epson Corporation)
      Epson Easy Photo Print 2 (HKLM\...\{922E2D91-9314-45AA-9AEF-E585F93B59A9}) (Version: 2.6.1.0 - Seiko Epson Corporation)
      Epson Event Manager (HKLM\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
      EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
      EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
      Europa Universalis IV Cradle of Civilization (HKLM\...\Europa Universalis IV Cradle of Civilization_is1) (Version: - )
      FMW 1 (HKLM\...\{B9B474D5-8B52-4A05-8DA0-CFECB057E523}) (Version: 1.226.3 - AVG Technologies) Hidden
      Galería de fotos (HKLM\...\{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
      Google Chrome (HKLM\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
      Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
      ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
      Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
      Left 4 Dead (HKLM\...\Left 4 Dead. ByKongo22_is1) (Version: - )
      Lightshot-5.4.0.10 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
      Macromedia Flash Player 8 (HKLM\...\ShockwaveFlash) (Version: 8 - Macromedia)
      Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
      Manual Epson XP-231 versión 1.0 (HKLM\...\UsersGuideManual Epson XP-231_is1) (Version: 1.0 - )
      Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
      Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.4763.1000 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
      Minecraft1.6.2 (HKLM\...\Minecraft1.6.2) (Version: - )
      Movie Maker (HKLM\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
      Movie Maker (HKLM\...\{F25C8769-16B6-4B19-BB0B-76F213829AC6}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
      Mozilla Firefox 55.0.3 (x86 es-AR) (HKLM\...\Mozilla Firefox 55.0.3 (x86 es-AR)) (Version: 55.0.3 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
      MTA:SA v1.5.3 (HKLM\...\MTA:SA 1.5) (Version: v1.5.3 - Multi Theft Auto)
      Nox APP Player (HKLM\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.)
      OpenAL (HKLM\...\OpenAL) (Version: - )
      Paquete de idioma de Microsoft .NET Framework 4.5 ESN (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50709 - Microsoft Corporation)
      PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version: - )
      PES 2013 Next Season Patch 2018 AIO (HKLM\...\PES 2013 Next Season Patch 2018 AIO) (Version: - )
      Pro Evolution Soccer 2010 (HKLM\...\{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}) (Version: 1.00.0000 - KONAMI)
      Pro Evolution Soccer 2013 (HKLM\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
      Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
      Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
      Scratch (HKLM\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
      Skype™ 7.18 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
      Software Updater (HKLM\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
      Star Wars Battlefront II Ultimate Pack version 5.4 (HKLM\...\{80C123AF-9375-4166-B05B-820FF5EF8B52}_is1) (Version: 5.4 - XAP4O)
      Star Wars Jedi Knight Jedi Academy (HKLM\...\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}) (Version: - )
      Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      Sumotori Dreams (HKLM\...\Sumotori Dreams) (Version: - )
      swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
      Unity Web Player (HKU\S-1-5-21-639967415-54274893-1491004558-1000\...\UnityWebPlayer) (Version: 5.3.3f1 - Unity Technologies ApS)
      USB Vibration Joystick (BM) (HKLM\...\{61A994FF-DF9B-4937-9DB9-87EC4FF1B31F}) (Version: 1.00.0000 - ShanWan)
      Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
      Windows Driver Package - BigNox Corporation VBoxUSBMon System (07/29/2016 4.3.12) (HKLM\...\43FE9E2B2F999F829408211E27A3FA117454BF76) (Version: 07/29/2016 4.3.12 - BigNox Corporation)
      Windows Driver Package - BigNox Corporation XQHDrv System (07/29/2016 4.3.12) (HKLM\...\712BB5E19C886AF8B39551E5F434A4A45F01A3A9) (Version: 07/29/2016 4.3.12 - BigNox Corporation)
      Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
      World of Tanks (HKU\S-1-5-21-639967415-54274893-1491004558-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version: - Wargaming.net)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{030B4A80-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{030B4A81-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{030B4A82-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{079AA557-4A18-424A-8EEE-E39F0A8D41B9}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{1F6F8D20-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Archivos de programa\AutoCAD 2007\acad.exe (Autodesk, Inc.)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{2933BF90-7B36-11d2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{2933BF91-7B36-11D2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{2933BF94-7B36-11D2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\Windows\system32\msstdfmt.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{3124C396-FB13-4836-A6AD-1317F1713688}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{373984C9-B845-449B-91E7-45AC83036ADE}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{379E501F-B231-11D1-ADC1-00805FC752D8}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\InprocServer32 -> C:\Windows\system32\RICHTX32.OCX (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{3D813DFE-6C91-4A4E-8F41-04346A841D9C}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{3E784A01-F3AE-4DC0-9354-9526B9370EBA}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Laura\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{48123BC4-99D9-11D1-A6B3-00C04FD91555}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{4DD441AD-526D-4A77-9F1B-9841ED802FB0}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{550DDA30-0541-11D2-9CA9-0060B0EC3D39}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{699DDBCC-DC7E-11D0-BCF7-00C04FC2FB86}\InprocServer32 -> C:\Windows\system32\msstdfmt.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{6D835690-900B-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\Windows\system32\msstdfmt.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{78E5A540-1850-11CF-9D53-00AA003C9CB6}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Archivos de programa\AutoCAD 2007\acad.exe (Autodesk, Inc.)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{7E3FCEA1-31B4-11D2-AE1F-0080C7337EA1}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{99FF4677-FFC3-11D0-BD02-00C04FC2FB86}\InprocServer32 -> C:\Windows\system32\msstdfmt.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{AFB40FFD-B609-40A3-9828-F88BBE11E4E3}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{AFC634B0-4B8B-11CF-8989-00AA00688B10}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{CFC399AF-D876-11D0-9C10-00C04FC99C8E}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{D2423620-51A0-11D2-9CAF-0060B0EC3D39}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Archivos de programa\AutoCAD 2007\acadficn.dll (Autodesk, Inc.)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F19-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F27-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F31-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F33-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F34-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F35-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F36-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F37-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F39-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F3F-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F40-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F5078F41-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F6D90F14-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-639967415-54274893-1491004558-1000_Classes\CLSID\{FC220AD8-A72A-4EE8-926E-0B7AD152A020}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
      ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
      ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
      ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
      ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ShellIconOverlayIdentifiers: [Identificador de icono superpuesto para firmas digitales de AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2006-03-05] (Autodesk)
      ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll [2005-11-15] (Autodesk, Inc.)
      ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-11-18] (AVG Technologies CZ, s.r.o.)
      ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Archivos de programa\WinRAR\rarext.dll [2007-09-21] ()
      ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Archivos de programa\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
      ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd)
      ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Archivos de programa\WinRAR\rarext.dll [2007-09-21] ()
      ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2010-02-10] (Advanced Micro Devices, Inc.)
      ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-11-18] (AVG Technologies CZ, s.r.o.)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Archivos de programa\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Archivos de programa\WinRAR\rarext.dll [2007-09-21] ()

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {2822EF05-5081-4CE2-8AEE-4BFD1117E366} - System32\Tasks\EPSON XP-230 Series Update {C7ACCD46-7CA6-4F25-B94B-3968850EA70B} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSPCE.EXE [2015-03-26] (SEIKO EPSON CORPORATION)
      Task: {2AEEBA29-BFCA-42E9-BB20-EFF5EA2F99E3} - System32\Tasks\{203F22ED-BAFF-4984-A103-57F9EB6C1748} => C:\Windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
      Task: {2B4A9B52-62D2-4E24-9C12-E5A041B98CBA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
      Task: {414E8854-DEC6-40C5-952A-BE69FD56EE30} - System32\Tasks\{BAFF4CB9-754B-418A-8DF3-9895A80A2735} => C:\Windows\system32\pcalua.exe -a "C:\Users\Laura\Desktop\Star Wars Battlefront II\InstallBFII.exe" -d "C:\Users\Laura\Desktop\Star Wars Battlefront II"
      Task: {474808AA-7C2D-460A-B960-0B25AB96988C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
      Task: {49DD0714-2B77-4321-AC4A-F70F90CCBF0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
      Task: {5CB86FA2-5B9C-446F-BDE3-5AF05832DA2A} - System32\Tasks\{CE1F62E9-4C8E-4693-8AE4-3ACE2BBABA1E} => C:\Windows\system32\pcalua.exe -a C:\Users\Laura\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
      Task: {68051417-0CF7-4570-A85A-6DE392756466} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
      Task: {7388B0CF-5FEA-481F-8E81-26062252F1EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
      Task: {97A5B303-49EE-47DE-91AC-A1C75BB6796F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
      Task: {A80EB062-5F4E-40CD-8AB9-921CD8E15EC1} - System32\Tasks\{F36A4409-E954-402B-87D9-25E91D526BDB} => C:\Windows\system32\pcalua.exe -a "C:\Archivos de programa\VictorVal\FIFA 2013 Repack\Redist\vcredist_x86.exe" -d "C:\Archivos de programa\VictorVal\FIFA 2013 Repack\Redist"
      Task: {B3C90EC6-8B23-4DB8-AFAE-DFEFDE6B9708} - System32\Tasks\{F1A35D0E-506E-4279-AE5A-FC7254F484D1} => C:\Windows\system32\pcalua.exe -a "C:\Users\Laura\Desktop\Star Wars Battlefront\InstallBFII.exe" -d "C:\Users\Laura\Desktop\Star Wars Battlefront"
      Task: {B601FAF4-7132-4E96-9444-B28A70A34B61} - System32\Tasks\{C656A6AE-DDB1-47C3-970A-6C2D38A437A2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Laura\Desktop\.minecraft\minecraft launcher\Uninstall.exe" -d "C:\Users\Laura\Desktop\.minecraft\minecraft launcher"
      Task: {C2D878A2-F719-401F-A42E-EE05BF574E2F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
      Task: {C43E29DF-A9A2-415D-96E0-F747BAC89803} - System32\Tasks\{34F3BA4D-E7B0-4CC7-86A7-8C07341531A2} => C:\Program Files\Google\Chrome\Application\chrome.exe
      Task: {E7516D8C-BC04-47B9-BA50-A3F503584817} - System32\Tasks\{62620326-DD67-4EEA-8EAB-08573D280E22} => C:\Program Files\Google\Chrome\Application\chrome.exe
      Task: {EFCB31AC-F67F-45BA-B91A-4173304B7396} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2017-11-18] (AVG Technologies CZ, s.r.o.)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\Windows\Tasks\EPSON XP-230 Series Update {C7ACCD46-7CA6-4F25-B94B-3968850EA70B}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSPCE.EXE:/EXE:{C7ACCD46-7CA6-4F25-B94B-3968850EA70B} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2017-11-18 13:41 - 2017-11-18 13:41 - 000060160 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll
      2017-11-18 13:41 - 2017-11-18 13:41 - 000168216 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll
      2017-11-18 13:41 - 2017-11-18 13:41 - 000238928 _____ () C:\Program Files\AVG\Antivirus\event_routing_rpc.dll
      2017-11-18 13:41 - 2017-11-18 13:41 - 000245704 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
      2017-11-18 13:41 - 2017-11-18 13:41 - 000152224 _____ () C:\Program Files\AVG\Antivirus\network_notifications.dll
      2017-11-24 20:43 - 2017-11-24 20:43 - 005877992 _____ () C:\Program Files\AVG\Antivirus\defs\17112406\algo.dll
      2017-11-18 13:41 - 2017-11-18 13:41 - 000711176 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
      2017-11-18 13:41 - 2017-11-18 13:41 - 000246728 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
      2017-10-08 21:18 - 2017-11-01 08:55 - 001930696 _____ () C:\ARCHIVOS DE PROGRAMA\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-11-18 13:41 - 2017-11-18 13:41 - 000143912 _____ () c:\Program Files\AVG\Antivirus\vaarclient.dll
      2017-10-20 08:13 - 2017-10-20 08:13 - 000073384 _____ () C:\Archivos de programa\FileZilla FTP Client\fzshellext.dll
      2016-11-28 16:44 - 2016-11-28 16:44 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
      2017-06-28 17:19 - 2017-06-28 17:19 - 067109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
      2014-12-09 18:51 - 2014-12-09 18:51 - 000270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
      2017-11-13 18:45 - 2017-11-10 06:21 - 003075928 _____ () C:\Program Files\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
      2017-11-13 18:45 - 2017-11-10 06:21 - 000086872 _____ () C:\Program Files\Google\Chrome\Application\62.0.3202.94\libegl.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData:NT [40]
      AlternateDataStreams: C:\ProgramData:NT2 [432]
      AlternateDataStreams: C:\Users\All Users:NT [40]
      AlternateDataStreams: C:\Users\All Users:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
      AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
      AlternateDataStreams: C:\Users\Laura\Datos de programa:NT [40]
      AlternateDataStreams: C:\Users\Laura\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\Users\Laura\AppData\Roaming:NT [40]
      AlternateDataStreams: C:\Users\Laura\AppData\Roaming:NT2 [432]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

      HKU\S-1-5-21-639967415-54274893-1491004558-1000\Software\Classes\.scr: AutoCADScriptFile => "C:\Windows\system32\NOTEPAD.EXE" "%1"

      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-13 23:04 - 2017-04-27 17:28 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-639967415-54274893-1491004558-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 186.130.128.76 - 200.63.155.203
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==


      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [TCP Query User{9665450C-0826-4F12-A8D5-42B1B753F738}C:\archivos de programa\google\chrome\application\chrome.exe] => (Block) C:\archivos de programa\google\chrome\application\chrome.exe
      FirewallRules: [UDP Query User{D1A78373-BC39-47A0-8ABB-E25502156743}C:\archivos de programa\google\chrome\application\chrome.exe] => (Block) C:\archivos de programa\google\chrome\application\chrome.exe
      FirewallRules: [{E5E94377-95AC-42FE-88BC-4793F4C28C4E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
      FirewallRules: [{8AE10C2D-D2A0-4788-B1AB-E432D0EB24D4}] => (Allow) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
      FirewallRules: [{34BDDDC8-CBF1-4E87-BEA4-B18845954DA9}] => (Allow) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
      FirewallRules: [TCP Query User{25A09D7A-5768-4BAE-B937-18F665A6FFBD}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
      FirewallRules: [UDP Query User{43A4291B-D351-488C-9132-8897886CC011}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
      FirewallRules: [TCP Query User{0471D5AD-90CD-494C-8A03-08A1D47FCB39}C:\program files\konami\pro evolution soccer 2010\pes2010.exe] => (Block) C:\program files\konami\pro evolution soccer 2010\pes2010.exe
      FirewallRules: [UDP Query User{08ADF1DC-6FEC-413C-91BE-82A9DB7D16BE}C:\program files\konami\pro evolution soccer 2010\pes2010.exe] => (Block) C:\program files\konami\pro evolution soccer 2010\pes2010.exe
      FirewallRules: [{4A2F3EF2-A25F-45C7-BED1-CBC9B820DEB1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{22DBA664-3D95-4D9C-8812-E592C0BFC320}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{B77A6785-131F-4412-B5E0-F78F6B26A953}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
      FirewallRules: [{C79DDD16-D02B-4B10-ADEE-C21103354269}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{A848C168-D610-47B1-B315-3E6D7C0BFD87}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
      FirewallRules: [{638D3138-2934-4A2C-8E2C-9E088B290ADF}] => (Allow) D:\Network\EpsonNetSetup\ENEASYAPP.EXE
      FirewallRules: [{4EDD545A-5708-4BD6-BD8A-7CA205C69C2C}] => (Allow) D:\Network\EpsonNetSetup\ENEASYAPP.EXE
      FirewallRules: [TCP Query User{FB9423F7-BE23-4B6F-9AF8-14C153754C1F}C:\archivos de programa\left 4 dead\hl2.exe] => (Block) C:\archivos de programa\left 4 dead\hl2.exe
      FirewallRules: [UDP Query User{190D9787-33B8-4C1D-8011-F7B8AD5EEFD7}C:\archivos de programa\left 4 dead\hl2.exe] => (Block) C:\archivos de programa\left 4 dead\hl2.exe
      FirewallRules: [{A83BBC8A-D559-410D-B26D-2798D6B2FBF6}] => (Allow) C:\Users\Laura\AppData\Roaming\Nox\bin\Nox.exe
      FirewallRules: [{4EEEB638-42AC-4888-AC42-8641401BE795}] => (Allow) C:\Archivos de programa\World_of_Tanks\WoTLauncher.exe
      FirewallRules: [{B2C54374-8F33-492D-862A-55B5D4CACBEC}] => (Allow) C:\Archivos de programa\World_of_Tanks\WoTLauncher.exe
      FirewallRules: [{A75C481E-C7AE-4496-9B54-3281F6B6266E}] => (Allow) C:\Archivos de programa\World_of_Tanks\worldoftanks.exe
      FirewallRules: [{3A2CB49A-2485-4C66-9D0C-9DA955CF9324}] => (Allow) C:\Archivos de programa\World_of_Tanks\worldoftanks.exe
      FirewallRules: [TCP Query User{8F9C1BE5-00BE-423B-BFAF-81E3BEBBD54A}C:\archivos de programa\google\chrome\application\chrome.exe] => (Block) C:\archivos de programa\google\chrome\application\chrome.exe
      FirewallRules: [UDP Query User{BD201B77-6506-45B5-8939-5FB11459BF48}C:\archivos de programa\google\chrome\application\chrome.exe] => (Block) C:\archivos de programa\google\chrome\application\chrome.exe
      FirewallRules: [{13207FD6-44A5-4EF4-AE33-4FA2A1243666}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
      FirewallRules: [{CE2E43B7-0A62-4066-BF4B-69C1240FE9E4}] => (Allow) LPort=2869
      FirewallRules: [{DE5CCA5E-F075-4CAF-9796-A207CF310C00}] => (Allow) LPort=1900
      FirewallRules: [{2A27EC35-99F5-4147-8068-9849F4BDAB15}] => (Allow) C:\Users\Laura\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{56F32B87-6D59-472A-AF75-7E06BC918FEE}] => (Allow) C:\Users\Laura\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [TCP Query User{50743C57-79C9-4D07-939F-E87789404285}C:\archivos de programa\left 4 dead\hl2.exe] => (Block) C:\archivos de programa\left 4 dead\hl2.exe
      FirewallRules: [UDP Query User{112CEC26-7B9A-424E-A89C-7F1F1CC5E77E}C:\archivos de programa\left 4 dead\hl2.exe] => (Block) C:\archivos de programa\left 4 dead\hl2.exe
      FirewallRules: [TCP Query User{035234B5-791E-492F-B689-E0D7F5B93542}C:\archivos de programa\company of heroes - complete edition\reliccoh.exe] => (Block) C:\archivos de programa\company of heroes - complete edition\reliccoh.exe
      FirewallRules: [UDP Query User{8EC0BB5B-77B6-4D02-BD01-48FE5B92B54E}C:\archivos de programa\company of heroes - complete edition\reliccoh.exe] => (Block) C:\archivos de programa\company of heroes - complete edition\reliccoh.exe
      FirewallRules: [{F4F5D283-C411-42CE-8838-FCBB1784789B}] => (Allow) C:\Archivos de programa\Valve\Steam\Steam.exe
      FirewallRules: [{FC0B99BC-2932-4B72-A7C5-6351605DEC0B}] => (Allow) C:\Archivos de programa\Valve\Steam\Steam.exe
      FirewallRules: [{E71FE464-1E20-4AE7-ABCE-F0DA5ADAD034}] => (Allow) C:\Archivos de programa\Valve\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{92A8CE31-1E18-429C-8FCB-7D22C3E5CCCC}] => (Allow) C:\Archivos de programa\Valve\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [TCP Query User{82183265-5C06-469F-9F20-6D20268E002A}C:\users\laura\downloads\fifa 14 ultimate edition [multi14][pcdvd][full unlocked][wait crack][3dm][www.gamestorrents.com]\p2p-f14p\game\fifa14.exe] => (Block) C:\users\laura\downloads\fifa 14 ultimate edition [multi14][pcdvd][full unlocked][wait crack][3dm][www.gamestorrents.com]\p2p-f14p\game\fifa14.exe
      FirewallRules: [UDP Query User{F240DCF1-07F5-4CF4-8104-D102A96E00A1}C:\users\laura\downloads\fifa 14 ultimate edition [multi14][pcdvd][full unlocked][wait crack][3dm][www.gamestorrents.com]\p2p-f14p\game\fifa14.exe] => (Block) C:\users\laura\downloads\fifa 14 ultimate edition [multi14][pcdvd][full unlocked][wait crack][3dm][www.gamestorrents.com]\p2p-f14p\game\fifa14.exe
      FirewallRules: [{4FE7F3BA-50E2-4BA5-AD53-BEEE985B1290}] => (Allow) C:\Archivos de programa\Pro Evolution Soccer 13\pes2013.exe
      FirewallRules: [{2E96C324-50A9-4439-B936-420504E16332}] => (Allow) C:\Archivos de programa\Pro Evolution Soccer 13\pes2013.exe
      FirewallRules: [TCP Query User{AFCF5B39-95C1-413B-9BB7-3350410AD5B0}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_144\bin\javaw.exe
      FirewallRules: [UDP Query User{677CACCE-7F2C-4208-8636-9363EDB84EC4}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_144\bin\javaw.exe
      FirewallRules: [{FBD45EB2-2F52-4A18-ACDB-9B2AD83372AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{513CCB34-8CE5-4FF6-AAFC-CABABCB30E89}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{ABC80EE9-B3E0-4AD1-9291-5FDC52E40638}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
      FirewallRules: [TCP Query User{95290BD0-4C3C-4B05-8AD4-CA1CE86B02D3}C:\users\invitado\desktop\plague inc\ggizi\zandronum.exe] => (Block) C:\users\invitado\desktop\plague inc\ggizi\zandronum.exe
      FirewallRules: [UDP Query User{05BB2E9A-7918-4A9A-87EB-A2EF912EFBB5}C:\users\invitado\desktop\plague inc\ggizi\zandronum.exe] => (Block) C:\users\invitado\desktop\plague inc\ggizi\zandronum.exe

      ==================== Restore Points =========================

      11-11-2017 00:00:02 Punto de control programado
      18-11-2017 15:28:11 Punto de control programado
      23-11-2017 22:00:42 JRT Pre-Junkware Removal



      Error: (11/23/2017 10:18:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 40.

      Error: (11/23/2017 10:18:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/23/2017 10:18:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/23/2017 10:16:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 40.

      Error: (11/23/2017 10:16:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/23/2017 10:16:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

    8. #8
      Usuario Avatar de PhoneDestroyer
      Registrado
      nov 2017
      Ubicación
      Argentina
      Mensajes
      7

      Re: PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (11/23/2017 10:00:59 PM) (Source: VSS) (EventID: 12305) (User: )
      Description: Error del Servicio de instantáneas de volumen: volumen o disco no conectado
      o no encontrado.
      Contexto de error: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 00000130,0x00530194,00000000,0,0021C7C8,4096,[0]).


      Operación:
      Consultar instantáneas

      Error: (11/23/2017 09:05:30 PM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files\EPSON Software\Download Navigator\EPSDNLMW64.EXE".
      No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (11/23/2017 08:12:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: El programa adwcleaner_7.0.1.0.exe, versión 7.0.1.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

      Identificador de proceso: 10ec

      Hora de inicio: 01d364af9e1cecc8

      Hora de finalización: 5

      Ruta de acceso de la aplicación: C:\Users\Laura\Downloads\adwcleaner_7.0.1.0.exe

      Identificador de informe:

      Error: (11/23/2017 07:34:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: El programa adwcleaner_7.0.3.1.exe, versión 7.0.3.1, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

      Identificador de proceso: 17dc

      Hora de inicio: 01d364ab26347d5d

      Hora de finalización: 1

      Ruta de acceso de la aplicación: C:\Users\Laura\Downloads\adwcleaner_7.0.3.1.exe

      Identificador de informe: 789e8a46-d09e-11e7-bad6-50465d06f976

      Error: (11/22/2017 11:38:39 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: gta_sa.exe, versión: 0.0.0.0, marca de tiempo: 0x4270f18a
      Nombre del módulo con errores: samp.dll, versión: 0.3.7.0, marca de tiempo: 0x5542f47a
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x00064026
      Id. del proceso con errores: 0x1180
      Hora de inicio de la aplicación con errores: 0x01d36403f707b114
      Ruta de acceso de la aplicación con errores: C:\Archivos de programa\Rockstar Games\GTA San Andreas\gta_sa.exe
      Ruta de acceso del módulo con errores: C:\Archivos de programa\Rockstar Games\GTA San Andreas\samp.dll
      Id. del informe: 68e77c88-cff7-11e7-a212-50465d06f976

      Error: (11/22/2017 05:19:57 PM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files\EPSON Software\Download Navigator\EPSDNLMW64.EXE".
      No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (11/20/2017 05:53:25 PM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files\EPSON Software\Download Navigator\EPSDNLMW64.EXE".
      No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (11/18/2017 02:46:35 PM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files\EPSON Software\Download Navigator\EPSDNLMW64.EXE".
      No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (11/16/2017 07:46:56 PM) (Source: SideBySide) (EventID: 33) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files\EPSON Software\Download Navigator\EPSDNLMW64.EXE".
      No se encontró el ensamblado dependiente Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (11/16/2017 06:50:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: El programa Explorer.EXE, versión 6.1.7600.16385, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

      Identificador de proceso: ef0

      Hora de inicio: 01d35f241f3fc90a

      Hora de finalización: 3838

      Ruta de acceso de la aplicación: C:\Windows\Explorer.EXE

      Identificador de informe: 179308db-cb18-11e7-a665-50465d06f976


      System errors:
      =============
      Error: (11/24/2017 09:23:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/24/2017 09:23:00 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/24/2017 08:56:02 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/24/2017 08:56:02 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/23/2017 10:18:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 40.

      Error: (11/23/2017 10:18:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/23/2017 10:18:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/23/2017 10:16:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 40.

      Error: (11/23/2017 10:16:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.

      Error: (11/23/2017 10:16:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.


      ==================== Memory info ===========================

      Processor: AMD FX(tm)-4100 Quad-Core Processor
      Percentage of memory in use: 49%
      Total physical RAM: 3326.12 MB
      Available physical RAM: 1672.7 MB
      Total Virtual: 6650.51 MB
      Available Virtual: 5038.21 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:465.75 GB) (Free:192.25 GB) NTFS ==>[drive with boot components (obtained from BCD)]

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CA47FCDB)
      Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    9. #9
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.352

      Re: PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

      Hola

      No descargaste y ejecutaste desde el escritorio Frst, muevelo allí para realizar el paso siguiente si no no funcionará-

      Sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

      • Para hacerlo descarga >> DelFix en tu escritorio.
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca unicamente la casilla "Create registry backup".
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación inicia tu equipo desde el >> Modo Seguro de Windows con función de red.

      Si tu SO es Windows 8/8.1/10 usa el 2º MÉTODO: de esta Faq de Windows 8 (aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.


      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
      CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
      CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
      CHR Extension: (Chrome Media Router) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-23]
      CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
      S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
      2017-11-01 22:19 - 2017-11-01 22:19 - 000000043 _____ C:\Users\Laura\Downloads\hbpix (2)
      2017-10-25 20:20 - 2017-10-25 20:20 - 000000043 _____ C:\Users\Laura\Downloads\hbpix (1)
      Task: {5CB86FA2-5B9C-446F-BDE3-5AF05832DA2A} - System32\Tasks\{CE1F62E9-4C8E-4693-8AE4-3ACE2BBABA1E} => C:\Windows\system32\pcalua.exe -a C:\Users\Laura\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
      AlternateDataStreams: C:\ProgramData:NT [40]
      AlternateDataStreams: C:\ProgramData:NT2 [432]
      AlternateDataStreams: C:\Users\All Users:NT [40]
      AlternateDataStreams: C:\Users\All Users:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
      AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
      AlternateDataStreams: C:\Users\Laura\Datos de programa:NT [40]
      AlternateDataStreams: C:\Users\Laura\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\Users\Laura\AppData\Roaming:NT [40]
      AlternateDataStreams: C:\Users\Laura\AppData\Roaming:NT2 [432] 
      
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Pon el reporte y comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de PhoneDestroyer
      Registrado
      nov 2017
      Ubicación
      Argentina
      Mensajes
      7

      Re: PUP.Adware.Heuristic es borrado por adwcleaner pero vuelve

      Hola, lamento contestar después de tanto tiempo, pero aquí dejo el reporte de frst:
      ----
      Fix result of Farbar Recovery Scan Tool (x86) Version: 30-11-2017
      Ran by Laura (02-12-2017 12:26:38) Run:1
      Running from C:\Users\Laura\Desktop
      Loaded Profiles: Laura (Available Profiles: Laura & Invitado)
      Boot Mode: Safe Mode (with Networking)

      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      BHO: No Name -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> No File
      CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
      CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
      CHR Extension: (Chrome Media Router) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-23]
      CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
      S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
      2017-11-01 22:19 - 2017-11-01 22:19 - 000000043 _____ C:\Users\Laura\Downloads\hbpix (2)
      2017-10-25 20:20 - 2017-10-25 20:20 - 000000043 _____ C:\Users\Laura\Downloads\hbpix (1)
      Task: {5CB86FA2-5B9C-446F-BDE3-5AF05832DA2A} - System32\Tasks\{CE1F62E9-4C8E-4693-8AE4-3ACE2BBABA1E} => C:\Windows\system32\pcalua.exe -a C:\Users\Laura\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
      AlternateDataStreams: C:\ProgramData:NT [40]
      AlternateDataStreams: C:\ProgramData:NT2 [432]
      AlternateDataStreams: C:\Users\All Users:NT [40]
      AlternateDataStreams: C:\Users\All Users:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
      AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
      AlternateDataStreams: C:\Users\Laura\Datos de programa:NT [40]
      AlternateDataStreams: C:\Users\Laura\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\Users\Laura\AppData\Roaming:NT [40]
      AlternateDataStreams: C:\Users\Laura\AppData\Roaming:NT2 [432]

      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      *****************

      Error: Restore point can only be created in normal mode.
      Processes closed successfully.
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully.
      HKLM\SOFTWARE\Policies\Google => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => key removed successfully.
      HKLM\Software\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => key not found
      Chrome DefaultSearchURL => removed successfully.
      Chrome DefaultSuggestURL => removed successfully.
      CHR Extension: (Chrome Media Router) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-23] => Error: No automatic fix found for this entry.
      HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce => key removed successfully.
      HKLM\System\CurrentControlSet\Services\FairplayKD => key removed successfully.
      FairplayKD => service removed successfully.
      C:\Users\Laura\Downloads\hbpix (2) => moved successfully
      C:\Users\Laura\Downloads\hbpix (1) => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CB86FA2-5B9C-446F-BDE3-5AF05832DA2A} => key removed successfully.
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CB86FA2-5B9C-446F-BDE3-5AF05832DA2A} => key removed successfully.
      C:\Windows\System32\Tasks\{CE1F62E9-4C8E-4693-8AE4-3ACE2BBABA1E} => moved successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CE1F62E9-4C8E-4693-8AE4-3ACE2BBABA1E} => key removed successfully.
      C:\ProgramData => ":NT" ADS removed successfully.
      C:\ProgramData => ":NT2" ADS removed successfully.
      "C:\Users\All Users" => ":NT" ADS not found.
      "C:\Users\All Users" => ":NT2" ADS not found.
      "C:\ProgramData\Application Data" => ":NT" ADS not found.
      "C:\ProgramData\Application Data" => ":NT2" ADS not found.
      "C:\ProgramData\Datos de programa" => ":NT" ADS not found.
      "C:\ProgramData\Datos de programa" => ":NT2" ADS not found.
      C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.
      C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully.
      C:\Users\Laura\Datos de programa => ":NT" ADS removed successfully.
      C:\Users\Laura\Datos de programa => ":NT2" ADS removed successfully.
      "C:\Users\Laura\AppData\Roaming" => ":NT" ADS not found.
      "C:\Users\Laura\AppData\Roaming" => ":NT2" ADS not found.

      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows


      Adaptador de Ethernet Conexi¢n de *rea local:

      Sufijo DNS espec¡fico para la conexi¢n. . :
      V¡nculo: direcci¢n IPv6 local. . . : fe80::1dc9:77eb:531:f0c1%11
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.34
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1

      Adaptador de t£nel isatap.{6E4BDABC-8491-43DE-A3C7-25E0C8FCEA58}:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.5.7600 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007042c
      No se puede iniciar el servicio o grupo de dependencia.



      ========= End of CMD: =========


      ========= RemoveProxy: =========

      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
      HKU\S-1-5-21-639967415-54274893-1491004558-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
      HKU\S-1-5-21-639967415-54274893-1491004558-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.


      ========= End of RemoveProxy: =========

      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      =========== EmptyTemp: ==========

      BITS transfer queue => 0 B
      DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13794562 B
      Java, Flash, Steam htmlcache => 47526406 B
      Windows/system/drivers => 700590 B
      Edge => 0 B
      Chrome => 433074407 B
      Firefox => 19688938 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Users => 0 B
      Default => 0 B
      Public => 0 B
      ProgramData => 0 B
      systemprofile => 115669 B
      LocalService => 132244 B
      NetworkService => 0 B
      Laura => 8136784 B
      Invitado => 3245756 B

      RecycleBin => 42427 B
      EmptyTemp: => 502.1 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 12:26:59 ====

    Página 1 de 2 12 ÚltimoÚltimo