• Registrarse
  • Iniciar sesión


  • Página 1 de 3 123 ÚltimoÚltimo
    Resultados 1 al 10 de 21

    Malwarebytes no me borra archivos infectados (Solucionado)

    Hola muy buenas! He empezado a notar cosas raras hoy en el pc, y le he pasado el Mb en primer lugar, este es el informe: Malwarebytes www.malwarebytes.com -Detalles del registro- Fecha del análisis: 9/12/17 ...

          
    1. #1
      Usuario Avatar de vahio
      Registrado
      oct 2013
      Ubicación
      españa
      Mensajes
      64

      Malwarebytes no me borra archivos infectados (Solucionado)

      Hola muy buenas! He empezado a notar cosas raras hoy en el pc, y le he pasado el Mb en primer lugar, este es el informe:

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 9/12/17
      Hora del análisis: 11:01
      Archivo de registro: e6d1f7b2-dcc7-11e7-a182-4c80932e308c.json
      Administrador: Sí

      -Información del software-
      Versión: 3.2.2.2029
      Versión de los componentes: 1.0.212
      Versión del paquete de actualización: 1.0.3451
      Licencia: Caducado

      -Información del sistema-
      SO: Windows 10 (Build 15063.726)
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: Admin-PC\Admin

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 300378
      Amenazas detectadas: 9
      Amenazas en cuarentena: 8
      Tiempo transcurrido: 11 min, 38 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 9
      PUP.Optional.Delta, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [3411], [455070],1.0.3451
      Adware.Elex.ShrtCln, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Secure Preferences, Error durante la eliminación, [2120], [454720],1.0.3451
      PUP.Optional.Delta, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [3411], [455070],1.0.3451
      Adware.Elex.ShrtCln, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [2120], [454731],1.0.3451
      PUP.Optional.ASK, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [472], [454829],1.0.3451
      Adware.Elex.ShrtCln, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [2120], [454720],1.0.3451
      PUP.Optional.ASK, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [472], [454829],1.0.3451
      PUP.Optional.Delta, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [3411], [455070],1.0.3451
      PUP.Optional.ASK, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sustituido, [472], [454829],1.0.3451

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

      El caso es que al acabar los paso a cuarentena, luego a borrar, luego reinicio el pc, pero al volver a pasar el MB me vuelven a salir los mismos archivos. Lo he hecho al menos 8 veces y siguen saliendo.

      También he pasado el ADcleaner, el JRT y el Ccleaner, aquí los informes de los 2 primeros:

      # AdwCleaner 7.0.5.0 - Logfile created on Sat Dec 09 11:21:34 2017
      # Updated on 2017/29/11 by Malwarebytes
      # Database: 12-08-2017.1
      # Running on Windows 10 Home (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      Adware.Elex, C:\Program Files\MK
      PUP.Optional.SmartDriverUpdater, C:\Users\Admin\Documents\Smart Driver Updater
      PUP.Optional.PremiumDownloadManager, C:\ProgramData\DownloadManager
      PUP.Optional.PremiumDownloadManager, C:\Users\All Users\DownloadManager


      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\Software\Smart PC Solutions
      PUP.Optional.Legacy, [Key] - HKCU\Software\Smart PC Solutions
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\Software\APN PIP
      PUP.Optional.Legacy, [Key] - HKCU\Software\APN PIP
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{34B3C588-D06C-4F92-929C-2C3A0BC7F821}
      PUP.Optional.ByteFence, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************

      C:/AdwCleaner/AdwCleaner[C0].txt - [3329 B] - [2017/5/5 13:24:29]
      C:/AdwCleaner/AdwCleaner[C2].txt - [1804 B] - [2017/5/5 13:32:1]
      C:/AdwCleaner/AdwCleaner[C3].txt - [1410 B] - [2017/5/5 13:41:20]
      C:/AdwCleaner/AdwCleaner[C4].txt - [1556 B] - [2017/5/5 13:47:29]
      C:/AdwCleaner/AdwCleaner[C5].txt - [2618 B] - [2017/5/7 10:33:15]
      C:/AdwCleaner/AdwCleaner[S0].txt - [3159 B] - [2017/5/5 13:23:34]
      C:/AdwCleaner/AdwCleaner[S10].txt - [2489 B] - [2017/5/7 10:43:20]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1986 B] - [2017/5/5 13:30:12]
      C:/AdwCleaner/AdwCleaner[S2].txt - [1689 B] - [2017/5/5 13:39:3]
      C:/AdwCleaner/AdwCleaner[S3].txt - [1835 B] - [2017/5/5 13:46:54]
      C:/AdwCleaner/AdwCleaner[S4].txt - [1981 B] - [2017/5/5 13:53:50]
      C:/AdwCleaner/AdwCleaner[S5].txt - [2054 B] - [2017/5/5 1419]
      C:/AdwCleaner/AdwCleaner[S6].txt - [2799 B] - [2017/5/5 14:28:17]
      C:/AdwCleaner/AdwCleaner[S7].txt - [2355 B] - [2017/5/6 9:44:43]
      C:/AdwCleaner/AdwCleaner[S8].txt - [2786 B] - [2017/5/7 10:27:54]
      C:/AdwCleaner/AdwCleaner[S9].txt - [2414 B] - [2017/5/7 10:40:29]


      ########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt ##########


      JRT:

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 10 Home x64
      Ran by Admin (Administrator) on 09/12/2017 at 12:33:03,35
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 0




      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 09/12/2017 at 12:37:07,12
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


      Después de pasarlos vuelvo a pasar el MB y me siguen saliendo los archivos del principio, alguna idea? Gracias

    2. #2
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.346

      Re: Malwarebytes no me borra archivos infectados

      Hola vahio

      El reporte de AdwCleaner es del escaneo, presionaste después en limpiar? So no es así lo vuelves a ejecutar antes del siguiente paso.

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de vahio
      Registrado
      oct 2013
      Ubicación
      españa
      Mensajes
      64

      Re: Malwarebytes no me borra archivos infectados

      Hola Daniela, muchas gracias por contestar tan rápido. En cuanto al Adwcleaner sí que le dí a limpiar, he aquí el informe:

      # AdwCleaner 7.0.5.0 - Logfile created on Sat Dec 09 11:22:06 2017
      # Updated on 2017/29/11 by Malwarebytes
      # Running on Windows 10 Home (X64)
      # Mode: clean
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services deleted.

      ***** [ Folders ] *****

      Deleted: C:\Program Files\\MK
      Deleted: C:\Users\Admin\Documents\Smart Driver Updater
      Deleted: C:\ProgramData\DownloadManager
      Deleted: C:\Users\All Users\DownloadManager


      ***** [ Files ] *****

      No malicious files deleted.

      ***** [ DLL ] *****

      No malicious DLLs cleaned.

      ***** [ WMI ] *****

      No malicious WMI cleaned.

      ***** [ Shortcuts ] *****

      No malicious shortcuts cleaned.

      ***** [ Tasks ] *****

      No malicious tasks deleted.

      ***** [ Registry ] *****

      Deleted: [Key] - HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\Software\Smart PC Solutions
      Deleted: [Key] - HKCU\Software\Smart PC Solutions
      Deleted: [Key] - HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\Software\APN PIP
      Deleted: [Key] - HKCU\Software\APN PIP
      Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{34B3C588-D06C-4F92-929C-2C3A0BC7F821}
      Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries deleted.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries deleted.

      *************************

      ::Tracing keys deleted
      ::Winsock settings cleared
      ::Additional Actions: 0



      *************************

      C:/AdwCleaner/AdwCleaner[C0].txt - [3329 B] - [2017/5/5 13:24:29]
      C:/AdwCleaner/AdwCleaner[C2].txt - [1804 B] - [2017/5/5 13:32:1]
      C:/AdwCleaner/AdwCleaner[C3].txt - [1410 B] - [2017/5/5 13:41:20]
      C:/AdwCleaner/AdwCleaner[C4].txt - [1556 B] - [2017/5/5 13:47:29]
      C:/AdwCleaner/AdwCleaner[C5].txt - [2618 B] - [2017/5/7 10:33:15]
      C:/AdwCleaner/AdwCleaner[S0].txt - [3159 B] - [2017/5/5 13:23:34]
      C:/AdwCleaner/AdwCleaner[S10].txt - [2489 B] - [2017/5/7 10:43:20]
      C:/AdwCleaner/AdwCleaner[S11].txt - [2731 B] - [2017/12/9 11:21:35]
      C:/AdwCleaner/AdwCleaner[S1].txt - [1986 B] - [2017/5/5 13:30:12]
      C:/AdwCleaner/AdwCleaner[S2].txt - [1689 B] - [2017/5/5 13:39:3]
      C:/AdwCleaner/AdwCleaner[S3].txt - [1835 B] - [2017/5/5 13:46:54]
      C:/AdwCleaner/AdwCleaner[S4].txt - [1981 B] - [2017/5/5 13:53:50]
      C:/AdwCleaner/AdwCleaner[S5].txt - [2054 B] - [2017/5/5 1419]
      C:/AdwCleaner/AdwCleaner[S6].txt - [2799 B] - [2017/5/5 14:28:17]
      C:/AdwCleaner/AdwCleaner[S7].txt - [2355 B] - [2017/5/6 9:44:43]
      C:/AdwCleaner/AdwCleaner[S8].txt - [2786 B] - [2017/5/7 10:27:54]
      C:/AdwCleaner/AdwCleaner[S9].txt - [2414 B] - [2017/5/7 10:40:29]


      ########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt ##########

    4. #4
      Usuario Avatar de vahio
      Registrado
      oct 2013
      Ubicación
      españa
      Mensajes
      64

      Re: Malwarebytes no me borra archivos infectados

      Aquí el archivo FRST

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2017
      Ran by Admin (administrator) on ADMIN-PC (09-12-2017 15:17:41)
      Running from C:\Users\Admin\Desktop
      Loaded Profiles: Admin (Available Profiles: Admin)
      Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
      (NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
      (Microsoft Corporation) C:\Windows\System32\mqsvc.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
      (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      (NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Intel Corporation) C:\Windows\System32\hkcmd.exe
      (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Farbar) C:\Users\Admin\Desktop\FRST64 (1).exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-24] (AVAST Software)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
      HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.)
      HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-11-04] (Adobe Systems Inc.)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
      HKLM-x32\...\Run: [] => [X]
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
      Winlogon\Notify\igfxcui: c:\windows\system32\igfxdev.dll (Intel Corporation)
      HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
      HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\...\MountPoints2: {0808cfd6-30b8-11e7-ae59-4c80932e308c} - "E:\setup.exe"
      HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\...\MountPoints2: {e7a5e2ca-4cfb-11e7-b2cd-4c80932e308c} - "F:\setup.exe"
      AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_53c980648711c73a\nvinitx.dll => No File
      AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_53c980648711c73a\nvinit.dll => No File
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2017-11-24]
      ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
      GroupPolicy: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 87.216.1.65 87.216.1.66
      Tcpip\..\Interfaces\{18c2e242-2b2c-4288-bdd3-ade08785214b}: [DhcpNameServer] 87.216.1.65 87.216.1.66
      Tcpip\..\Interfaces\{1b4acec5-c229-47ed-8e60-ad533d10a9a6}: [DhcpNameServer] 80.58.61.250 80.58.61.254
      Tcpip\..\Interfaces\{af1048c0-33de-4269-b55a-dff761d19153}: [DhcpNameServer] 192.168.5.1

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Google
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
      SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c0d70833&q={searchTerms}
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c0d70833&q={searchTerms}
      SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c0d70833&q={searchTerms}
      SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-c0d70833&q={searchTerms}
      BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-18] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-24] (Oracle Corporation)
      BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
      BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-08] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-24] (Oracle Corporation)
      BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
      BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-10-21] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-24] (Oracle Corporation)
      BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
      BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-08] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-24] (Oracle Corporation)
      BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
      Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
      Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
      Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-02] (Microsoft Corporation)
      Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-02] (Microsoft Corporation)
      Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-02] (Microsoft Corporation)
      Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-02] (Microsoft Corporation)

      FireFox:
      ========
      FF DefaultProfile: 3w2f2n13.default
      FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3w2f2n13.default [2017-12-09]
      FF Homepage: Mozilla\Firefox\Profiles\3w2f2n13.default -> hxxps://www.google.es/
      FF Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3w2f2n13.default\Extensions\[email protected] [2017-09-29]
      FF Extension: (Avast Online Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3w2f2n13.default\Extensions\[email protected] [2017-11-24]
      FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
      FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-27]
      FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
      FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-24] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-24] (Oracle Corporation)
      FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
      FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-24] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-24] (Oracle Corporation)
      FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-21] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-21] (Microsoft Corporation)
      FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Admin\AppData\Roaming\raidcall\plugins\nprcplugin.dll [No File]
      FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\Admin\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

      Chrome:
      =======
      CHR HomePage: Default -> hxxps://www.google.es/
      CHR StartupUrls: Default -> "hxxps://www.google.es/","hxxp://www.ourluckysites.com/?type=hp&ts=1493987001&z=a0cce5fa6d4bd282a88f026g2z6t6c7t0b0q1t8t0w&from=che0812&uid=ST1000LM035-1RK172_WCB1PBQFXXXXWCB1PBQF"
      CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2017-12-09]
      CHR Extension: (Presentaciones) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Documentos) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-05]
      CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-05]
      CHR Extension: (Chrome IG Story) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2017-10-09]
      CHR Extension: (Adobe Acrobat) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-05]
      CHR Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-06]
      CHR Extension: (Hojas de cálculo) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-06]
      CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-07]
      CHR Extension: (Avast Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-10]
      CHR Extension: (Player para ver Movistar+) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2017-08-14]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21]
      CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-05]
      CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-09]
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
      S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-24] (AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-24] (AVAST Software)
      R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [4709728 2017-11-01] (AVAST Software)
      R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063664 2017-11-22] (Microsoft Corporation)
      S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
      S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [116224 2017-08-13] (Microsoft Corporation) [File not signed]
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
      R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
      R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
      S3 PAExec; C:\Windows\PAExec.exe [189112 2017-09-15] (Power Admin LLC)
      R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263264 2017-02-24] (Synaptics Incorporated)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-09-18] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-24] (AVAST Software)
      R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-24] (AVAST Software s.r.o.)
      R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-24] (AVAST Software s.r.o.)
      R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-24] (AVAST Software s.r.o.)
      R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-24] (AVAST Software s.r.o.)
      S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-24] (AVAST Software)
      R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-14] (AVAST Software)
      R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-24] (AVAST Software)
      R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-24] (AVAST Software)
      R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-24] (AVAST Software)
      R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-24] (AVAST Software)
      R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-11-24] (AVAST Software)
      R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-24] (AVAST Software)
      S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2017-02-19] (The OpenVPN Project)
      R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-24] (AVAST Software)
      R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-04-27] (Disc Soft Ltd)
      R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-01-17] (Disc Soft Ltd)
      R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-12-09] (Malwarebytes)
      R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
      R3 nvoclk64; C:\WINDOWS\system32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
      R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
      S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
      R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [103088 2015-02-26] (STMicroelectronics)
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
      U3 idsvc; no ImagePath
      U3 wpcsvc; no ImagePath

    5. #5
      Usuario Avatar de vahio
      Registrado
      oct 2013
      Ubicación
      españa
      Mensajes
      64

      Re: Malwarebytes no me borra archivos infectados

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-12-09 15:17 - 2017-12-09 15:18 - 000021974 _____ C:\Users\Admin\Desktop\FRST.txt
      2017-12-09 15:15 - 2017-12-09 15:15 - 002390528 _____ (Farbar) C:\Users\Admin\Desktop\FRST64 (1).exe
      2017-12-09 12:44 - 2017-12-09 12:44 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
      2017-12-09 12:40 - 2017-12-09 12:41 - 010849904 _____ (Piriform Ltd) C:\Users\Admin\Desktop\ccsetup537.exe
      2017-12-09 12:37 - 2017-12-09 12:37 - 000000547 _____ C:\Users\Admin\Desktop\JRT.txt
      2017-12-09 12:32 - 2017-12-09 12:32 - 001790024 _____ (Malwarebytes) C:\Users\Admin\Desktop\JRT (1).exe
      2017-12-09 12:24 - 2017-12-09 12:24 - 000000000 ____D C:\ProgramData\SWCUTemp
      2017-12-09 12:22 - 2017-12-09 13:24 - 000000000 ____D C:\Users\Admin\Desktop\limpia 12-17
      2017-12-09 12:19 - 2017-12-09 12:19 - 008187336 _____ (Malwarebytes) C:\Users\Admin\Desktop\adwcleaner_7.0.5.0.exe
      2017-12-09 12:17 - 2017-12-09 12:18 - 008261584 _____ (Malwarebytes) C:\Users\Admin\Desktop\AdwCleaner (1).exe
      2017-12-09 12:06 - 2017-12-09 12:06 - 000000000 ___HD C:\OneDriveTemp
      2017-12-07 22:49 - 2017-12-07 22:49 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\uTorrent
      2017-12-07 20:43 - 2017-12-07 20:43 - 000000000 ___HD C:\$WINDOWS.~BT
      2017-12-04 19:43 - 2017-12-04 19:55 - 000000000 ____D C:\Users\Admin\Desktop\GUARDA 2017-18
      2017-12-03 12:29 - 2017-12-03 12:29 - 000361909 _____ C:\Users\Admin\Desktop\CV-Europass-20171203-MonteroRomero-ES.pdf
      2017-11-26 19:59 - 2017-12-07 22:57 - 000000000 ____D C:\Users\Admin\Desktop\GOT5
      2017-11-24 17:43 - 2017-12-09 10:59 - 000004284 _____ C:\WINDOWS\System32\Tasks\Avast TUNEUP Update
      2017-11-24 17:43 - 2017-11-24 17:43 - 000001216 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
      2017-11-24 17:42 - 2017-11-24 17:42 - 000000000 ____D C:\Program Files (x86)\AVAST Software
      2017-11-24 17:41 - 2017-11-24 17:40 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
      2017-11-24 17:40 - 2017-11-24 17:40 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
      2017-11-21 15:46 - 2017-11-21 15:46 - 000168312 _____ C:\Users\Admin\Desktop\SEXPE PAPA.pdf
      2017-11-18 10:38 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
      2017-11-18 10:38 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
      2017-11-18 10:38 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
      2017-11-18 10:38 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
      2017-11-18 10:38 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
      2017-11-18 10:38 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
      2017-11-18 10:38 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
      2017-11-18 10:38 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
      2017-11-18 10:38 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
      2017-11-18 10:38 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
      2017-11-18 10:38 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
      2017-11-18 10:38 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
      2017-11-18 10:38 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
      2017-11-18 10:38 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
      2017-11-18 10:38 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
      2017-11-18 10:38 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
      2017-11-18 10:38 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
      2017-11-18 10:38 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
      2017-11-18 10:38 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
      2017-11-18 10:38 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
      2017-11-18 10:38 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
      2017-11-18 10:38 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2017-11-18 10:38 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
      2017-11-18 10:38 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
      2017-11-18 10:38 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
      2017-11-18 10:38 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
      2017-11-18 10:37 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
      2017-11-18 10:37 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
      2017-11-18 10:37 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
      2017-11-18 10:37 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
      2017-11-18 10:37 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
      2017-11-18 10:37 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
      2017-11-18 10:37 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
      2017-11-18 10:37 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
      2017-11-18 10:37 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
      2017-11-18 10:37 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
      2017-11-18 10:37 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
      2017-11-18 10:37 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
      2017-11-18 10:37 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2017-11-18 10:37 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
      2017-11-18 10:37 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
      2017-11-18 10:37 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
      2017-11-18 10:37 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
      2017-11-18 10:37 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
      2017-11-18 10:37 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
      2017-11-18 10:37 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2017-11-18 10:37 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
      2017-11-18 10:37 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
      2017-11-18 10:37 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
      2017-11-18 10:37 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
      2017-11-18 10:37 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
      2017-11-18 10:37 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
      2017-11-18 10:37 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
      2017-11-18 10:37 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2017-11-18 10:37 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
      2017-11-18 10:37 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
      2017-11-18 10:37 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
      2017-11-18 10:37 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
      2017-11-18 10:37 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
      2017-11-18 10:37 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
      2017-11-18 10:37 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
      2017-11-18 10:37 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
      2017-11-18 10:37 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
      2017-11-18 10:37 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
      2017-11-18 10:32 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
      2017-11-18 10:32 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
      2017-11-18 10:32 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
      2017-11-18 10:32 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
      2017-11-18 10:32 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
      2017-11-18 10:32 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
      2017-11-18 10:31 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
      2017-11-18 10:31 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
      2017-11-18 10:31 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
      2017-11-18 10:31 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
      2017-11-18 10:31 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
      2017-11-18 10:31 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
      2017-11-18 10:31 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
      2017-11-18 10:31 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
      2017-11-18 10:31 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
      2017-11-18 10:31 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
      2017-11-18 10:31 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
      2017-11-18 10:31 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
      2017-11-18 10:31 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
      2017-11-18 10:31 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
      2017-11-18 10:31 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
      2017-11-18 10:31 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
      2017-11-18 10:31 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
      2017-11-18 10:31 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
      2017-11-18 10:31 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
      2017-11-18 10:31 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
      2017-11-18 10:31 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
      2017-11-18 10:31 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
      2017-11-18 10:31 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
      2017-11-18 10:31 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
      2017-11-18 10:31 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
      2017-11-18 10:31 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
      2017-11-18 10:31 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
      2017-11-18 10:30 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
      2017-11-18 10:30 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
      2017-11-18 10:30 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
      2017-11-18 10:30 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
      2017-11-18 10:30 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
      2017-11-18 10:30 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
      2017-11-18 10:30 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
      2017-11-18 10:30 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
      2017-11-18 10:30 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
      2017-11-18 10:30 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
      2017-11-18 10:30 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
      2017-11-18 10:30 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
      2017-11-18 10:30 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
      2017-11-18 10:30 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
      2017-11-18 10:30 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
      2017-11-18 10:30 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
      2017-11-18 10:30 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
      2017-11-18 10:30 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
      2017-11-18 10:30 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
      2017-11-18 10:30 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
      2017-11-18 10:30 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
      2017-11-18 10:30 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2017-11-18 10:30 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
      2017-11-18 10:30 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
      2017-11-18 10:30 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
      2017-11-18 10:30 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
      2017-11-18 10:30 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
      2017-11-18 10:29 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
      2017-11-18 10:29 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
      2017-11-18 10:29 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
      2017-11-18 10:29 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
      2017-11-18 10:29 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
      2017-11-18 10:29 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
      2017-11-18 10:29 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
      2017-11-18 10:29 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
      2017-11-18 10:29 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
      2017-11-18 10:29 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
      2017-11-18 10:29 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
      2017-11-18 10:29 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
      2017-11-18 10:29 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
      2017-11-18 10:29 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
      2017-11-18 10:29 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
      2017-11-18 10:29 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
      2017-11-18 10:29 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
      2017-11-18 10:28 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
      2017-11-18 10:28 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
      2017-11-18 10:28 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
      2017-11-18 10:28 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
      2017-11-18 10:28 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
      2017-11-18 10:28 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
      2017-11-18 10:28 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
      2017-11-18 10:28 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
      2017-11-18 10:28 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
      2017-11-18 10:28 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
      2017-11-18 10:28 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
      2017-11-18 10:28 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
      2017-11-18 10:28 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
      2017-11-18 10:28 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
      2017-11-18 10:28 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
      2017-11-18 10:28 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
      2017-11-18 10:28 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
      2017-11-18 10:28 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
      2017-11-18 10:28 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
      2017-11-18 10:28 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
      2017-11-18 10:28 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
      2017-11-18 10:28 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
      2017-11-18 10:28 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
      2017-11-18 10:28 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2017-11-18 10:28 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
      2017-11-18 10:28 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
      2017-11-18 10:28 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
      2017-11-18 10:28 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
      2017-11-18 10:28 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
      2017-11-18 10:28 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
      2017-11-18 10:28 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
      2017-11-18 10:28 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
      2017-11-18 10:28 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
      2017-11-18 10:28 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
      2017-11-18 10:28 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
      2017-11-18 10:28 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
      2017-11-18 10:28 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
      2017-11-18 10:28 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
      2017-11-18 10:28 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
      2017-11-18 10:28 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
      2017-11-18 10:28 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
      2017-11-18 10:28 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
      2017-11-18 10:28 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
      2017-11-18 10:28 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
      2017-11-18 10:27 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
      2017-11-18 10:27 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
      2017-11-18 10:27 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
      2017-11-18 10:27 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
      2017-11-18 10:27 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
      2017-11-18 10:27 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
      2017-11-18 10:27 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
      2017-11-18 10:27 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
      2017-11-18 10:27 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
      2017-11-18 10:27 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
      2017-11-18 10:27 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
      2017-11-18 10:27 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
      2017-11-18 10:27 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
      2017-11-18 10:27 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
      2017-11-18 10:27 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
      2017-11-18 10:27 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
      2017-11-18 10:27 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
      2017-11-18 10:27 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
      2017-11-18 10:27 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
      2017-11-18 10:27 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
      2017-11-18 10:27 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
      2017-11-18 10:27 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-12-09 15:17 - 2017-05-05 16:36 - 000000000 ____D C:\FRST
      2017-12-09 13:21 - 2017-09-18 03:43 - 000000000 ___DC C:\WINDOWS\Panther
      2017-12-09 12:56 - 2017-05-04 21:26 - 000000000 ____D C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
      2017-12-09 12:56 - 2017-01-05 18:39 - 000000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
      2017-12-09 12:49 - 2017-09-25 01:29 - 000000000 ____D C:\WINDOWS\Minidump
      2017-12-09 12:49 - 2017-05-05 13:23 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
      2017-12-09 12:49 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
      2017-12-09 12:44 - 2017-05-05 15:03 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-12-09 12:44 - 2017-05-05 15:03 - 000000000 ____D C:\Program Files\CCleaner
      2017-12-09 12:35 - 2017-09-18 14:50 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-12-09 12:34 - 2017-01-20 12:54 - 000000000 ___RD C:\Users\Admin\OneDrive
      2017-12-09 12:28 - 2017-05-05 14:19 - 000000000 ____D C:\AdwCleaner
      2017-12-09 12:24 - 2017-10-14 12:05 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
      2017-12-09 12:24 - 2017-09-18 15:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2017-12-09 12:23 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
      2017-12-09 11:45 - 2017-05-05 15:34 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-12-09 11:45 - 2016-12-29 10:42 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-12-09 10:58 - 2017-09-18 15:14 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
      2017-12-09 10:58 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
      2017-12-09 10:53 - 2017-09-18 14:57 - 003330358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2017-12-09 10:53 - 2017-03-20 06:11 - 001582534 _____ C:\WINDOWS\system32\perfh00A.dat
      2017-12-09 10:53 - 2017-03-20 06:11 - 000398586 _____ C:\WINDOWS\system32\perfc00A.dat
      2017-12-09 10:47 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
      2017-12-08 11:50 - 2017-09-18 14:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2017-12-08 02:54 - 2017-09-18 14:58 - 000000000 ____D C:\Users\Admin
      2017-12-06 19:03 - 2017-10-18 18:28 - 000002534 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
      2017-12-06 19:03 - 2017-09-18 15:54 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1903146257-1147163188-2127879028-1000
      2017-12-06 19:03 - 2017-09-18 15:14 - 000003546 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-12-06 19:03 - 2017-09-18 15:14 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
      2017-12-06 19:03 - 2017-09-18 15:14 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000003358 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1485625092
      2017-12-06 19:03 - 2017-09-18 15:14 - 000003322 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2017-12-06 19:03 - 2017-09-18 15:14 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002382 _____ C:\WINDOWS\System32\Tasks\{6EB61E44-2D2A-4F40-8DB3-560013AD1B79}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002292 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002290 _____ C:\WINDOWS\System32\Tasks\{1F35730E-E8D0-439C-A77E-888401F9C5C4}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
      2017-12-06 19:03 - 2017-01-05 18:29 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
      2017-12-02 00:19 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2017-12-02 00:15 - 2017-01-20 12:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
      2017-12-02 00:13 - 2017-02-02 14:14 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
      2017-11-29 23:15 - 2017-07-17 15:34 - 000000000 ____D C:\Program Files (x86)\FirestormLauncher
      2017-11-29 21:49 - 2017-07-25 14:49 - 000000000 ____D C:\Users\Admin\Desktop\World of Warcraft 7.1.5 Full - Firestorm
      2017-11-29 21:48 - 2017-09-18 15:23 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
      2017-11-28 23:48 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
      2017-11-25 18:42 - 2017-01-31 22:04 - 000000000 ____D C:\Users\Admin\AppData\Local\Songr
      2017-11-24 19:09 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
      2017-11-24 17:43 - 2017-04-23 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
      2017-11-24 17:42 - 2016-12-29 11:04 - 000000000 ____D C:\ProgramData\AVAST Software
      2017-11-24 17:41 - 2017-10-18 10:02 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
      2017-11-24 17:41 - 2016-12-29 11:06 - 000455376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
      2017-11-24 17:40 - 2016-12-29 11:06 - 000455384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.151154168478105
      2017-11-24 17:40 - 2016-12-29 11:06 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
      2017-11-24 17:40 - 2016-12-29 11:06 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
      2017-11-24 17:40 - 2016-12-29 11:06 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
      2017-11-24 17:40 - 2016-12-29 11:06 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
      2017-11-24 17:40 - 2016-12-29 11:06 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
      2017-11-24 17:40 - 2016-12-29 11:06 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
      2017-11-24 17:39 - 2017-02-19 12:00 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
      2017-11-24 17:39 - 2017-02-19 12:00 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
      2017-11-24 17:39 - 2017-02-19 12:00 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
      2017-11-24 17:39 - 2017-02-19 12:00 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
      2017-11-24 17:39 - 2016-12-29 11:06 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
      2017-11-19 16:32 - 2017-09-29 15:07 - 000000000 ____D C:\Users\Admin\.afirma
      2017-11-19 00:47 - 2017-09-18 15:24 - 000000000 __RHD C:\Users\Public\AccountPictures
      2017-11-18 18:13 - 2017-09-18 14:46 - 000404952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2017-11-18 18:10 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
      2017-11-18 18:10 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
      2017-11-18 18:10 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
      2017-11-18 18:10 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
      2017-11-18 18:10 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
      2017-11-18 11:05 - 2017-01-29 20:44 - 000000000 ____D C:\WINDOWS\system32\MRT
      2017-11-18 10:58 - 2017-10-11 08:57 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
      2017-11-18 10:57 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
      2017-11-18 10:57 - 2017-01-29 20:43 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
      2017-11-14 14:15 - 2017-02-02 14:14 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk

      ==================== Files in the root of some directories =======

      2017-11-01 19:13 - 2017-11-01 19:19 - 000000703 _____ () C:\Users\Admin\AppData\Roaming\mccodec.dll
      2017-01-11 16:48 - 2017-01-11 16:48 - 000000000 ___SH () C:\Users\Admin\AppData\Local\LumaEmu

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-12-06 16:13

      ==================== End of FRST.txt ============================

    6. #6
      Usuario Avatar de vahio
      Registrado
      oct 2013
      Ubicación
      españa
      Mensajes
      64

      Re: Malwarebytes no me borra archivos infectados

      Y aquí el archivo ADDITION

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2017
      Ran by Admin (09-12-2017 15:18:59)
      Running from C:\Users\Admin\Desktop
      Windows 10 Home Version 1703 15063.726 (X64) (2017-09-18 14:23:35)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Admin (S-1-5-21-1903146257-1147163188-2127879028-1000 - Administrator - Enabled) => C:\Users\Admin
      Administrador (S-1-5-21-1903146257-1147163188-2127879028-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-1903146257-1147163188-2127879028-503 - Limited - Disabled)
      HomeGroupUser$ (S-1-5-21-1903146257-1147163188-2127879028-1002 - Limited - Enabled)
      Invitado (S-1-5-21-1903146257-1147163188-2127879028-501 - Limited - Disabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      µTorrent (HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.)
      Actualización de NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
      Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
      Advanced RAR Repair v1.2 (HKLM-x32\...\Advanced RAR Repair v1.2) (Version: - )
      Alcatech BPM Studio Professional v4.9.1 (HKLM-x32\...\Alcatech BPM Studio Professional v4.9.1) (Version: - )
      Alien - Isolation (HKLM-x32\...\Alien - Isolation_is1) (Version: - )
      Aplicación de Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
      AutoFirma (HKLM-x32\...\AutoFirma ) (Version: 1.5.0.JAv01 - Junta de Andalucía)
      Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 17.2.3341.0 - AVAST Software)
      Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
      calibre (HKLM-x32\...\{1A5C0B2D-40C6-46B1-871B-21A750EF202C}) (Version: 3.0.0 - Kovid Goyal)
      CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
      CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
      Colasoft MAC Scanner 2.3 (HKLM-x32\...\Colasoft MAC Scanner 2.3_is1) (Version: 2.3 - Colasoft)
      DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
      Dark Souls 2 (HKLM-x32\...\RGFya1NvdWxzMg==_is1) (Version: 1 - )
      Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
      Firestorm Launcher versión 1.3 (HKLM-x32\...\{008D5963-9A73-4472-8C16-A5BF04491B9D}_is1) (Version: 1.3 - Firestorm)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
      Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1407.2) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation)
      Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
      Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
      KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
      Malwarebytes versión 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
      Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.8625.2139 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
      Mozilla Firefox 55.0.3 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 es-ES)) (Version: 55.0.3 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
      MP3 Cutter 3 (HKLM-x32\...\MP3 Cutter_is1) (Version: - MP3Cutter.org)
      NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
      NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
      NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
      NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
      NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
      NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
      Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
      Panel de control de NVIDIA 369.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 369.09 - NVIDIA Corporation) Hidden
      RaidCall (HKLM-x32\...\RaidCall) (Version: 8.2.0-1.0.3231.155 - raidcall.com.ru)
      Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
      Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
      SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
      Songr (HKLM-x32\...\Songr) (Version: 1.9 - Xamasoft)
      Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated)
      TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
      TL-WN725N_WN723N Controlador (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
      VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
      WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
      World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-24] (AVAST Software)
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-24] (AVAST Software)
      ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-24] (AVAST Software)
      ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-24] (AVAST Software)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
      ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation)
      ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-24] (AVAST Software)
      ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {05AADAFD-804C-484C-9108-1E838DF20237} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
      Task: {060289C9-5722-4504-A2BC-AE5DBB8E0426} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
      Task: {08A4385A-8634-4F02-90D5-B359D2005683} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2016-01-11] (@ByELDI)
      Task: {09863269-AB49-4250-98C3-F5100136F2CB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {10CBDC11-2E64-4B97-AFD0-25754689DF16} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {1252E6ED-B887-473B-97B5-98DEBD18AF72} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {1A620148-94C7-41FC-850C-0A06A3019F7C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
      Task: {217DB84D-6E8E-4427-8A45-98ADB66DF848} - \Thuhaent Reports -> No File <==== ATTENTION
      Task: {25566D7E-9EFD-4837-9753-21684E6421F2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-24] (AVAST Software)
      Task: {2FF77A53-CB10-43EB-BE25-A6B141C909DF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {31F7C737-36DF-43DA-A961-769D9EE3EA58} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {37E98417-2C92-433A-84EE-921DCA2F901A} - System32\Tasks\{1F35730E-E8D0-439C-A77E-888401F9C5C4} => C:\Windows\system32\pcalua.exe -a C:\Users\Admin\Desktop\Hero_Editor_Full_V95.exe -d C:\Users\Admin\Desktop
      Task: {380FDF47-11C5-4E8C-8B13-AE903FB54316} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
      Task: {425E6366-092F-4C86-A30C-90233861D1BE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-25] ()
      Task: {4D0C65F5-0285-4BE4-8F5B-005C99F2A88B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
      Task: {509FEA26-4EA8-40CE-8169-95D0B6AB0BF1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {539C62D2-F980-484D-9253-E4D48AF11008} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
      Task: {568ED742-2C66-4F0A-9F82-BDAF5ACEA801} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {6310B0AB-D409-4006-84ED-BD37FB74A11D} - System32\Tasks\{6EB61E44-2D2A-4F40-8DB3-560013AD1B79} => C:\Windows\system32\pcalua.exe -a C:\Users\Admin\AppData\Local\Temp\jre-8u141-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
      Task: {6AD645A8-48B5-404F-9BD1-9673CC382608} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
      Task: {6F405B09-DF3C-4E7C-B935-D66BAC1DD2B3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
      Task: {717592F3-BA3D-4533-90CF-93740AF9D827} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-05] (Google Inc.)
      Task: {7456294D-BC4E-4220-9327-30B325823E77} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-05] (Google Inc.)
      Task: {7576A1DE-926E-4FD5-87CE-72BFCA40654A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {80C4C4AC-2B1D-4F8B-B3E0-0ABFD5E8B378} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {84E909E1-8CB8-4137-9A87-C00E9E825520} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
      Task: {859960A2-28E9-4765-9419-3934AFB2135B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
      Task: {90939C71-6E18-457E-B340-8DC81CB33DB4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
      Task: {9AFB3C58-3DA5-4E95-B05F-941F005ABD8B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
      Task: {A259C416-4586-47B9-B17A-9CCEBD859896} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {A2D54E3F-1212-4E5C-9C82-141ADAE1ACCB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {B63C2D0D-3BC3-4A34-93CB-F247040F0C15} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
      Task: {C0D05114-8719-4EA7-9AC1-9F4D860A0FEB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-25] ()
      Task: {C0F34ECA-D38A-4CC3-BC6B-BA3371244D9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-02] (Microsoft Corporation)
      Task: {C43E1A19-FC51-42E8-941E-18EA7D503BA8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {C6CE0F62-565E-4FB4-89A2-6B069D822EC2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
      Task: {CB569F4B-9347-48E9-B231-A317B5EF24C6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
      Task: {D2F5DEEF-2E09-430E-B549-B9A2F8540AAE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
      Task: {DA7E30BA-679E-4040-AD74-2F70A4F8384F} - System32\Tasks\SafeZone scheduled Autoupdate 1485625092 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
      Task: {DB235931-D6C9-49BA-8F51-414A8F29A2D3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
      Task: {DD3B88F3-EB07-4889-BBC4-94314F09AB99} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-02] (Microsoft Corporation)
      Task: {DF1B1F80-84BE-4E12-945A-8B3B48D528F6} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2017-11-01] (AVAST Software)
      Task: {DF3AACF2-6227-4840-8FB8-5D7B8DA1A3E4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2017-12-07] (AVAST Software)
      Task: {E30C064F-9BC8-497C-90BE-E69DEEEC5BEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
      Task: {E5D8928F-A56A-47C0-B8A8-84CC8529EB59} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
      Task: {EC202EE8-62B2-4DB1-8AA5-B14815B1A52E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
      Task: {F51D33A2-F183-4AA3-BF92-5B1C14B1C95C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
      Task: {F936A992-57A7-4CCA-B699-2D5F60D7D33C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
      Task: {FA624662-D9E6-4ED2-8600-CA7F55455840} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
      Task: {FBC408B7-9445-4CBC-B907-CBF70ED40224} - \Smart Driver Updater Schedule -> No File <==== ATTENTION

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2017-10-14 12:05 - 2017-10-04 12:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
      2017-11-29 21:46 - 2017-11-29 21:47 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      2017-11-29 21:46 - 2017-11-29 21:47 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
      2017-11-29 21:46 - 2017-11-29 21:47 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
      2017-11-29 21:46 - 2017-11-29 21:47 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
      2017-11-29 21:46 - 2017-11-29 21:47 - 000672256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
      2017-09-15 14:03 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-11-08 22:35 - 2017-11-08 22:35 - 000098688 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
      2017-11-24 17:39 - 2017-11-24 17:39 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
      2017-12-09 11:45 - 2017-12-06 05:24 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libglesv2.dll
      2017-12-09 11:45 - 2017-12-06 05:24 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libegl.dll
      2017-03-18 21:59 - 2017-03-20 06:13 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2017-11-24 17:39 - 2017-11-24 17:39 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
      2017-11-24 17:39 - 2017-11-24 17:39 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
      2017-07-11 10:47 - 2017-07-11 10:47 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2017-11-24 17:39 - 2017-11-24 17:39 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
      2017-11-24 17:39 - 2017-11-24 17:39 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
      2017-11-24 17:39 - 2017-11-24 17:39 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-14 03:34 - 2017-05-26 18:12 - 000000098 _____ C:\WINDOWS\system32\Drivers\etc\hosts

      127.0.0.1 localhost

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Desktop\19399902_10155300031128950_8863105100485234342_n.jpg
      DNS Servers: 87.216.1.65 - 87.216.1.66
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==


      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{6BA5D7E4-A7CC-4F07-9BF1-FCD417E22E53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{E2973B6A-A018-4928-8142-BAFF5DC2A5D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{583410A0-5322-4AA0-A73A-5815FB8F26E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{B6BCAE05-DA5D-4415-A529-80AD69B9BBC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{A7EB07AD-77E6-4FA9-A2AF-1BADD77614B9}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
      FirewallRules: [{9D7A767B-B298-4B49-858F-EA8F3B595C3C}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
      FirewallRules: [{8F5BE514-E5C1-408C-BE0F-FF2B01FF4184}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
      FirewallRules: [{2A63BB09-7C1E-48FF-8399-BC25A125EF28}] => (Allow) C:\Program Files (x86)\RaidCall.RU\rcplugin.exe
      FirewallRules: [{AB47317C-27FD-44CD-BA21-2B7CF039506D}] => (Allow) C:\Program Files (x86)\RaidCall.RU\rcplugin.exe
      FirewallRules: [{1879D3EF-1052-491E-B186-542188B0BB37}] => (Allow) C:\Program Files (x86)\RaidCall.RU\rcplugin.exe
      FirewallRules: [{F508AE49-BD80-4063-9E17-153EB21CAD41}] => (Allow) C:\Program Files (x86)\RaidCall.RU\rcplugin.exe
      FirewallRules: [UDP Query User{DD1FB613-781A-4911-A0EC-DF250D7ECFD7}C:\program files (x86)\sega\alien - isolation\ai.exe] => (Allow) C:\program files (x86)\sega\alien - isolation\ai.exe
      FirewallRules: [TCP Query User{1195AF15-48CD-4668-AB3D-168112E1FE81}C:\program files (x86)\sega\alien - isolation\ai.exe] => (Allow) C:\program files (x86)\sega\alien - isolation\ai.exe
      FirewallRules: [{1DA1B2EE-C35C-4602-9E4A-451342102644}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{4DD92388-4619-4F92-9F15-37E97E0AACD7}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{01DDF58D-5449-4C21-933A-59C6F961276B}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{1F46FA84-0015-429F-B640-1538FA021F8C}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{D2A16BD7-A90C-4896-A68A-5C513D32B55C}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{87DC08B8-C3DA-4DE6-8EE9-C1BE858D19A0}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [UDP Query User{684BB67B-7A8D-4B1D-A01D-108034CC7702}C:\program files (x86)\sega\alien - isolation\ai.exe] => (Allow) C:\program files (x86)\sega\alien - isolation\ai.exe
      FirewallRules: [TCP Query User{E71BA264-2233-4162-8C6D-A9561E3103EE}C:\program files (x86)\sega\alien - isolation\ai.exe] => (Allow) C:\program files (x86)\sega\alien - isolation\ai.exe
      FirewallRules: [{B9D4CF5B-14E6-4DCF-8F7E-BCAD87E89733}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{39F0B77C-504D-4523-927E-FD5734115E93}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{7A2B7923-C608-4A3B-B2C5-5803624EC772}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
      FirewallRules: [{27E6F54B-94D5-4076-B786-2337277A4802}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
      FirewallRules: [{5720A806-85B1-40DF-86F2-907B8EA0C78C}] => (Allow) C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
      FirewallRules: [{9C4C1049-8742-4A38-BB62-CBEA69FBCE2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
      FirewallRules: [{007C3FF3-441F-4D78-9ABA-FEF3AB0BEB25}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
      FirewallRules: [TCP Query User{71511444-A311-4189-AA73-F28E8F9E56BC}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
      FirewallRules: [UDP Query User{9E8C4CC8-43ED-4E7D-994F-9FA9D45BC9B7}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
      FirewallRules: [{8156DDD0-042F-41D1-9377-99466AA7F091}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [TCP Query User{9F1173AF-661A-4BB8-AF78-122EBF565AA0}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe
      FirewallRules: [UDP Query User{49142960-E90F-43F4-A604-C76CC7560CD8}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe
      FirewallRules: [{72746DDB-FC59-44DD-B503-1F2B11740D81}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==================== Restore Points =========================

      26-11-2017 21:20:58 Punto de control programado
      06-12-2017 17:42:23 Windows Update
      09-12-2017 12:33:10 JRT Pre-Junkware Removal

      ==================== Faulty Device Manager Devices =============

      Name: avast! SecureLine TAP Adapter v3
      Description: avast! SecureLine TAP Adapter v3
      Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
      Manufacturer: TAP-Windows Provider V9
      Service: aswTap
      Problem: : This device is disabled. (Code 22)
      Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (12/09/2017 03:12:42 PM) (Source: SideBySide) (EventID: 35) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
      La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
      La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
      La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
      Use sxstrace.exe para obtener un diagnóstico detallado.

      Error: (12/09/2017 12:25:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
      Description: No se pudo activar la aplicación Microsoft.Getstarted_8wekyb3d8bbwe!App debido al error: -2144927148. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (12/09/2017 12:04:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
      Description: No se pudo activar la aplicación Microsoft.Getstarted_8wekyb3d8bbwe!App debido al error: -2144927148. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (12/09/2017 11:50:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
      Description: No se pudo activar la aplicación Microsoft.Getstarted_8wekyb3d8bbwe!App debido al error: -2144927148. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (12/09/2017 10:51:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Admin-PC)
      Description: Se detuvo el paquete Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy+CortanaUI porque se tardó demasiado en suspender.

      Error: (12/09/2017 10:48:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
      Description: No se pudo activar la aplicación Microsoft.Getstarted_8wekyb3d8bbwe!App debido al error: -2144927148. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (12/09/2017 10:38:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
      Description: No se pudo activar la aplicación microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 debido al error: -2144927142. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (12/09/2017 10:37:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Admin-PC)
      Description: Se detuvo el paquete Microsoft.ZuneVideo_10.17102.13911.0_x64__8wekyb3d8bbwe+Microsoft.ZuneVideo porque se tardó demasiado en suspender.

      Error: (12/09/2017 10:37:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
      Description: No se pudo activar la aplicación Microsoft.WindowsStore_8wekyb3d8bbwe!App debido al error: -2144927142. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (12/09/2017 10:37:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
      Description: No se pudo activar la aplicación Microsoft.WindowsStore_8wekyb3d8bbwe!App debido al error: -2144927142. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.


      System errors:
      =============
      Error: (12/09/2017 12:34:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

      Error: (12/09/2017 12:24:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio NetPipeActivator no pudo iniciarse debido al siguiente error:
      El servicio no respondió a tiempo a la solicitud de inicio o de control.

      Error: (12/09/2017 12:24:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio NetPipeActivator.

      Error: (12/09/2017 12:24:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
      y APPID
      {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
      al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/09/2017 12:24:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
      {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
      y APPID
      {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
      al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (12/09/2017 12:24:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio Service KMSELDI no pudo iniciarse debido al siguiente error:
      El sistema no puede encontrar el archivo especificado.

      Error: (12/09/2017 12:24:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio NetTcpActivator depende del servicio NetTcpPortSharing, el cual no pudo iniciarse debido al siguiente error:
      No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

      Error: (12/09/2017 12:24:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio CldFlt no pudo iniciarse debido al siguiente error:
      Solicitud no compatible.

      Error: (12/09/2017 12:21:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

      Error: (12/09/2017 12:21:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Avast Cleanup Premium terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
      Percentage of memory in use: 48%
      Total physical RAM: 6038.16 MB
      Available physical RAM: 3124.7 MB
      Total Virtual: 12182.16 MB
      Available Virtual: 9237.13 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:930.96 GB) (Free:253.83 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 684FE8EA)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=462 MB) - (Type=27)

      ==================== End of Addition.txt ============================

    7. #7
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.346

      Re: Malwarebytes no me borra archivos infectados

      Hola

      Sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

      • Para hacerlo descarga >> DelFix en tu escritorio.
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca unicamente la casilla "Create registry backup".
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación inicia tu equipo desde el >> Modo Seguro de Windows con función de red.

      Si tu SO es Windows 8/8.1/10 usa el 2º MÉTODO: de esta Faq de Windows 8 (aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.


      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKLM-x32\...\Run: [] => [X]
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
      HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\...\MountPoints2: {0808cfd6-30b8-11e7-ae59-4c80932e308c} - "E:\setup.exe" 
      HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\...\MountPoints2: {e7a5e2ca-4cfb-11e7-b2cd-4c80932e308c} - "F:\setup.exe" 
      AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_53c980648711c73a\nvinitx.dll => No File
      AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_53c980648711c73a\nvinit.dll => No File
      GroupPolicy: Restriction <==== ATTENTION
      FF Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3w2f2n13.default\Extensions\[email protected][2017-09-29]
      FF Extension: (Avast Online Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3w2f2n13.default\Extensions\[email protected][2017-11-24]
      FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Admin\AppData\Roaming\raidcall\plugins\nprcplugin.dll [No File]
      CHR StartupUrls: Default -> "hxxps://www.google.es/","hxxp://www.ourluckysites.com/?type=hp&ts=1493987001&z=a0cce5fa6d4bd282a88f026g2z6t6c7t0b0q1t8t0w&from=che0812&uid=ST1000LM035-1RK172_WCB1PBQFXXXXWCB1PBQF"
      CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2017-12-09]
      CHR Extension: (Presentaciones) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Documentos) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Chrome IG Story) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2017-10-09]
      CHR Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-06]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-06]
      CHR Extension: (Avast Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-10]
      CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-09]
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      U3 idsvc; no ImagePath
      U3 wpcsvc; no ImagePath
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002382 _____ C:\WINDOWS\System32\Tasks\{6EB61E44-2D2A-4F40-8DB3-560013AD1B79}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002290 _____ C:\WINDOWS\System32\Tasks\{1F35730E-E8D0-439C-A77E-888401F9C5C4}
      ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
      Task: {217DB84D-6E8E-4427-8A45-98ADB66DF848} - \Thuhaent Reports -> No File <==== ATTENTION
      Task: {6310B0AB-D409-4006-84ED-BD37FB74A11D} - System32\Tasks\{6EB61E44-2D2A-4F40-8DB3-560013AD1B79} => C:\Windows\system32\pcalua.exe -a C:\Users\Admin\AppData\Local\Temp\jre-8u141-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
      Task: {FBC408B7-9445-4CBC-B907-CBF70ED40224} - \Smart Driver Updater Schedule -> No File <==== ATTENTION 
      
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Pon el reporte y comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de vahio
      Registrado
      oct 2013
      Ubicación
      españa
      Mensajes
      64

      Re: Malwarebytes no me borra archivos infectados

      Hola Daniela, tengo Windows 10 y he intentado reiniciar en modo seguro por el método 2 de ese hilo, pero me sale este mensaje:



      He intentado de otras maneras mirando en internet y me sale igual, que puedo hacer?

    9. #9
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.346

      Re: Malwarebytes no me borra archivos infectados

      Hola

      Realizalo en modo normal.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de vahio
      Registrado
      oct 2013
      Ubicación
      españa
      Mensajes
      64

      Re: Malwarebytes no me borra archivos infectados

      Hola Daniela, con lo de modo normal supongo que te refieres a sin reiniciar en modo seguro no? Aquí va el fixlog

      Fix result of Farbar Recovery Scan Tool (x64) Version: 09-12-2017
      Ran by Admin (10-12-2017 01:29:45) Run:2
      Running from C:\Users\Admin\Desktop
      Loaded Profiles: Admin (Available Profiles: Admin)
      Boot Mode: Normal
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKLM-x32\...\Run: [] => [X]
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
      HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\...\MountPoints2: {0808cfd6-30b8-11e7-ae59-4c80932e308c} - "E:\setup.exe"
      HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\...\MountPoints2: {e7a5e2ca-4cfb-11e7-b2cd-4c80932e308c} - "F:\setup.exe"
      AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_53c980648711c73a\nvinitx.dll => No File
      AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_53c980648711c73a\nvinit.dll => No File
      GroupPolicy: Restriction <==== ATTENTION
      FF Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3w2f2n13.default\Extensions\[email protected].xpi[2017-09-29]
      FF Extension: (Avast Online Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3w2f2n13.default\Extensions\[email protected][2017-11-24]
      FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Admin\AppData\Roaming\raidcall\plugins\nprcplugin.dll [No File]
      CHR StartupUrls: Default -> "hxxps://www.google.es/","hxxp://www.ourluckysites.com/?type=hp&ts=1493987001&z=a0cce5fa6d4bd282a88f026g2z6t6c7t0b0q1t8t0w&from=che0812&uid=ST1000LM035-1RK172_WCB1PBQFXXXXWCB1PBQF"
      CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2017-12-09]
      CHR Extension: (Presentaciones) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Documentos) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Chrome IG Story) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2017-10-09]
      CHR Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-06]
      CHR Extension: (Documentos de Google sin conexi�n) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-06]
      CHR Extension: (Avast Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-10]
      CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-09]
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      U3 idsvc; no ImagePath
      U3 wpcsvc; no ImagePath
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002382 _____ C:\WINDOWS\System32\Tasks\{6EB61E44-2D2A-4F40-8DB3-560013AD1B79}
      2017-12-06 19:03 - 2017-09-18 15:14 - 000002290 _____ C:\WINDOWS\System32\Tasks\{1F35730E-E8D0-439C-A77E-888401F9C5C4}
      ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
      Task: {217DB84D-6E8E-4427-8A45-98ADB66DF848} - \Thuhaent Reports -> No File <==== ATTENTION
      Task: {6310B0AB-D409-4006-84ED-BD37FB74A11D} - System32\Tasks\{6EB61E44-2D2A-4F40-8DB3-560013AD1B79} => C:\Windows\system32\pcalua.exe -a C:\Users\Admin\AppData\Local\Temp\jre-8u141-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
      Task: {FBC408B7-9445-4CBC-B907-CBF70ED40224} - \Smart Driver Updater Schedule -> No File <==== ATTENTION

      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      *****************

      Restore point was successfully created.
      Processes closed successfully.
      HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
      "HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0808cfd6-30b8-11e7-ae59-4c80932e308c}" => removed successfully
      HKLM\Software\Classes\CLSID\{0808cfd6-30b8-11e7-ae59-4c80932e308c} => invalid subkey removed.
      "HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7a5e2ca-4cfb-11e7-b2cd-4c80932e308c}" => removed successfully
      HKLM\Software\Classes\CLSID\{e7a5e2ca-4cfb-11e7-b2cd-4c80932e308c} => key not found
      "C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_53c980648711c73a\nvinitx.dll" => Value data removed successfully
      "C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_53c980648711c73a\nvinit.dll" => Value data removed successfully
      C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
      C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
      C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
      FF Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3w2f2n13.default\Extensions\[email protected][2017-09-29] => not found.
      FF Extension: (Avast Online Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\3w2f2n13.default\Extensions\[email protected][2017-11-24] => not found.
      "HKLM\Software\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin" => removed successfully
      "Chrome StartupUrls" => removed successfully
      C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default => moved successfully
      CHR Extension: (Presentaciones) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] => Error: No automatic fix found for this entry.
      CHR Extension: (Documentos) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] => Error: No automatic fix found for this entry.
      CHR Extension: (Chrome IG Story) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2017-10-09] => Error: No automatic fix found for this entry.
      CHR Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-06] => Error: No automatic fix found for this entry.
      CHR Extension: (Documentos de Google sin conexi�n) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-06] => Error: No automatic fix found for this entry.
      CHR Extension: (Avast Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-10] => Error: No automatic fix found for this entry.
      CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-09] => Error: No automatic fix found for this entry.
      "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => removed successfully
      "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
      "HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
      idsvc => service removed successfully
      "HKLM\System\CurrentControlSet\Services\wpcsvc" => removed successfully
      wpcsvc => service removed successfully
      C:\WINDOWS\System32\Tasks\{6EB61E44-2D2A-4F40-8DB3-560013AD1B79} => moved successfully
      C:\WINDOWS\System32\Tasks\{1F35730E-E8D0-439C-A77E-888401F9C5C4} => moved successfully
      "HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully
      HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => key not found
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{217DB84D-6E8E-4427-8A45-98ADB66DF848}" => removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{217DB84D-6E8E-4427-8A45-98ADB66DF848}" => removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Thuhaent Reports" => removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6310B0AB-D409-4006-84ED-BD37FB74A11D}" => removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6310B0AB-D409-4006-84ED-BD37FB74A11D}" => removed successfully
      C:\WINDOWS\System32\Tasks\{6EB61E44-2D2A-4F40-8DB3-560013AD1B79} => not found.
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6EB61E44-2D2A-4F40-8DB3-560013AD1B79}" => removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FBC408B7-9445-4CBC-B907-CBF70ED40224}" => removed successfully
      "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBC408B7-9445-4CBC-B907-CBF70ED40224}" => removed successfully
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Smart Driver Updater Schedule => key not found

      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows

      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local* 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
      est‚n desconectados.

      Adaptador de Ethernet Conexi¢n de *rea local:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de LAN inal*mbrica Conexi¢n de *rea local* 2:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de LAN inal*mbrica Conexi¢n de red inal*mbrica 2:

      Sufijo DNS espec¡fico para la conexi¢n. . : Home
      V¡nculo: direcci¢n IPv6 local. . . : fe80::44cc:965e:40c0:16a8%3
      Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.129
      M*scara de subred . . . . . . . . . . . . : 255.255.255.0
      Puerta de enlace predeterminada . . . . . : 192.168.1.1

      Adaptador de Ethernet Conexi¢n de red Bluetooth:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      Adaptador de t£nel Conexi¢n de *rea local* 3:

      Estado de los medios. . . . . . . . . . . : medios desconectados
      Sufijo DNS espec¡fico para la conexi¢n. . :

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      0 out of 0 jobs canceled.

      ========= End of CMD: =========


      ========= RemoveProxy: =========

      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
      HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-21-1903146257-1147163188-2127879028-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


      ========= End of RemoveProxy: =========

      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      =========== EmptyTemp: ==========

      BITS transfer queue => 6578176 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 183441912 B
      Java, Flash, Steam htmlcache => 434 B
      Windows/system/drivers => 4172679 B
      Edge => 208911 B
      Chrome => 0 B
      Firefox => 20491439 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Default => 0 B
      Users => 0 B
      ProgramData => 0 B
      Public => 0 B
      systemprofile => 0 B
      systemprofile32 => 0 B
      LocalService => 1620 B
      NetworkService => 6532 B
      Admin => 83460882 B

      RecycleBin => 3240450 B
      EmptyTemp: => 287.6 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 01:32:36 ====

    Página 1 de 3 123 ÚltimoÚltimo