• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 19

    kemgadeojglibflomicgnfeopkdfflnk el virus (Solucionado)

    buena Desde hace unos días cuando inicio mi explorador me aparece el error: C:\Users\RONNYC~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk en intentado con todo pero no se como quitarlo por farvor ayudar...

          
    1. #1
      Usuario Avatar de ronaldo54674
      Registrado
      dic 2017
      Ubicación
      vnezuela
      Mensajes
      14

      kemgadeojglibflomicgnfeopkdfflnk el virus (Solucionado)

      buena Desde hace unos días cuando inicio mi explorador me aparece el error:
      C:\Users\RONNYC~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
      en intentado con todo pero no se como quitarlo por farvor ayudar

    2. #2
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.912

      Re: kemgadeojglibflomicgnfeopkdfflnk el virus

      Hola ronaldo54674


      Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

      1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

      • Realiza un Análisis Completo, actualizando si te lo pide.
      • Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
      • En el apartado del manual "Historial" >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.



      2) Descargar Junkware Removal Tool

      • Desactiva temporalmente el Antivirus
      • Ejecuta JRT.exe, (en Windows 7 u 8 ejecutar como "Administrador")
      • Presiona cualquier tecla para continuar y espera pacientemente a que termine su proceso.
      • Al finalizar, un registro (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
      • Copia y pega el contenido de JRT.txt en tu próximo mensaje de respuesta



      3) Descarga >> AdwCleaner | InfoSpyware en el escritorio.

      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Cierra también todos los programas que tengas abiertos.
      • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botónLimpiar.
      • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistemaAceptas.
      • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
      • El informe también se puede encontrar en "C:\AdwCleaner\AdwCleaner[C1].txt"



      4) Descarga CCleaner

      • Instala Ccleaner
      • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador
      • clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad
      • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.


      Pega los reportes de Malwarebytes, AdwCleaner y JRT y comentas como va el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de ronaldo54674
      Registrado
      dic 2017
      Ubicación
      vnezuela
      Mensajes
      14

      Re: kemgadeojglibflomicgnfeopkdfflnk el virus

      1) Malwarebytes
      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 16/12/17
      Hora del análisis: 22:36
      Archivo de registro: 24dc2ed6-e2d3-11e7-a485-3860770ee01f.json
      Administrador: Sí

      -Información del software-
      Versión: 3.3.1.2183
      Versión de los componentes:
      Versión del paquete de actualización:
      Licencia: Premium

      -Información del sistema-
      SO: Windows 10 (Build 15063.786)
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: ronnycrespo-HP\ronnycrespo

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Cancelado
      Objetos analizados: 0
      (No hay elementos maliciosos detectados)
      Amenazas detectadas: 0
      (No hay elementos maliciosos detectados)
      Amenazas en cuarentena: 0
      (No hay elementos maliciosos detectados)
      Tiempo transcurrido: 7 min, 19 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

      2 Junkware Removal Tool
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.4 (07.09.2017)
      Operating System: Windows 10 Home x64
      Ran by ronnycrespo (Administrator) on 16/12/2017 at 22:16:32,40
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




      File System: 0




      Registry: 0





      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on 16/12/2017 at 22:32:09,83
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      3AdwCleaner

      # AdwCleaner 7.0.5.0 - Logfile created on Sun Dec 17 02:53:00 2017
      # Updated on 2017/29/11 by Malwarebytes
      # Database: 12-15-2017.1
      # Running on Windows 10 Home (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\IObit\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, C:\Users\All Users\IObit\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, C:\Users\ronnycrespo\AppData\LocalLow\IObit\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, C:\Users\ronnycrespo\AppData\Roaming\IObit\Advanced SystemCare
      PUP.Optional.Legacy, C:\Users\ronnycrespo\Documents\Mobogenie
      PUP.Optional.Legacy, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobogenie3
      PUP.Optional.Legacy, C:\Program Files (x86)\Mobogenie3
      PUP.Optional.Legacy, C:\Users\ronnycrespo\mobogenieP2sp
      PUP.Optional.Legacy, C:\Program Files (x86)\Ascentive
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Local\fupdate
      PUP.Optional.Legacy, C:\ProgramData\Logic Handler
      PUP.Optional.Legacy, C:\Users\All Users\Logic Handler
      PUP.Optional.Legacy, C:\Users\Default\AppData\Local\AdvinstAnalytics
      PUP.Optional.Legacy, C:\Users\Default User\AppData\Local\AdvinstAnalytics
      PUP.Optional.Legacy, C:\ProgramData\IObit\ASCDownloader
      PUP.Optional.Legacy, C:\Users\All Users\IObit\ASCDownloader
      PUP.Optional.Legacy, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
      Adware.Linkury, C:\ProgramData\Plusdax
      Adware.Linkury, C:\Users\All Users\Plusdax
      PUP.Optional.SafeFinder, C:\ProgramData\Plusdax
      PUP.Optional.SafeFinder, C:\Users\All Users\Plusdax
      PUP.Optional.SafeFinder, C:\ProgramData\Plusdaxs
      PUP.Optional.SafeFinder, C:\Users\All Users\Plusdaxs
      PUP.Optional.ByteFence, C:\ProgramData\ByteFence
      PUP.Optional.ByteFence, C:\Program Files\ByteFence
      PUP.Optional.ByteFence, C:\Users\All Users\ByteFence
      PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group
      PUP.Optional.SpyHunter, C:\Program Files (x86)\Enigma Software Group
      PUP.Optional.SpyHunter, C:\Users\ronnycrespo\AppData\Roaming\Enigma Software Group
      PUP.Optional.Mail.Ru, C:\ProgramData\Mail.Ru
      PUP.Optional.Mail.Ru, C:\Program Files (x86)\Mail.Ru
      PUP.Optional.Mail.Ru, C:\Users\All Users\Mail.Ru
      PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor
      PUP.Optional.Linkury, C:\Users\All Users\NetworkPacketManitor
      Adware.Linkury.ACMB1, C:\ProgramData\Plusdax
      Adware.Linkury.ACMB1, C:\Users\All Users\Plusdax
      PUP.Adware.Heuristic, C:\Program Files\9cc30c75c1f4885415e2a9f545299e16
      PUP.Adware.Heuristic, C:\Program Files\c20f20cc5d5c99385a7bf595ec6f19c8
      PUP.Adware.Heuristic, C:\Program Files\e15101ee130f999c09564f97249c7092


      ***** [ Files ] *****

      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\agent.dat
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\Main.dat
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\InstallationConfiguration.xml
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\Installer.dat
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\noah.dat
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\Config.xml
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\md.xml
      PUP.Optional.Legacy, C:\Users\ronnycrespo\Downloads\ReimageRepair.exe
      PUP.Optional.Legacy, C:\Users\ronnycrespo\Favorites\Mail.Ru.url
      PUP.Optional.Legacy, C:\Users\ronnycrespo\Favorites\Mail.Ru Агент - используй для общения!.url
      PUP.Optional.Legacy, C:\Users\Public\Desktop\Smart Defrag 5.lnk
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\Mozilla\Firefox\Profiles\vttkfr1o.default\searchplugins\yahoo! powered.xml
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\Mozilla\Firefox\Profiles\vttkfr1o.default\SEARCHPLUGINS\YAHOO! POWERED.XML
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\Mozilla\Firefox\Profiles\xs8elu3r.default\searchplugins\yahoo! powered.xml
      PUP.Optional.Legacy, C:\Users\ronnycrespo\AppData\Roaming\Mozilla\Firefox\Profiles\xs8elu3r.default\SEARCHPLUGINS\YAHOO! POWERED.XML
      PUP.Optional.Reimage, C:\Windows\Temp\reimage.log
      PUP.Optional.Reimage, C:\Users\ronnycrespo\AppData\Local\Temp\reimage.log
      PUP.Optional.SpyHunter, C:\Windows\SysNative\drivers\EsgScanner.sys
      PUP.Optional.SpyHunter, C:\Windows\SysNative\drivers\EsgScanner.sys
      PUP.Optional.SpyHunter, C:\Users\ronnycrespo\Downloads\SpyHunter-Installer.exe
      PUP.Optional.RelevantKnowledge, C:\Windows\SysNative\rlls64.dll


      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      PUP.Adware.Heuristic, ASEC\ROOT\subscription\ActiveScriptEventConsumer


      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\IOBIT\ASC
      PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\IObit\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\IObit\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, [Key] - HKCU\Software\IObit\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\IObit\RealTimeProtector
      PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
      PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
      PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B03815D7-DCE4-4602-9341-6DE2A90FFB9C}
      PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F3DCA107-04E3-4D3E-B0E4-E62D74E80799}
      PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\SearchScopes | DefaultScope
      PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Microsoft\Internet Explorer\SearchScopes | DefaultScope
      PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Microsoft\Internet Explorer\SearchScopes | DefaultScope
      PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes | DefaultScope
      PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\UpgSvr
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\UpgSvr
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\UpgSvr
      PUP.Optional.Legacy, [Key] - HKCU\Software\UpgSvr
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\PopWnd
      PUP.Optional.Legacy, [Key] - HKCU\Software\PopWnd
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Microsoft\Gosearchq
      PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Gosearchq
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Microsoft\Gosearch
      PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Gosearch
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\DriverToolkit
      PUP.Optional.Legacy, [Key] - HKCU\Software\DriverToolkit
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Mobogenie3
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie3
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Mobogenie3
      PUP.Optional.Legacy, [Key] - HKCU\Software\Mobogenie3
      PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\Mobogenie
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Mobogenie
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\Mobogenie
      PUP.Optional.Legacy, [Key] - HKCU\Software\Mobogenie
      PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\AutoTime
      PUP.Optional.Legacy, [Key] - HKCU\Software\AutoTime
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
      PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
      PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
      PUP.Optional.Legacy, [Key] - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
      PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\PCBoosterCMenu
      Adware.Linkury, [Data] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLs [C:\ProgramData\Plusdax\Eco-Dex.dll]
      PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
      PUP.Optional.Reimage, [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
      PUP.Optional.Reimage, [Key] - HKLM\SOFTWARE\Reimage
      PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Reimage
      PUP.Optional.Reimage, [Key] - HKCU\Software\Reimage
      PUP.Optional.SafeFinder, [Value] - HKCU\Environment | SNF
      PUP.Optional.SafeFinder, [Value] - HKCU\Environment | SNP
      PUP.Optional.Amigo, [Key] - HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\amigo.exe
      PUP.Optional.ByteFence, [Key] - HKLM\SOFTWARE\ByteFence
      PUP.Optional.ByteFence, [Key] - HKU\.DEFAULT\Software\ByteFence
      PUP.Optional.ByteFence, [Key] - HKU\S-1-5-18\Software\ByteFence
      PUP.Optional.ByteFence, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
      PUP.Optional.SpyHunter, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter
      PUP.Optional.SpyHunter, [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
      PUP.Optional.SpyHunter, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter
      PUP.Optional.SpyHunter, [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
      PUP.Optional.SpyHunter, [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
      PUP.Optional.Mail.Ru, [Key] - HKLM\SOFTWARE\Mail.Ru
      PUP.Optional.Mail.Ru, [Key] - HKU\.DEFAULT\Software\Mail.Ru
      PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Mail.Ru
      PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\AppDataLow\Software\Mail.Ru
      PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-18\Software\Mail.Ru
      PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Mail.Ru
      PUP.Optional.Mail.Ru, [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
      PUP.Optional.Downloader, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\dlr
      PUP.Optional.Downloader, [Key] - HKCU\Software\dlr
      PUP.Optional.TLCPCBooster, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\PC Booster
      PUP.Optional.TLCPCBooster, [Key] - HKCU\Software\PC Booster
      PUP.Optional.Yontoo, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Amigo
      PUP.Optional.Yontoo, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Amigo
      PUP.Optional.Yontoo, [Key] - HKCU\Software\Amigo
      PUP.Optional.Yontoo, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Amigo
      PUP.Optional.Linkury.ACMB1, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      PUP.Optional.Linkury.ACMB1, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      PUP.Optional.Linkury.ACMB1, [Value] - HKCU\Environment | SNF
      PUP.Optional.Linkury.ACMB1, [Value] - HKCU\Environment | SNP
      Adware.FileTour, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\Installer
      Adware.FileTour, [Key] - HKCU\Software\Installer
      Adware.OnlineIO, [Key] - HKLM\SOFTWARE\Microleaves
      PUP.Optional.Linkury.ShrtCln, [Key] - HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
      PUP.Optional.InstallCore, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\csastats
      PUP.Optional.InstallCore, [Key] - HKCU\Software\csastats
      PUP.Optional.ProductSetup.A, [Key] - HKU\S-1-5-21-1148897783-301171496-773222092-1000\Software\PRODUCTSETUP
      PUP.Optional.ProductSetup.A, [Key] - HKCU\Software\PRODUCTSETUP
      PUP.Optional.ChromeHelper, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
      PUP.Optional.ChromeHelper, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
      Adware.Linkury.ACMB1, [Key] - HKLM\SOFTWARE\mtPlusdax


      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************

      C:/AdwCleaner/AdwCleaner[S0].txt - [14423 B] - [2017/12/14 422]


      ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

    4. #4
      Usuario Avatar de ronaldo54674
      Registrado
      dic 2017
      Ubicación
      vnezuela
      Mensajes
      14

      Re: kemgadeojglibflomicgnfeopkdfflnk el virus

      y en CCleaner también y todavía no se arregla

    5. #5
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.912

      Re: kemgadeojglibflomicgnfeopkdfflnk el virus

      Hola

      El reporte de AdwCleaner es del escaneo, presionaste después en limpiar? Si no es así vuelve a ejecutarlo antes de realizar el siguiente paso.

      Descarga Farbar Recovery Scan Tool segun la arquitectura de tu sistema (32 o 64 bits)

      • La guardas en el escritorio >> Esto es muy importante..
      • Doble clic para ejecutar Frst.exe. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • En la ventana del Disclaimer, presiona Yes.

      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.


      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #6
      Usuario Avatar de ronaldo54674
      Registrado
      dic 2017
      Ubicación
      vnezuela
      Mensajes
      14

      Re: kemgadeojglibflomicgnfeopkdfflnk el virus

      Frst:
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-12-2017
      Ran by ronnycrespo (administrator) on RONNYCRESPO-HP (17-12-2017 04:06:06)
      Running from C:\Users\ronnycrespo\Desktop
      Loaded Profiles: ronnycrespo (Available Profiles: ronnycrespo & DefaultAppPool)
      Platform: Windows 10 Home Version 1703 15063.786 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
      (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
      (AMD) C:\WINDOWS\System32\atiesrxx.exe
      (AMD) C:\WINDOWS\System32\atieclxx.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
      (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
      (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
      (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
      () C:\WINDOWS\SysWOW64\PnkBstrA.exe
      (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
      (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
      (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
      (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
      (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
      (Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe
      (Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
      (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
      (Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\BackItUp.exe
      (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      (Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
      (Akamai Technologies, Inc.) C:\Users\ronnycrespo\AppData\Local\Akamai\netsession_win.exe
      (Akamai Technologies, Inc.) C:\Users\ronnycrespo\AppData\Local\Akamai\netsession_win.exe
      (Discord Inc.) C:\Users\ronnycrespo\AppData\Local\Discord\app-0.0.299\Discord.exe
      (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
      (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (The Privoxy team - Privoxy - Home Page) C:\Program Files (x86)\Privoxy\privoxy.exe
      (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
      (Facebook) C:\Users\ronnycrespo\AppData\Local\Facebook\Games\FacebookGameroom.exe
      (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
      (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
      (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
      (Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
      (Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display\OSDManager.exe
      (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
      (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Discord Inc.) C:\Users\ronnycrespo\AppData\Local\Discord\app-0.0.299\Discord.exe
      (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
      (Discord Inc.) C:\Users\ronnycrespo\AppData\Local\Discord\app-0.0.299\Discord.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
      (The CefSharp Authors) C:\Users\ronnycrespo\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
      (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
      (Microsoft Corporation) C:\WINDOWS\System32\CompatTelRunner.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
      (Microsoft Corporation) C:\WINDOWS\System32\CompatTelRunner.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
      (Microsoft Corporation) C:\WINDOWS\System32\InstallAgentUserBroker.exe
      (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-11-19] (Realtek Semiconductor)
      HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-11-19] (Realtek Semiconductor)
      HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-10] (AVAST Software)
      HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
      HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe [2095616 2010-07-20] (Hewlett-Packard)
      HKLM-x32\...\Run: [BATINDICATORHL] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe [557056 2010-07-23] (Hewlett-Packard)
      HKLM-x32\...\Run: [DT HPO] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2011-03-09] (Portrait Displays, Inc.)
      HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
      HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5232928 2017-05-19] (IObit)
      HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe [1164664 2017-09-12] (Nero AG)
      HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
      HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
      HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\Run: [Akamai NetSession Interface] => C:\Users\ronnycrespo\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
      HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\Run: [Discord] => C:\Users\ronnycrespo\AppData\Local\Discord\app-0.0.299\Discord.exe [57954808 2017-12-11] (Discord Inc.)
      HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
      HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\Run: [Advanced SystemCare 11] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3597600 2017-09-20] (IObit)
      HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
      HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\MountPoints2: {9913331b-7490-11e7-91a0-3860770ee01f} - "G:\TL_Bootstrap.exe"
      HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\MountPoints2: {e1546f74-50d2-11e6-87af-3860770ee01f} - "H:\setup.exe"
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Privoxy.lnk [2016-07-13]
      ShortcutTarget: Privoxy.lnk -> C:\Program Files (x86)\Privoxy\privoxy.exe (The Privoxy team - Privoxy - Home Page)
      Startup: C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-08-09]
      ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\ronnycrespo\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.1.181
      Tcpip\..\Interfaces\{db4c5200-1817-405c-bbd7-03bbe1c3a05b}: [DhcpNameServer] 192.168.1.181
      Tcpip\..\Interfaces\{e0ae8255-1cb5-4520-a15c-216a3e07b8e8}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131345937707164032&GUID=5AFDD80D-70F3-4C45-BF46-CDE9603D8172
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
      SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
      SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://ve.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_50&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dve%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0Azz0EtCtA0DyByC0EyCzztN0D0Tzu0StCzztCtDtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StBzy0EyCyEtDtC0DtGyCtCtDtBtGtAtCtDyEtGtDtBtA0DtG0B0CyEtCyE0EyDtByBtAyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztCtCyD0EtD0FtGzz0B0E0FtGyE0FtB0CtG0BtAtAtDtGzzyDtDtDyC0EtCtAyDtC0F0B2QtN0A0LzuyE%26cr%3D1148738768%26a%3Dwbf_fs_16_50%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
      SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
      SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
      SearchScopes: HKLM -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://ve.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_17_05&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dve%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0Azz0EtCtA0DyByC0EyCzztN0D0Tzu0StCzzyCtCtN1L2XzutAtFtByCtFtBtFyDyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCzy0BzytB0CtByDtGtCtDyDtBtG0AyEtAyEtGyEyCyC0CtG0DyEtDtCtB0DzztCtB0CtD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztCtCyD0EtD0FtGzz0B0E0FtGyE0FtB0CtG0BtAtAtDtGzzyDtDtDyC0EtCtAyDtC0F0B2QtN0A0LzuyE%26cr%3D242178152%26a%3Dwbf_fs_17_05%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
      SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
      SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
      SearchScopes: HKLM-x32 -> DefaultScope value is missing
      SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://ve.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_17_05&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dve%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0Azz0EtCtA0DyByC0EyCzztN0D0Tzu0StCzzyCtCtN1L2XzutAtFtByCtFtBtFyDyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCzy0BzytB0CtByDtGtCtDyDtBtG0AyEtAyEtGyEyCyC0CtG0DyEtDtCtB0DzztCtB0CtD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztCtCyD0EtD0FtGzz0B0E0FtGyE0FtB0CtG0BtAtAtDtGzzyDtDtDyC0EtCtAyDtC0F0B2QtN0A0LzuyE%26cr%3D242178152%26a%3Dwbf_fs_17_05%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
      SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
      SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://ve.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_50&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dve%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0Azz0EtCtA0DyByC0EyCzztN0D0Tzu0StCzztCtDtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StBzy0EyCyEtDtC0DtGyCtCtDtBtGtAtCtDyEtGtDtBtA0DtG0B0CyEtCyE0EyDtByBtAyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztCtCyD0EtD0FtGzz0B0E0FtGyE0FtB0CtG0BtAtAtDtGzzyDtDtDyC0EtCtAyDtC0F0B2QtN0A0LzuyE%26cr%3D1148738768%26a%3Dwbf_fs_16_50%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
      SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
      SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
      SearchScopes: HKU\S-1-5-21-1148897783-301171496-773222092-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
      SearchScopes: HKU\S-1-5-21-1148897783-301171496-773222092-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
      SearchScopes: HKU\S-1-5-21-1148897783-301171496-773222092-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
      SearchScopes: HKU\S-1-5-21-1148897783-301171496-773222092-1000 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://ve.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_50&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dve%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0DtD0D0Fzy0Azz0EtCtA0DyByC0EyCzztN0D0Tzu0StCzztCtDtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StBzy0EyCyEtDtC0DtGyCtCtDtBtGtAtCtDyEtGtDtBtA0DtG0B0CyEtCyE0EyDtByBtAyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDzztCtCyD0EtD0FtGzz0B0E0FtGyE0FtB0CtG0BtAtAtDtGzzyDtDtDyC0EtCtAyDtC0F0B2QtN0A0LzuyE%26cr%3D1148738768%26a%3Dwbf_fs_16_50%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
      SearchScopes: HKU\S-1-5-21-1148897783-301171496-773222092-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ve.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
      SearchScopes: HKU\S-1-5-21-1148897783-301171496-773222092-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://es.wikipedia.org/wiki/Special:Search?search={searchTerms}
      BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-19] (Oracle Corporation)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-19] (Oracle Corporation)
      Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)

      FireFox:
      ========
      FF DefaultProfile: sjzsyhis.default-1504363553210
      FF ProfilePath: C:\Users\ronnycrespo\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsyhis.default-1504363553210 [2017-12-16]
      FF Extension: (AdBlock) - C:\Users\ronnycrespo\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsyhis.default-1504363553210\Extensions\[email protected] [2017-12-09]
      FF Extension: (Avast Online Security) - C:\Users\ronnycrespo\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsyhis.default-1504363553210\Extensions\[email protected] [2017-10-08]
      FF Extension: (Adblock Plus) - C:\Users\ronnycrespo\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsyhis.default-1504363553210\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-13]
      FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox => not found
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-19] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-19] (Oracle Corporation)
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
      FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-16] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-16] (Google Inc.)
      FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
      FF Plugin HKU\S-1-5-21-1148897783-301171496-773222092-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ronnycrespo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)

      Chrome:
      =======
      CHR HomePage: Default -> mail.ru
      CHR StartupUrls: Default -> "hxxps://www.google.co.ve/"
      CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
      CHR DefaultSearchKeyword: Default -> hxxps://teoma.com
      CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
      CHR Profile: C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default [2017-12-17]
      CHR Extension: (Presentaciones) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-14]
      CHR Extension: (Documentos) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-14]
      CHR Extension: (Google Drive) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-14]
      CHR Extension: (MEGA) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2017-12-14]
      CHR Extension: (YouTube) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-14]
      CHR Extension: (Adblock Plus) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-12-14]
      CHR Extension: (Hojas de cálculo) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-14]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-14]
      CHR Extension: (AdBlock) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-14]
      CHR Extension: (Avast Online Security) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-12-14]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-14]
      CHR Extension: (TV en directo) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2017-12-14]
      CHR Extension: (Gmail) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-14]
      CHR Extension: (Chrome Media Router) - C:\Users\ronnycrespo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-14]
      CHR HKLM\...\Chrome\Extension: [cohecngphbppjpaokeilaichhgggcmjb] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
      CHR HKU\S-1-5-21-1148897783-301171496-773222092-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
      CHR HKU\S-1-5-21-1148897783-301171496-773222092-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [cohecngphbppjpaokeilaichhgggcmjb] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AdvancedSystemCareService11; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1053984 2017-11-01] (IObit)
      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-10] (AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-10] (AVAST Software)
      R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [332368 2017-11-11] (AVAST Software)
      R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
      R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
      R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [129648 2011-03-09] (Portrait Displays, Inc.)
      S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-02-07] (EasyAntiCheat Ltd)
      S3 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-10] (Hi-Rez Studios) [File not signed]
      R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1766176 2017-05-19] (IObit)
      R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
      R2 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-09-12] (Nero AG)
      R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc)
      R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-07-16] ()
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

    7. #7
      Usuario Avatar de ronaldo54674
      Registrado
      dic 2017
      Ubicación
      vnezuela
      Mensajes
      14

      Re: kemgadeojglibflomicgnfeopkdfflnk el virus

      parte 2:
      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R3 ACPIService; C:\WINDOWS\System32\drivers\OSDACPI.SYS [17992 2009-06-17] ()
      U5 amd_sata; C:\Windows\System32\Drivers\amd_sata.sys [85704 2016-11-17] (Advanced Micro Devices)
      U5 amd_xata; C:\Windows\System32\Drivers\amd_xata.sys [43720 2016-11-17] (Advanced Micro Devices)
      R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-10] (AVAST Software)
      R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-10] (AVAST Software s.r.o.)
      R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-10] (AVAST Software s.r.o.)
      R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-10] (AVAST Software s.r.o.)
      R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-10] (AVAST Software s.r.o.)
      S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-10] (AVAST Software)
      R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-01] (AVAST Software)
      R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-10] (AVAST Software)
      R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [570152 2017-11-11] (AVAST Software)
      R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-10] (AVAST Software)
      R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-10] (AVAST Software)
      R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-10] (AVAST Software)
      R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-11-15] (AVAST Software)
      R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-10] (AVAST Software)
      R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-10] (AVAST Software)
      S3 CpqDfw; C:\WINDOWS\System32\drivers\CpqDfw.sys [24376 2010-03-01] ()
      R3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [48960 2017-12-17] (CPUID)
      S3 cqcpu; C:\WINDOWS\System32\drivers\cqcpu.sys [24376 2010-03-01] ()
      R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-08] (Disc Soft Ltd)
      R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-11] (Disc Soft Ltd)
      R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
      R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-14] (REALiX(tm))
      R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44096 2017-03-17] (IObit.com)
      R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39288 2017-03-06] (IObit.com)
      R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40440 2017-02-16] (IObit)
      R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [33600 2017-02-16] (IObit.com)
      R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [24056 2017-07-19] (IObit)
      R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
      R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
      R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52792 2017-02-16] (IObit.com)
      S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
      R3 RimVSerPort; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-19] (Realtek )
      S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
      R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
      S3 usbbus; C:\WINDOWS\System32\drivers\lgx64bus.sys [17920 2016-02-17] (LG Electronics Inc.)
      S3 UsbDiag; C:\WINDOWS\system32\DRIVERS\lgx64diag.sys [28160 2016-02-17] (LG Electronics Inc.)
      R1 VBoxUSBMon; C:\WINDOWS\System32\DRIVERS\VBoxUSBMon.sys [127432 2016-11-29] (BigNox Corporation)
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
      S3 xhunter1; C:\WINDOWS\xhunter1.sys [36832 2017-03-19] (Wellbia.com Co., Ltd.)
      R2 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\drivers\YSDrv\YSDrv.sys [270608 2017-04-28] (BigNox Corporation)
      U3 idsvc; no ImagePath
      S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-12-17 04:06 - 2017-12-17 04:07 - 000032309 _____ C:\Users\ronnycrespo\Desktop\FRST.txt
      2017-12-17 04:04 - 2017-12-17 04:04 - 002392576 _____ (Farbar) C:\Users\ronnycrespo\Downloads\FRST64.exe
      2017-12-17 04:04 - 2017-12-17 04:04 - 002392576 _____ (Farbar) C:\Users\ronnycrespo\Desktop\FRST64.exe
      2017-12-17 03:58 - 2017-12-17 03:58 - 000000000 ___HD C:\OneDriveTemp
      2017-12-16 23:25 - 2017-12-16 23:27 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\ronnycrespo\Downloads\SpyHunter-Installer.exe
      2017-12-16 22:59 - 2017-12-16 22:59 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\ProductData
      2017-12-16 22:35 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
      2017-12-16 22:33 - 2017-12-17 03:56 - 000000000 ____D C:\ProgramData\ProductData
      2017-12-16 22:15 - 2017-12-16 23:44 - 000001826 _____ C:\Users\ronnycrespo\Desktop\google chrome.lnk
      2017-12-16 21:29 - 2017-12-16 22:58 - 000002240 _____ C:\Users\Public\Desktop\Advanced SystemCare 11.lnk
      2017-12-16 21:29 - 2017-12-16 21:29 - 000002942 _____ C:\WINDOWS\System32\Tasks\ASC11_SkipUac_ronnycrespo
      2017-12-16 21:22 - 2017-12-16 21:22 - 000000000 ____D C:\ProgramData\MB2Migration
      2017-12-16 21:22 - 2017-12-16 21:22 - 000000000 ____D C:\Program Files\Malwarebytes
      2017-12-16 21:19 - 2017-12-16 22:35 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
      2017-12-16 21:18 - 2016-03-19 00:35 - 000000000 ____D C:\Users\ronnycrespo\Desktop\Malwarebytes.Anti-Malware.Premium.v2.2.1.1043.Multilingual.Final.Incl.Fix
      2017-12-16 21:16 - 2017-12-16 21:21 - 008187336 _____ (Malwarebytes) C:\Users\ronnycrespo\Downloads\adwcleaner_7.0.5.0 (3).exe
      2017-12-16 20:56 - 2017-12-16 20:57 - 001790024 _____ (Malwarebytes) C:\Users\ronnycrespo\Downloads\JRT.exe
      2017-12-16 20:30 - 2017-12-16 20:30 - 000000252 _____ C:\DelFix.txt
      2017-12-16 20:30 - 2017-12-16 20:30 - 000000000 ____D C:\WINDOWS\ERUNT
      2017-12-16 20:26 - 2017-12-16 20:26 - 000797760 _____ C:\Users\ronnycrespo\Downloads\delfix_1.013.exe
      2017-12-16 20:24 - 2017-12-16 20:27 - 000090137 _____ C:\Users\ronnycrespo\Downloads\Addition.txt
      2017-12-16 20:21 - 2017-12-16 20:27 - 000088130 _____ C:\Users\ronnycrespo\Downloads\FRST.txt
      2017-12-16 20:20 - 2017-12-17 04:06 - 000000000 ____D C:\FRST
      2017-12-16 19:32 - 2017-12-16 22:57 - 000000386 _____ C:\WINDOWS\Tasks\HPCeeScheduleForronnycrespo.job
      2017-12-16 19:32 - 2017-12-16 19:32 - 000003302 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForronnycrespo
      2017-12-16 18:40 - 2017-12-16 18:40 - 000003666 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
      2017-12-16 18:01 - 2017-12-16 23:42 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-12-16 17:22 - 2017-01-26 21:58 - 000000134 _____ C:\Users\ronnycrespo\AppData\Local\matavirus.bat
      2017-12-16 16:56 - 2017-12-16 16:56 - 000003618 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-12-16 16:56 - 2017-12-16 16:56 - 000003494 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2017-12-16 16:35 - 2017-12-16 16:35 - 000605424 _____ (Reimage) C:\Users\ronnycrespo\Downloads\ReimageRepair (1).exe
      2017-12-16 16:22 - 2017-12-16 16:22 - 002011760 _____ (WiperSoft) C:\Users\ronnycrespo\Downloads\WiperSoft-installer (1).exe
      2017-12-16 16:08 - 2017-12-16 16:52 - 000000000 ____D C:\WINDOWS\4941BFEB62C047A2801E998FC469CC2C.TMP
      2017-12-16 16:05 - 2017-12-16 16:05 - 043526292 _____ C:\Users\ronnycrespo\Downloads\SH 4 by santoslaguna88 + PCH.zip
      2017-12-16 15:49 - 2017-12-16 15:49 - 000001171 _____ C:\Users\ronnycrespo\AppData\Local\Local - Acceso directo.lnk
      2017-12-16 15:48 - 2017-12-16 15:52 - 000000110 _____ C:\AdwCleanerDebug.txt
      2017-12-16 15:46 - 2017-12-16 15:46 - 002141108 _____ C:\Users\ronnycrespo\Downloads\AdwCleaner.v4.104.MULTi-FREE.rar
      2017-12-16 15:29 - 2017-12-16 22:49 - 000000000 ____D C:\ProgramData\Malwarebytes
      2017-12-16 15:27 - 2017-12-16 15:28 - 022923420 _____ C:\Users\ronnycrespo\Downloads\2.2.1.1043s.rar
      2017-12-16 14:12 - 2017-12-16 14:12 - 000601776 _____ (Microsoft Corporation) C:\Users\ronnycrespo\Downloads\WMIDiag.exe
      2017-12-16 13:42 - 2017-12-16 23:47 - 110342144 _____ C:\WINDOWS\system32\config\SOFTWARE
      2017-12-16 13:42 - 2017-12-16 23:47 - 001835008 _____ C:\WINDOWS\system32\config\DEFAULT
      2017-12-16 13:42 - 2017-12-16 23:47 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
      2017-12-16 13:42 - 2017-12-16 13:42 - 000024576 _____ C:\WINDOWS\system32\config\SAM
      2017-12-16 13:41 - 2017-12-16 13:41 - 000000000 ____H C:\asc_rdflag
      2017-12-16 13:25 - 2017-12-16 13:31 - 011201632 _____ (Piriform Ltd) C:\Users\ronnycrespo\Downloads\ccsetup538.exe
      2017-12-16 11:54 - 2017-12-16 11:54 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\VirtualStore
      2017-12-16 11:53 - 2017-12-16 11:53 - 000407568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2017-12-16 11:42 - 2017-12-16 11:42 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\AVAST Software
      2017-12-15 10:12 - 2017-12-15 10:13 - 000000835 _____ C:\Users\ronnycrespo\Desktop\truco de sky.txt
      2017-12-14 17:59 - 2017-12-14 17:59 - 157275106 _____ C:\Users\ronnycrespo\Downloads\(AniMEGA-SD) BkunoKnjo - 10.mp4
      2017-12-14 17:53 - 2017-12-14 17:53 - 000003606 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B2B717B7-1058-4606-B6D3-2906259D4E9E}
      2017-12-14 17:30 - 2017-12-14 17:30 - 000000000 ____D C:\Program Files\Common Files\INCA Shared
      2017-12-14 15:57 - 2017-12-14 15:57 - 000000000 ____D C:\Users\ronnycrespo\Downloads\Telegram Desktop
      2017-12-14 13:54 - 2017-12-14 13:54 - 000226970 _____ C:\Users\ronnycrespo\Downloads\0e29efb13b90bd5634ac3b6c65a0af90.crx
      2017-12-14 13:48 - 2017-12-14 13:48 - 000001010 _____ C:\Users\ronnycrespo\Downloads\Delete Chrome Polices.rar
      2017-12-14 13:48 - 2017-12-14 13:48 - 000000008 __RSH C:\ProgramData\ntuser.pol
      2017-12-14 13:01 - 2017-12-14 13:34 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\Google
      2017-12-14 12:30 - 2017-12-14 12:31 - 001129816 _____ (Google Inc.) C:\Users\ronnycrespo\Downloads\ChromeSetup.exe
      2017-12-14 04:37 - 2017-12-14 04:37 - 157236618 _____ C:\Users\ronnycrespo\Downloads\(AniMEGA-SD) UQ H0LD3R! - 11.mp4
      2017-12-13 23:58 - 2017-12-13 23:58 - 000000000 ____D C:\Program Files (x86)\GUMB82A.tmp
      2017-12-13 23:51 - 2017-12-13 23:53 - 008187336 _____ (Malwarebytes) C:\Users\ronnycrespo\Downloads\adwcleaner_7.0.5.0 (2).exe
      2017-12-13 23:50 - 2017-12-16 22:53 - 000000000 ____D C:\AdwCleaner
      2017-12-13 23:49 - 2017-12-13 23:50 - 008261584 _____ (Malwarebytes) C:\Users\ronnycrespo\Downloads\adwcleaner-7-0-4-0.exe
      2017-12-13 23:48 - 2017-12-13 23:48 - 000045568 _____ C:\Users\ronnycrespo\Downloads\adwcleaner_7.0.5.0 (1).exe
      2017-12-13 23:46 - 2017-12-13 23:46 - 000045568 _____ C:\Users\ronnycrespo\Downloads\adwcleaner_7.0.5.0.exe
      2017-12-13 23:17 - 2017-12-13 23:17 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
      2017-12-13 23:01 - 2017-12-13 23:04 - 003058554 _____ C:\Users\ronnycrespo\Downloads\IObit Driver Booster Pro Crack Only.zip
      2017-12-13 22:56 - 2017-12-13 22:58 - 000002389 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk
      2017-12-13 22:37 - 2017-12-13 22:38 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Idle
      2017-12-13 22:34 - 2017-12-13 22:35 - 000571347 _____ ( ) C:\Users\ronnycrespo\Downloads\Driver_Toolkit_License_Key.exe
      2017-12-13 22:24 - 2017-12-13 22:27 - 002458632 _____ (Megaify Software ) C:\Users\ronnycrespo\Downloads\DriverToolkitInstaller.exe
      2017-12-13 21:25 - 2017-12-13 21:25 - 000014634 _____ C:\Users\ronnycrespo\Downloads\paproyecto.cpp
      2017-12-12 23:12 - 2017-12-12 23:12 - 000012589 _____ C:\Users\ronnycrespo\Downloads\parte-1-lista-copia (2).cpp
      2017-12-12 23:05 - 2017-12-12 23:05 - 000012463 _____ C:\Users\ronnycrespo\Downloads\proyecto (2) (1).cpp
      2017-12-12 23:00 - 2017-12-12 23:06 - 000000000 ____D C:\Users\ronnycrespo\Desktop\Nueva carpeta
      2017-12-12 22:56 - 2017-12-12 23:00 - 000589824 _____ C:\Users\ronnycrespo\Downloads\parte-1-lista-copia (2).ils
      2017-12-12 22:56 - 2017-12-12 23:00 - 000524288 _____ C:\Users\ronnycrespo\Downloads\parte-1-lista-copia (2).ilf
      2017-12-12 22:56 - 2017-12-12 23:00 - 000131072 _____ C:\Users\ronnycrespo\Downloads\parte-1-lista-copia (2).tds
      2017-12-12 22:56 - 2017-12-12 23:00 - 000131072 _____ C:\Users\ronnycrespo\Downloads\parte-1-lista-copia (2).ilc
      2017-12-12 22:56 - 2017-12-12 23:00 - 000065536 _____ C:\Users\ronnycrespo\Downloads\parte-1-lista-copia (2).ild
      2017-12-12 22:56 - 2017-12-12 22:56 - 000087552 _____ C:\Users\ronnycrespo\Downloads\parte-1-lista-copia (2).exe
      2017-12-12 22:56 - 2017-12-12 22:56 - 000039443 _____ C:\Users\ronnycrespo\Downloads\parte-1-lista-copia (2).obj
      2017-12-12 22:29 - 2017-12-12 22:55 - 000012485 _____ C:\Users\ronnycrespo\Downloads\parte-1-lista-copia (2).bak
      2017-12-12 22:00 - 2017-12-12 22:00 - 000012589 _____ C:\Users\ronnycrespo\Downloads\parte-1-lista-copia (2) (1).cpp
      2017-12-12 21:29 - 2017-12-12 21:29 - 000009342 _____ C:\Users\ronnycrespo\Downloads\proyecto (1).cpp
      2017-12-12 21:24 - 2017-12-12 21:24 - 000009342 _____ C:\Users\ronnycrespo\Downloads\proyecto.cpp
      2017-12-12 21:22 - 2017-12-12 22:56 - 000012463 _____ C:\Users\ronnycrespo\Downloads\proyecto (2).cpp
      2017-12-12 18:55 - 2017-12-12 18:55 - 000000000 ____D C:\Program Files (x86)\Webzen
      2017-12-12 16:20 - 2017-12-01 22:25 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
      2017-12-12 16:20 - 2017-12-01 22:25 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
      2017-12-12 16:05 - 2017-11-29 23:33 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
      2017-12-12 16:05 - 2017-11-29 23:33 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
      2017-12-12 16:05 - 2017-11-29 23:33 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
      2017-12-12 16:05 - 2017-11-29 23:29 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
      2017-12-12 16:05 - 2017-11-29 23:26 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
      2017-12-12 16:05 - 2017-11-29 23:24 - 000870896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
      2017-12-12 16:05 - 2017-11-29 23:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
      2017-12-12 16:05 - 2017-11-29 23:23 - 001194248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
      2017-12-12 16:05 - 2017-11-29 23:00 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
      2017-12-12 16:05 - 2017-11-29 22:59 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
      2017-12-12 16:05 - 2017-11-29 22:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2017-12-12 16:05 - 2017-11-29 22:58 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
      2017-12-12 16:05 - 2017-11-29 22:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
      2017-12-12 16:05 - 2017-11-29 22:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
      2017-12-12 16:05 - 2017-11-29 22:44 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
      2017-12-12 16:05 - 2017-11-29 22:44 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2017-12-12 16:05 - 2017-11-29 22:44 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
      2017-12-12 16:05 - 2017-11-29 22:44 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
      2017-12-12 16:05 - 2017-11-29 22:43 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
      2017-12-12 16:05 - 2017-11-29 22:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
      2017-12-12 16:05 - 2017-11-29 22:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
      2017-12-12 16:05 - 2017-11-29 22:42 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
      2017-12-12 16:05 - 2017-11-29 22:42 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
      2017-12-12 16:05 - 2017-11-29 22:42 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
      2017-12-12 16:05 - 2017-11-29 22:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
      2017-12-12 16:05 - 2017-11-29 22:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
      2017-12-12 16:05 - 2017-11-29 22:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
      2017-12-12 16:05 - 2017-11-29 22:41 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
      2017-12-12 16:05 - 2017-11-29 22:41 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
      2017-12-12 16:05 - 2017-11-29 22:41 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
      2017-12-12 16:05 - 2017-11-29 22:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
      2017-12-12 16:05 - 2017-11-29 22:40 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2017-12-12 16:05 - 2017-11-29 22:40 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
      2017-12-12 16:05 - 2017-11-29 22:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
      2017-12-12 16:05 - 2017-11-29 22:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
      2017-12-12 16:05 - 2017-11-29 22:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
      2017-12-12 16:05 - 2017-11-29 22:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2017-12-12 16:05 - 2017-11-29 22:39 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
      2017-12-12 16:05 - 2017-11-29 22:39 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
      2017-12-12 16:05 - 2017-11-29 22:39 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
      2017-12-12 16:05 - 2017-11-29 22:38 - 008195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
      2017-12-12 16:05 - 2017-11-29 22:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
      2017-12-12 16:05 - 2017-11-29 22:38 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
      2017-12-12 16:05 - 2017-11-29 22:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
      2017-12-12 16:05 - 2017-11-29 22:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
      2017-12-12 16:05 - 2017-11-29 22:37 - 006252544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
      2017-12-12 16:05 - 2017-11-29 22:37 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
      2017-12-12 16:05 - 2017-11-29 22:37 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
      2017-12-12 16:05 - 2017-11-29 22:37 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
      2017-12-12 16:05 - 2017-11-29 22:36 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
      2017-12-12 16:05 - 2017-11-29 22:36 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2017-12-12 16:05 - 2017-11-29 22:36 - 003652096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2017-12-12 16:05 - 2017-11-29 22:36 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
      2017-12-12 16:05 - 2017-11-29 22:36 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
      2017-12-12 16:05 - 2017-11-29 22:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
      2017-12-12 16:05 - 2017-11-29 22:36 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
      2017-12-12 16:05 - 2017-11-29 22:36 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
      2017-12-12 16:05 - 2017-11-29 22:35 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
      2017-12-12 16:05 - 2017-11-29 22:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
      2017-12-12 16:05 - 2017-11-17 05:46 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
      2017-12-12 16:05 - 2017-11-17 05:46 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
      2017-12-12 16:05 - 2017-11-17 05:46 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
      2017-12-12 16:05 - 2017-11-17 05:46 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
      2017-12-12 16:05 - 2017-11-17 05:46 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
      2017-12-12 16:05 - 2017-11-17 05:46 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
      2017-12-12 16:05 - 2017-11-17 05:46 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
      2017-12-12 16:05 - 2017-11-17 05:46 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
      2017-12-12 16:05 - 2017-11-17 05:46 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
      2017-12-12 16:05 - 2017-11-17 05:46 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
      2017-12-12 16:05 - 2017-11-17 05:46 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
      2017-12-12 16:05 - 2017-11-17 05:46 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
      2017-12-12 16:05 - 2017-11-17 05:46 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
      2017-12-12 16:05 - 2017-11-17 05:41 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
      2017-12-12 16:05 - 2017-11-17 05:39 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
      2017-12-12 16:05 - 2017-11-17 05:39 - 000643200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
      2017-12-12 16:05 - 2017-11-17 05:37 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
      2017-12-12 16:05 - 2017-11-17 05:31 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
      2017-12-12 16:05 - 2017-11-17 05:03 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
      2017-12-12 16:05 - 2017-11-17 05:00 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
      2017-12-12 16:05 - 2017-11-17 04:59 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
      2017-12-12 16:05 - 2017-11-17 04:56 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
      2017-12-12 16:04 - 2017-11-29 22:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
      2017-12-12 16:04 - 2017-11-29 22:44 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
      2017-12-12 16:04 - 2017-11-29 22:43 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
      2017-12-12 16:04 - 2017-11-29 22:42 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
      2017-12-12 16:04 - 2017-11-29 22:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
      2017-12-12 14:37 - 2017-12-12 14:38 - 005588432 _____ C:\Users\ronnycrespo\Downloads\MU_Downloader.exe
      2017-12-11 22:26 - 2017-12-11 22:28 - 019512080 _____ (MindArk PE AB) C:\Users\ronnycrespo\Downloads\entropia_universe_setup (1).exe
      2017-12-11 18:38 - 2017-12-11 18:38 - 000002265 _____ C:\Users\ronnycrespo\Desktop\Discord.lnk
      2017-12-11 12:48 - 2017-12-11 12:48 - 157256069 _____ C:\Users\ronnycrespo\Downloads\(AniMEGA-SD) H1M0U70 UM4RU-CH4N R S2 - 10.mp4
      2017-12-11 12:29 - 2017-12-11 12:29 - 157190718 _____ C:\Users\ronnycrespo\Downloads\(AniMEGA-SD) 1M0U70 S43 IR3B4 L1 - 10.mp4
      2017-12-11 00:22 - 2017-12-12 21:23 - 000735969 _____ C:\Users\ronnycrespo\Downloads\bcwdef.csm
      2017-12-11 00:21 - 2017-12-11 00:21 - 000008787 _____ C:\Users\ronnycrespo\Downloads\fun operaciones basicas (1) (2).cpp
      2017-12-11 00:21 - 2017-12-11 00:21 - 000008787 _____ C:\Users\ronnycrespo\Downloads\fun operaciones basicas (1) (1).cpp
      2017-12-10 23:38 - 2017-12-10 23:38 - 199236838 _____ C:\Users\ronnycrespo\Downloads\0034 10.mp4
      2017-12-10 20:11 - 2017-12-10 20:35 - 015770512 _____ (IObit ) C:\Users\ronnycrespo\Downloads\driver-booster-4-5-0-527.exe
      2017-12-10 20:07 - 2017-12-10 20:07 - 000003286 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
      2017-12-10 20:07 - 2017-12-10 20:07 - 000003122 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
      2017-12-10 20:07 - 2017-03-09 13:53 - 000030744 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
      2017-12-10 19:43 - 2017-12-10 20:03 - 012844800 _____ (IObit ) C:\Users\ronnycrespo\Downloads\sd5_setup.exe
      2017-12-10 19:37 - 2017-12-10 19:37 - 000003136 _____ C:\WINDOWS\System32\Tasks\ASC11_PerformanceMonitor
      2017-12-10 19:37 - 2017-12-10 19:37 - 000000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
      2017-12-10 19:06 - 2017-12-10 19:33 - 027365040 _____ (IObit ) C:\Users\ronnycrespo\Downloads\advanced-systemcare-free-11-0-3-186.exe
      2017-12-10 11:54 - 2017-12-10 11:54 - 000000000 ____D C:\AMD
      2017-12-10 11:48 - 2017-12-10 12:08 - 011653381 _____ C:\Users\ronnycrespo\Downloads\Sin confirmar 173365.crdownload
      2017-12-10 11:40 - 2017-12-10 11:51 - 041032000 _____ (AMD Inc.) C:\Users\ronnycrespo\Downloads\radeon-crimson-relive-17.11.4-minimalsetup-171128_web.exe
      2017-12-09 01:25 - 2017-12-09 01:25 - 002206155 _____ C:\Users\ronnycrespo\Downloads\Lana Suiren.zip
      2017-12-09 00:46 - 2017-12-09 00:46 - 026584307 _____ C:\Users\ronnycrespo\Downloads\Cosplay Hump! Shiro-chan's case.zip
      2017-12-09 00:33 - 2017-12-09 00:33 - 002843776 _____ C:\Users\ronnycrespo\Downloads\pokemon - magma admin courtney.zip
      2017-12-08 23:56 - 2017-12-08 23:56 - 002679606 _____ C:\Users\ronnycrespo\Downloads\Netoge no Yome wa Onna no Ko Janai to Omotta_.zip
      2017-12-08 23:53 - 2017-12-08 23:53 - 003311470 _____ C:\Users\ronnycrespo\Downloads\♆_Acerola_♆.zip
      2017-12-08 23:52 - 2017-12-08 23:52 - 003649345 _____ C:\Users\ronnycrespo\Downloads\Acerola.zip
      2017-12-08 23:49 - 2017-12-08 23:49 - 002757377 _____ C:\Users\ronnycrespo\Downloads\Acerola Mimikyu.zip
      2017-12-08 23:47 - 2017-12-08 23:47 - 003986944 _____ C:\Users\ronnycrespo\Downloads\Kawaii Girl - 01.zip
      2017-12-08 23:47 - 2017-12-08 23:47 - 003691649 _____ C:\Users\ronnycrespo\Downloads\To Love Ru! _Darkness_ .zip
      2017-12-08 23:45 - 2017-12-08 23:45 - 003064118 _____ C:\Users\ronnycrespo\Downloads\To Love Ru - Yami.zip
      2017-12-08 23:45 - 2017-12-08 23:45 - 003027703 _____ C:\Users\ronnycrespo\Downloads\Xenoblade Chronicles 2 - Pyra.zip
      2017-12-08 23:43 - 2017-12-08 23:43 - 002117924 _____ C:\Users\ronnycrespo\Downloads\Ririna from Koi to Uso.zip
      2017-12-08 23:40 - 2017-12-08 23:40 - 003064862 _____ C:\Users\ronnycrespo\Downloads\Black&White.zip
      2017-12-07 23:11 - 2017-12-07 23:11 - 157445837 _____ C:\Users\ronnycrespo\Downloads\(AniMEGA-SD) BkunoKnjo - 09.mp4
      2017-12-06 23:49 - 2017-12-06 23:49 - 008761703 _____ C:\Users\ronnycrespo\Downloads\Wadatsumi-sama.zip
      2017-12-06 19:54 - 2017-12-06 19:55 - 1842139551 _____ C:\Users\ronnycrespo\Downloads\22 - yahari-ore-no-seishun-love-come-wa-machigatteiru.zip
      2017-12-06 13:25 - 2017-12-06 13:25 - 000001944 _____ C:\Users\ronnycrespo\Downloads\fun operaciones basicas.cpp
      2017-12-06 13:25 - 2017-12-06 13:25 - 000001944 _____ C:\Users\ronnycrespo\Downloads\fun operaciones basicas (1).cpp
      2017-12-06 10:38 - 2017-12-06 10:38 - 000003384 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1148897783-301171496-773222092-1000
      2017-12-06 10:38 - 2017-12-06 10:38 - 000002415 _____ C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2017-12-06 09:22 - 2017-12-06 09:22 - 000000000 ____D C:\Program Files\Common Files\Avast Software
      2017-12-05 22:37 - 2017-12-05 22:37 - 157305289 _____ C:\Users\ronnycrespo\Downloads\(AniMEGA-SD) UQ H0LD3R! - 10.mp4
      2017-12-02 20:53 - 2017-12-02 20:53 - 000000000 ____D C:\Users\ronnycrespo\Documents\FeedbackHub
      2017-12-02 18:34 - 2017-12-02 19:26 - 000000000 ____D C:\Users\ronnycrespo\Desktop\pedrive
      2017-12-02 18:25 - 2017-12-10 07:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool
      2017-12-02 18:25 - 2017-12-02 18:25 - 000001135 _____ C:\Users\ronnycrespo\Desktop\Hard Disk Low Level Format Tool.lnk
      2017-12-02 18:25 - 2017-12-02 18:25 - 000000001 _____ C:\Users\ronnycrespo\AppData\Local\llftool.4.40.agreement
      2017-12-02 18:25 - 2017-12-02 18:25 - 000000000 ____D C:\Program Files (x86)\HDDGURU LLF Tool
      2017-12-01 23:32 - 2017-12-01 23:32 - 000577043 _____ C:\Users\ronnycrespo\Downloads\tf00001031.pptx
      2017-12-01 23:30 - 2017-12-01 23:31 - 000484475 _____ C:\Users\ronnycrespo\Downloads\tf00001238.pptx
      2017-12-01 23:30 - 2017-12-01 23:30 - 000461403 _____ C:\Users\ronnycrespo\Downloads\tf00001226.pptx
      2017-11-28 09:09 - 2017-11-08 11:03 - 000027680 _____ (PDF Complete, Inc.) C:\WINDOWS\system32\pdfc_port.dll
      2017-11-25 18:35 - 2017-11-25 18:35 - 198800827 _____ C:\Users\ronnycrespo\Downloads\machia ova 1.mp4
      2017-11-21 21:04 - 2017-11-21 21:04 - 000000000 ____D C:\Users\ronnycrespo\Documents\Criterion Games
      2017-11-19 10:43 - 2017-11-19 10:39 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
      2017-11-19 10:37 - 2017-11-19 10:37 - 001010648 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
      2017-11-19 10:35 - 2017-11-19 10:35 - 005839840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
      2017-11-19 10:35 - 2017-11-19 10:35 - 003509232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 003507688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 002210272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000190544 _____ (Sonic Focus, Inc.) C:\WINDOWS\system32\SFProc64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000096056 _____ (Sonic Focus, Inc.) C:\WINDOWS\system32\SFComm64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000093496 _____ (Sonic Focus, Inc.) C:\WINDOWS\system32\SFSAPO64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000092472 _____ (Sonic Focus, Inc.) C:\WINDOWS\system32\SFHAPO64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000092472 _____ (Sonic Focus, Inc.) C:\WINDOWS\system32\SFDAPO64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
      2017-11-19 10:35 - 2017-11-19 10:35 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
      2017-11-19 10:34 - 2017-11-19 10:34 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
      2017-11-19 10:34 - 2017-11-19 10:34 - 012935679 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
      2017-11-19 10:34 - 2017-11-19 10:34 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
      2017-11-19 10:34 - 2017-11-19 10:34 - 001616680 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
      2017-11-19 10:34 - 2017-11-19 10:34 - 001529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
      2017-11-19 10:34 - 2017-11-19 10:34 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
      2017-11-18 17:03 - 2017-11-18 17:03 - 000244380 _____ C:\Users\ronnycrespo\Downloads\Tarea 3 Integrales Definidas y Aplicaciones 2017-2.pdf
      2017-11-18 15:17 - 2017-12-10 07:13 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Local\TileDataLayer

    8. #8
      Usuario Avatar de ronaldo54674
      Registrado
      dic 2017
      Ubicación
      vnezuela
      Mensajes
      14

      Re: kemgadeojglibflomicgnfeopkdfflnk el virus

      parete 3:
      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-12-17 03:58 - 2016-12-09 14:35 - 000000000 ___RD C:\Users\ronnycrespo\OneDrive
      2017-12-17 03:55 - 2017-04-28 12:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2017-12-17 03:55 - 2011-07-27 22:48 - 000000000 ____D C:\ProgramData\PDFC
      2017-12-16 23:47 - 2017-03-18 07:40 - 001310720 _____ C:\WINDOWS\system32\config\BBI
      2017-12-16 23:42 - 2016-10-31 10:32 - 000001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      2017-12-16 22:58 - 2016-07-08 11:03 - 000000000 ____D C:\Users\ronnycrespo\AppData\LocalLow\IObit
      2017-12-16 22:57 - 2016-07-08 11:02 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\IObit
      2017-12-16 22:57 - 2016-07-08 11:01 - 000000000 ____D C:\ProgramData\IObit
      2017-12-16 22:56 - 2017-04-28 11:44 - 000000000 ____D C:\Users\ronnycrespo
      2017-12-16 22:13 - 2017-04-28 11:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2017-12-16 21:47 - 2017-10-10 12:29 - 000000000 ____D C:\TempDump
      2017-12-16 21:46 - 2017-04-28 17:30 - 000000000 ____D C:\Users\ronnycrespo\.BigNox
      2017-12-16 21:46 - 2016-12-15 21:21 - 000000000 ____D C:\ProgramData\VirtualWifiRouter
      2017-12-16 21:46 - 2016-12-15 20:21 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\{30C2069E-146A-6A26-79F2-4FCE5D9AB356}
      2017-12-16 21:46 - 2016-11-29 21:00 - 000000000 ____D C:\Users\ronnycrespo\vmlogs
      2017-12-16 21:46 - 2016-11-29 20:59 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\Nox
      2017-12-16 21:46 - 2016-10-19 18:54 - 000000000 ____D C:\BC5
      2017-12-16 21:21 - 2016-07-15 16:32 - 000000000 ____D C:\Users\ronnycrespo\.android
      2017-12-16 19:24 - 2016-07-08 10:29 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\HpUpdate
      2017-12-16 18:17 - 2017-01-11 13:19 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\discord
      2017-12-16 18:05 - 2017-02-21 10:36 - 000000000 ____D C:\Users\ronnycrespo\AppData\LocalLow\Mozilla
      2017-12-16 18:01 - 2016-07-08 10:42 - 000000000 ____D C:\Program Files (x86)\Google
      2017-12-16 17:08 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\AppReadiness
      2017-12-16 16:51 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\NDF
      2017-12-16 15:44 - 2017-03-18 17:01 - 000000000 ____D C:\WINDOWS\INF
      2017-12-16 13:42 - 2017-07-28 09:57 - 110342144 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
      2017-12-16 13:42 - 2017-07-28 09:57 - 001679360 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
      2017-12-16 13:42 - 2017-07-28 09:57 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
      2017-12-16 13:42 - 2017-07-28 09:57 - 000024576 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
      2017-12-16 13:35 - 2016-07-08 11:32 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\uTorrent
      2017-12-16 13:32 - 2017-04-28 11:44 - 000000000 ____D C:\Users\DefaultAppPool
      2017-12-16 13:03 - 2017-11-11 08:33 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
      2017-12-16 11:48 - 2017-06-09 23:50 - 000000000 ____D C:\WINDOWS\Minidump
      2017-12-16 11:44 - 2016-07-09 22:41 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\CrashDumps
      2017-12-15 18:20 - 2017-03-18 17:03 - 000000000 ___HD C:\Program Files\WindowsApps
      2017-12-15 16:55 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\rescache
      2017-12-14 18:41 - 2016-08-26 14:51 - 000000000 ___RD C:\Users\ronnycrespo\Desktop\juegos
      2017-12-14 17:58 - 2011-07-27 22:24 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
      2017-12-14 13:55 - 2016-07-10 15:03 - 000000000 ____D C:\Users\ronnycrespo\Desktop\ronaldo
      2017-12-13 23:23 - 2016-12-09 14:03 - 000000000 __RHD C:\Users\Public\AccountPictures
      2017-12-13 23:22 - 2016-12-09 14:03 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\Packages
      2017-12-13 23:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\oobe
      2017-12-13 22:57 - 2016-12-29 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
      2017-12-13 09:25 - 2017-03-18 16:51 - 000000000 ____D C:\WINDOWS\CbsTemp
      2017-12-13 00:04 - 2017-02-21 10:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2017-12-13 00:04 - 2016-10-31 10:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2017-12-12 16:16 - 2016-12-09 18:15 - 000000000 ____D C:\WINDOWS\system32\MRT
      2017-12-12 16:08 - 2017-10-11 20:05 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
      2017-12-12 16:08 - 2016-12-09 18:15 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
      2017-12-12 14:39 - 2016-10-19 13:05 - 000000000 ____D C:\download
      2017-12-12 14:38 - 2016-10-19 13:05 - 000000000 ____D C:\ProgramData\WEBZEN
      2017-12-11 18:38 - 2017-01-11 13:18 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\Discord
      2017-12-11 14:17 - 2017-11-06 13:54 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\Ubisoft Game Launcher
      2017-12-10 20:07 - 2016-11-19 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
      2017-12-10 12:28 - 2017-03-18 17:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2017-12-10 12:27 - 2017-09-30 11:06 - 000000000 ___HD C:\$WINDOWS.~BT
      2017-12-10 12:27 - 2016-07-08 12:36 - 000000354 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRONNYCRESPO-HP$.job
      2017-12-10 11:03 - 2016-12-09 19:02 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\MicrosoftEdge
      2017-12-10 11:01 - 2017-01-26 22:05 - 000000000 ___RD C:\Users\ronnycrespo\3D Objects
      2017-12-10 10:54 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\Registration
      2017-12-10 10:53 - 2016-12-09 14:01 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat
      2017-12-10 10:27 - 2017-04-28 11:42 - 002056280 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
      2017-12-10 09:22 - 2017-04-26 14:12 - 000000000 ___DC C:\WINDOWS\Panther
      2017-12-10 09:09 - 2017-04-28 12:14 - 000030483 _____ C:\WINDOWS\diagwrn.xml
      2017-12-10 09:09 - 2017-04-28 12:14 - 000030483 _____ C:\WINDOWS\diagerr.xml
      2017-12-10 07:17 - 2017-08-09 20:45 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
      2017-12-10 07:17 - 2017-06-08 10:58 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
      2017-12-10 07:17 - 2017-05-06 17:25 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cheating-Death
      2017-12-10 07:17 - 2017-04-28 11:41 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
      2017-12-10 07:17 - 2017-04-03 21:10 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
      2017-12-10 07:17 - 2017-03-21 23:25 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
      2017-12-10 07:17 - 2017-03-20 01:11 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 __RSD C:\WINDOWS\Media
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\spool
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\IME
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\System
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\schemas
      2017-12-10 07:17 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
      2017-12-10 07:17 - 2017-02-20 13:06 - 000000000 ____D C:\WINDOWS\system32\SSL
      2017-12-10 07:17 - 2017-02-06 20:15 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
      2017-12-10 07:17 - 2017-02-04 17:33 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicosmosTools
      2017-12-10 07:17 - 2017-02-04 16:51 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
      2017-12-10 07:17 - 2017-01-11 13:19 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
      2017-12-10 07:17 - 2016-12-09 19:32 - 000000000 ____D C:\WINDOWS\SysWOW64\Codecs
      2017-12-10 07:17 - 2016-11-30 20:22 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV-Media-Player
      2017-12-10 07:17 - 2016-11-29 21:01 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
      2017-12-10 07:17 - 2016-10-19 18:55 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Borland C++ 5.02
      2017-12-10 07:17 - 2016-10-05 08:02 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
      2017-12-10 07:17 - 2016-08-21 21:16 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
      2017-12-10 07:17 - 2016-07-26 19:06 - 000000000 ____D C:\WINDOWS\SHELLNEW
      2017-12-10 07:17 - 2016-07-08 12:52 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
      2017-12-10 07:16 - 2017-10-27 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
      2017-12-10 07:16 - 2017-10-11 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master of Orion
      2017-12-10 07:16 - 2017-10-10 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellaris
      2017-12-10 07:16 - 2017-10-07 09:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Galactic Civilizations III Crusade
      2017-12-10 07:16 - 2017-10-03 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2018
      2017-12-10 07:16 - 2017-10-03 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
      2017-12-10 07:16 - 2017-10-03 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
      2017-12-10 07:16 - 2017-09-30 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transformers Fall of Cybertron
      2017-12-10 07:16 - 2017-09-28 08:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
      2017-12-10 07:16 - 2017-08-17 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
      2017-12-10 07:16 - 2017-08-08 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2017-12-10 07:16 - 2017-06-12 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Decompiler Gold
      2017-12-10 07:16 - 2017-06-11 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
      2017-12-10 07:16 - 2017-06-11 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
      2017-12-10 07:16 - 2017-05-26 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yu-Gi-Oh! Legacy of the Duelist
      2017-12-10 07:16 - 2017-05-26 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
      2017-12-10 07:16 - 2017-05-06 17:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
      2017-12-10 07:16 - 2017-04-28 06:22 - 000000000 ____D C:\Program Files (x86)\MSBuild
      2017-12-10 07:16 - 2017-04-25 14:26 - 000000000 ____D C:\Program Files\UNP
      2017-12-10 07:16 - 2017-03-21 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
      2017-12-10 07:16 - 2017-03-18 17:03 - 000000000 __SHD C:\Program Files\Windows Sidebar
      2017-12-10 07:16 - 2017-03-18 17:03 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
      2017-12-10 07:16 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\Help
      2017-12-10 07:16 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
      2017-12-10 07:16 - 2017-01-30 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 1404 Gold Edition
      2017-12-10 07:16 - 2017-01-17 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
      2017-12-10 07:16 - 2017-01-03 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
      2017-12-10 07:16 - 2016-12-18 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
      2017-12-10 07:16 - 2016-12-12 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
      2017-12-10 07:16 - 2016-12-09 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
      2017-12-10 07:16 - 2016-12-09 14:03 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\TileDataLayer
      2017-12-10 07:16 - 2016-12-07 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDS PRO 3DS
      2017-12-10 07:16 - 2016-12-06 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
      2017-12-10 07:16 - 2016-08-21 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
      2017-12-10 07:16 - 2016-08-14 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout Shelter
      2017-12-10 07:16 - 2016-08-08 13:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
      2017-12-10 07:16 - 2016-08-04 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDS PRO Apps
      2017-12-10 07:16 - 2016-08-04 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDS PRO
      2017-12-10 07:16 - 2016-07-26 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
      2017-12-10 07:16 - 2016-07-13 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Privoxy
      2017-12-10 07:16 - 2016-07-12 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
      2017-12-10 07:16 - 2016-07-08 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
      2017-12-10 07:16 - 2016-07-08 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
      2017-12-10 07:16 - 2016-07-08 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manuales del Usuario de HP
      2017-12-10 07:16 - 2011-07-27 22:55 - 000000000 ____D C:\WINDOWS\es
      2017-12-10 07:16 - 2011-07-27 22:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
      2017-12-10 07:16 - 2011-07-27 22:54 - 000000000 ____D C:\WINDOWS\eu
      2017-12-10 07:16 - 2011-07-27 22:54 - 000000000 ____D C:\WINDOWS\en
      2017-12-10 07:16 - 2011-07-27 22:54 - 000000000 ____D C:\WINDOWS\ca
      2017-12-10 07:16 - 2011-07-27 22:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
      2017-12-10 07:16 - 2011-07-27 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete
      2017-12-10 07:16 - 2011-07-27 22:46 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
      2017-12-10 07:16 - 2011-07-27 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders
      2017-12-10 07:16 - 2011-07-27 22:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
      2017-12-10 07:16 - 2011-07-27 22:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager
      2017-12-10 07:16 - 2011-07-27 22:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
      2017-12-10 07:16 - 2011-07-27 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
      2017-12-10 07:16 - 2011-07-27 22:18 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
      2017-12-10 07:16 - 2009-07-14 01:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
      2017-12-09 20:19 - 2017-03-18 07:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
      2017-12-09 18:53 - 2017-01-17 12:09 - 000000000 ____D C:\Program Files (x86)\Steam
      2017-12-06 18:07 - 2017-04-28 12:09 - 000003288 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForRONNYCRESPO-HP$
      2017-12-06 09:22 - 2017-04-28 12:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
      2017-12-06 09:12 - 2017-07-28 09:57 - 042196992 _____ C:\WINDOWS\system32\config\COMPONENTS.iodefrag.bak
      2017-12-05 15:54 - 2016-07-08 14:29 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\DAEMON Tools Lite
      2017-11-30 11:29 - 2016-11-02 19:12 - 000000000 ____D C:\Users\ronnycrespo\pseint
      2017-11-28 09:09 - 2011-07-27 22:48 - 000000000 ____D C:\Program Files (x86)\PDF Complete
      2017-11-25 23:42 - 2017-11-15 12:46 - 000001530 _____ C:\Users\ronnycrespo\Downloads\Forza Horizon JasSpeR.txt
      2017-11-22 08:33 - 2017-04-28 11:42 - 002865136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2017-11-22 08:33 - 2017-03-20 01:11 - 001315154 _____ C:\WINDOWS\system32\perfh00A.dat
      2017-11-22 08:33 - 2017-03-20 01:11 - 000324564 _____ C:\WINDOWS\system32\perfc00A.dat
      2017-11-21 19:47 - 2016-12-12 23:27 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\Battle.net
      2017-11-20 21:39 - 2016-12-12 23:14 - 000000000 ____D C:\Program Files (x86)\Battle.net
      2017-11-20 08:56 - 2016-12-09 14:03 - 000000000 ____D C:\Users\ronnycrespo\AppData\Local\ConnectedDevicesPlatform
      2017-11-19 11:05 - 2016-10-31 10:33 - 000000000 ____D C:\Users\ronnycrespo\AppData\Roaming\Mozilla
      2017-11-19 10:45 - 2017-08-09 20:29 - 000000000 ____D C:\Program Files (x86)\Java
      2017-11-19 10:44 - 2017-08-08 23:16 - 000000000 ____D C:\ProgramData\Oracle

      ==================== Files in the root of some directories =======

      2016-11-29 13:06 - 2016-11-29 13:08 - 000001310 _____ () C:\Users\ronnycrespo\AppData\Roaming\droid4xinstaller.log
      2017-02-20 13:09 - 2017-02-20 13:09 - 001908039 _____ () C:\Users\ronnycrespo\AppData\Roaming\Lala.tst
      2017-10-27 17:37 - 2017-10-27 19:09 - 000000077 _____ () C:\Users\ronnycrespo\AppData\Roaming\Rim.Desktop.Exception.log
      2017-10-27 17:37 - 2017-10-27 17:37 - 000001111 _____ () C:\Users\ronnycrespo\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
      2017-10-27 17:38 - 2017-10-27 19:09 - 000000077 _____ () C:\Users\ronnycrespo\AppData\Roaming\Rim.DesktopHelper.Exception.log
      2017-10-27 17:46 - 2017-10-27 19:09 - 000000077 _____ () C:\Users\ronnycrespo\AppData\Roaming\Rim.Transcoder.Exception.log
      2017-02-03 23:20 - 2017-02-03 23:20 - 000000098 _____ () C:\Users\ronnycrespo\AppData\Roaming\theHunterPrimal_LauncherSettings_live.cfg
      2017-02-03 23:16 - 2017-02-03 23:16 - 000007503 _____ () C:\Users\ronnycrespo\AppData\Roaming\TheHunterPrimevalSettings_live.bin
      2017-10-27 17:46 - 2017-10-27 17:47 - 000010240 _____ () C:\Users\ronnycrespo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2017-12-02 18:25 - 2017-12-02 18:25 - 000000001 _____ () C:\Users\ronnycrespo\AppData\Local\llftool.4.40.agreement
      2017-12-16 15:49 - 2017-12-16 15:49 - 000001171 _____ () C:\Users\ronnycrespo\AppData\Local\Local - Acceso directo.lnk
      2016-09-01 11:36 - 2016-09-01 11:36 - 000000000 ___SH () C:\Users\ronnycrespo\AppData\Local\LumaEmu
      2017-12-16 17:22 - 2017-01-26 21:58 - 000000134 _____ () C:\Users\ronnycrespo\AppData\Local\matavirus.bat
      2017-01-03 18:05 - 2017-01-03 18:05 - 000000017 _____ () C:\Users\ronnycrespo\AppData\Local\resmon.resmoncfg

      Some files in TEMP:
      ====================
      2014-11-08 04:33 - 2014-12-04 19:01 - 000601088 _____ () C:\Users\ronnycrespo\AppData\Local\Temp\Quarantine.exe
      2014-11-08 04:47 - 2014-10-17 07:39 - 000665682 _____ (SQLite Development Team) C:\Users\ronnycrespo\AppData\Local\Temp\sqlite3.dll
      2017-12-16 15:27 - 2017-12-16 15:27 - 000005120 _____ () C:\Users\ronnycrespo\AppData\Local\Temp\vwhre5lc.dll

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-12-15 16:50

      ==================== End of FRST.txt ============================

    9. #9
      Usuario Avatar de ronaldo54674
      Registrado
      dic 2017
      Ubicación
      vnezuela
      Mensajes
      14

      Re: kemgadeojglibflomicgnfeopkdfflnk el virus

      Addition:
      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2017
      Ran by ronnycrespo (17-12-2017 04:08:40)
      Running from C:\Users\ronnycrespo\Desktop
      Windows 10 Home Version 1703 15063.786 (X64) (2017-04-28 16:19:20)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-1148897783-301171496-773222092-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-1148897783-301171496-773222092-503 - Limited - Disabled)
      Invitado (S-1-5-21-1148897783-301171496-773222092-501 - Limited - Disabled)
      ronnycrespo (S-1-5-21-1148897783-301171496-773222092-1000 - Administrator - Enabled) => C:\Users\ronnycrespo

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
      FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      µTorrent (HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
      ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
      Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
      Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
      Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
      AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge4d)
      Akamai NetSession Interface (HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
      Anno 1404 Gold Edition versión 1.03 (HKLM-x32\...\{52057027-985F-4455-9D84-46D3D99AB138}_is1) (Version: 1.03 - UBISoft)
      ARK Survival Evolved version 232.4 (HKLM-x32\...\ARK Survival Evolved_is1) (Version: 232.4 - GMT-MAX.ORG)
      ATI Catalyst Install Manager (HKLM\...\{E2D662AD-3FE3-26C5-5540-90E4974EF412}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
      aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
      AuraKingdom-ES (HKLM-x32\...\AuraKingdom-ES) (Version: - )
      Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
      Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
      Bejeweled 2 Deluxe (HKLM-x32\...\WT089453) (Version: 2.2.0.95 - WildTangent) Hidden
      Bejeweled 3 (HKLM-x32\...\WT089498) (Version: 2.2.0.95 - WildTangent) Hidden
      Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
      Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
      BlackBerry Desktop Software 7.1 (HKLM-x32\...\{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}) (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
      BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
      Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
      Blasterball 3 (HKLM-x32\...\WT089308) (Version: 2.2.0.95 - WildTangent) Hidden
      Borderlands - Game of The Year Edition (HKLM-x32\...\Borderlands - Game of The Year Edition_is1) (Version: - )
      Borland C++ 5.02 (HKLM-x32\...\Borland C++ 5.02) (Version: - )
      Bounce Symphony (HKLM-x32\...\WT087330) (Version: 2.2.0.95 - WildTangent) Hidden
      Build-a-lot 2 (HKLM-x32\...\WT087335) (Version: 2.2.0.95 - WildTangent) Hidden
      Cake Mania (HKLM-x32\...\WT089359) (Version: 2.2.0.95 - WildTangent) Hidden
      Cheating-Death 4.33.4 (HKLM-x32\...\Cheating-Death) (Version: - )
      Chuzzle Deluxe (HKLM-x32\...\WT089454) (Version: 2.2.0.95 - WildTangent) Hidden
      Cities XXL (HKLM-x32\...\Cities XXL_is1) (Version: - )
      Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Control ActiveX del Windows Live Mesh per a connexions remotes (HKLM-x32\...\{76C064E2-BB99-4453-8FDA-42BC01AD0734}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD)
      CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.2615 - CyberLink Corp.)
      CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.0.3511 - CyberLink Corp.)
      D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
      Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT087536) (Version: 2.2.0.95 - WildTangent) Hidden
      Discord (HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\Discord) (Version: 0.0.299 - Discord Inc.)
      Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
      Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.1.0 - IObit)
      Facebook Gameroom 1.7.6419.39279 (HKLM-x32\...\{D4BD422A-BE4A-4318-B617-34FA42544193}) (Version: 1.7.6419.39279 - Facebook)
      Fallout 3 Gold Repack (HKLM-x32\...\Fallout 3 Gold Repack) (Version: - )
      Fallout New Vegas Ultimate Edition (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: - )
      Fallout Shelter MULTi6 - ElAmigos versión 1.6 (HKLM-x32\...\{39E152EF-1A98-4B53-BE7B-049D2F41473D}_is1) (Version: 1.6 - Bethesda Softworks)
      Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
      FATE - The Traitor Soul (HKLM-x32\...\WT089470) (Version: 2.2.0.95 - WildTangent) Hidden
      Final Drive Nitro (HKLM-x32\...\WT089504) (Version: 2.2.0.95 - WildTangent) Hidden
      Flash Decompiler Gold 2.3.1.1386 (HKLM-x32\...\Flash Decompiler Gold_is1) (Version: - Metrix Media Software Inc.)
      FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2532 - HYBRIDWEB.de)
      FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time)
      Galactic Civilizations III Crusade (HKLM-x32\...\Galactic Civilizations III Crusade_is1) (Version: - )
      Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.108 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
      HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.9.6 - Hi-Rez Studios)
      Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
      HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
      HP Keyboard (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.5.0.3 - Hewlett-Packard)
      HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
      HP My Display (HKLM-x32\...\{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}) (Version: 1.03.021 - Portrait Displays, Inc.)
      HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
      HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
      HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
      HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
      HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
      HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
      HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
      HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
      ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
      IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.1 - IObit)
      IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit)
      IsoBuster 3.9 (HKLM-x32\...\IsoBuster_is1) (Version: 3.9 - Smart Projects)
      Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
      Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
      LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.) Hidden
      LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
      LG Mobile Drivers (HKLM-x32\...\{01DC2C23-5D76-4744-A771-2F454C5DD872}) (Version: 4.1.1 - LG Electronics)
      Los Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.62.153 - Electronic Arts)
      Los Sims™ 3 ¡Quemando rueda! Accesorios (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
      Los Sims™ 3 ¡Vaya fauna! (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
      Los Sims™ 3 Aventura en la Isla (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
      Los Sims™ 3 Criaturas Sobrenaturales (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
      Los Sims™ 3 Diesel Accesorios (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
      Los Sims™ 3 Hacia el Futuro (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
      Los Sims™ 3 Movida en la facultad (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
      Los Sims™ 3 Salto a la fama (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
      Los Sims™ 3 Triunfadores (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
      Los Sims™ 3 Trotamundos (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
      Los Sims™ 3 Vida en la ciudad Accesorios (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
      Los Sims™ 3 Y Las Cuatro Estaciones (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
      Mah Jong Medley (HKLM-x32\...\WT087393) (Version: 2.2.0.95 - WildTangent) Hidden
      Master of Orion (HKLM-x32\...\Master of Orion_is1) (Version: - )
      Media Player Codec Pack 4.4.1 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.1 - Media Player Codec Pack)
      Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
      Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
      Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
      Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
      Microsoft Office Language Interface Pack 2010 - Català (HKLM-x32\...\{95140000-00FF-0403-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
      Microsoft Office Language Interface Pack 2010 - Euskara (HKLM-x32\...\{95140000-00FF-042D-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
      Microsoft Office Language Interface Pack 2010 - Galego (HKLM-x32\...\{95140000-00FF-0456-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
      Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.4053 False (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.0 False (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.0 False (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
      Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 False Eng (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
      Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
      Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
      Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
      MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
      Minecraft1.6.1 (HKLM-x32\...\Minecraft1.6.1) (Version: - )
      Mozilla Firefox 57.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 57.0.2 (x64 es-ES)) (Version: 57.0.2 - Mozilla)
      Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.2.6549 - Mozilla)
      Music Recorder (HKLM-x32\...\{F3949798-3544-433B-B5AB-A61F32F0386F}) (Version: 18.001.2 - Nero AG) Hidden
      Mystery P.I. - Stolen in San Francisco (HKLM-x32\...\WT089496) (Version: 2.2.0.95 - WildTangent) Hidden
      Namco All-Stars PAC-MAN (HKLM-x32\...\WT089484) (Version: 2.2.0.95 - WildTangent) Hidden
      NEKOPARA vol.0 (HKLM-x32\...\{25546E8B-B838-44A1-B798-E40C412421B1}) (Version: - NEKO WORKs)
      Nero 2018 (HKLM-x32\...\{34E116FD-CA2D-41A9-9EFF-DD7AD4552417}) (Version: 19.0.07000 - Nero AG)
      Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 19.0.0001 - Nero AG)
      Nox APP Player (HKLM-x32\...\Nox) (Version: 3.8.1.2 - Duodian Technology Co. Ltd.)
      NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
      Online.io Application (HKLM-x32\...\{F0847AE0-465A-4D7B-A555-AABB43B550F0}) (Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION
      OpenAL (HKLM-x32\...\OpenAL) (Version: - )
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.26 - PDF Complete, Inc)
      Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
      PicosmosTools 1.8.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.0.0 - Free Time)
      Plague Inc Evolved Shadow Plague (HKLM-x32\...\Plague Inc Evolved Shadow Plague_is1) (Version: - )
      Plants vs. Zombies - Game of the Year (HKLM-x32\...\WT089458) (Version: 2.2.0.95 - WildTangent) Hidden
      Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
      Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
      Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
      Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.) Hidden
      Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
      Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0003 - Nero AG) Hidden
      Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Nombre de su organización)
      Privoxy (remove only) (HKLM-x32\...\Privoxy) (Version: - )
      PSeInt (HKLM-x32\...\PSeInt) (Version: - )
      PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
      Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
      RapeLay (remove only) (HKLM-x32\...\RapeLay) (Version: - )
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8198 - Realtek Semiconductor Corp.)
      Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3621 - CyberLink Corp.) Hidden
      Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
      Resource Hacker Version 4.5.30 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
      SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
      SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
      SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.26.005 - Portrait Displays, Inc.) Hidden
      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
      Shadow Tactics - Blades of the Shogun (HKLM-x32\...\1601442230_is1) (Version: 2.0.0.3 - GOG.com)
      Sid Meier's Civilization V (HKLM-x32\...\Sid Meier's Civilization V_is1) (Version: - )
      Slingo Supreme (HKLM-x32\...\WT089457) (Version: 2.2.0.95 - WildTangent) Hidden
      Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.7.1 - IObit)
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      Stellaris MULTi7 - ElAmigos versión 1.8.0 (HKLM-x32\...\{5B76BB3D-DCE9-487A-A2DD-AD60265DA783}_is1) (Version: 1.8.0 - Paradox Interactive)
      Texmaker (HKLM-x32\...\Texmaker) (Version: - )
      The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition_is1) (Version: - )
      Tom Clancy's EndWar (HKLM-x32\...\{7C3D8108-8D99-427F-A1C2-D8E0D25A469C}) (Version: 1.00.0000 - Ubisoft)
      Traductor versión 3.0 (HKLM-x32\...\{E6394084-49EF-4122-A8DF-229CD370F2CC}_is1) (Version: 3.0 - Traducciones MCX)
      Traffic Exchange (HKLM-x32\...\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}) (Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION
      Transformers Fall of Cybertron (HKLM-x32\...\Transformers Fall of Cybertron_is1) (Version: 1.0 - PLAZA)
      Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
      Unity Web Player (HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
      Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
      Uplay (HKLM-x32\...\Uplay) (Version: 43.1 - Ubisoft)
      Urruneko konexioetarako Windows Live Mesh ActiveX kontrola (HKLM-x32\...\{7BA6DF02-B094-45D7-A3C9-BE3684253922}) (Version: 15.4.5722.2 - Microsoft Corporation)
      Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
      WhatsApp (HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\WhatsApp) (Version: 0.2.5093 - WhatsApp)
      WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.2 - WildTangent) Hidden
      Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
      Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
      Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
      WinDS PRO 2017.03.07 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2017.03.07 - WinDS PRO Central)
      WinDS PRO 3DS 2016.10.05 (HKLM\...\{6D7C563A-AC1E-459D-ABA2-274D1702DB8A}_is1) (Version: 2016.10.05 - WinDS PRO Central)
      WinDS PRO Apps 2015.12.16 (HKLM\...\{92C4C953-5CE1-4DC3-97D5-BBD1A63EF706}_is1) (Version: 2015.12.16 - WinDS PRO Central)
      WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
      WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
      Wondershare LiveBoot 2012 (Build 7.0.1) (HKLM-x32\...\Wondershare LiveBoot 2012_is1) (Version: - Wondershare Software Co., Ltd.)
      Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
      Yahoo! Powered (HKLM-x32\...\{84576C97-D4D7-BD17-6557-CD97B5D71E17}) (Version: - ) <==== ATTENTION
      Yu-Gi-Oh! Legacy of the Duelist version 1.0 (HKLM-x32\...\Yu-Gi-Oh! Legacy of the Duelist_is1) (Version: 1.0 - Konami Digital Entertainment Inc)
      Zinio Reader 4 (HKLM-x32\...\{465210C4-595A-BD80-44E8-E0457D9D8432}) (Version: 4.0.3184 - Zinio LLC) Hidden
      Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
      Zuma Deluxe (HKLM-x32\...\WT089455) (Version: 2.2.0.95 - WildTangent) Hidden
      小女ラムネ (HKLM-x32\...\{FCA92CEC-F59A-4946-9C86-7428ACB0704E}) (Version: 1.00.0000 - たぬきそふと)

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-1148897783-301171496-773222092-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1148897783-301171496-773222092-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1148897783-301171496-773222092-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1148897783-301171496-773222092-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1148897783-301171496-773222092-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1148897783-301171496-773222092-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-10] (AVAST Software)
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-10] (AVAST Software)
      ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-10] (AVAST Software)
      ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
      ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
      ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit)
      ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-10] (AVAST Software)
      ContextMenuHandlers3: [LinkUpMenuExt] -> {B793E5EA-5344-488E-B98D-A18E2E5938AB} => C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\LinkUpExt64.dll [2011-02-24] (Hewlett-Packard)
      ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
      ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
      ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit)
      ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-10] (AVAST Software)
      ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
      ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit)
      ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

    10. #10
      Usuario Avatar de ronaldo54674
      Registrado
      dic 2017
      Ubicación
      vnezuela
      Mensajes
      14

      Re: kemgadeojglibflomicgnfeopkdfflnk el virus

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {0264927F-19B3-4C94-8055-53F6F414D141} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
      Task: {04321E4A-8A57-4F7E-913D-5093B4B241CA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-07-26] ()
      Task: {0BDFAD33-B1A9-4942-A1EB-37D5B2440D8D} - System32\Tasks\{EA0A9D8A-2911-4197-A6EB-58602B77015C} => C:\Windows\system32\pcalua.exe -a C:\Users\ronnycrespo\Downloads\PWCZ_ClienteCompleto_v139\install.exe -d C:\Users\ronnycrespo\Downloads\PWCZ_ClienteCompleto_v139
      Task: {15D0FAD6-799D-45E0-A4EF-55093628F31F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-01] (Adobe Systems Incorporated)
      Task: {1973F470-F24A-447F-81CF-2E92FDA80E2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated)
      Task: {20A48C8D-D701-43FD-BA57-10CD478CFC18} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
      Task: {2204F8AF-0ADE-42D5-B8CC-9C24496EC0AF} - System32\Tasks\ASC11_SkipUac_ronnycrespo => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
      Task: {2815A120-A4E6-4D0C-B1C5-473403F12D21} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
      Task: {36A24574-464B-4DAE-A8A2-9EA3FA4B930F} - System32\Tasks\ASC11_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2017-11-07] (IObit)
      Task: {39F3C1A0-4B2F-4B46-BD48-0CA89BAC0BDD} - \Yahoo! Powered coder -> No File <==== ATTENTION
      Task: {449B186C-E63B-4635-BF21-798D94CE30C6} - System32\Tasks\{53E7E2F9-562E-4976-A9AC-345EFC0D52D2} => C:\Windows\system32\pcalua.exe -a F:\Sims3EP11Setup.exe -d F:\
      Task: {4CCBF068-E5A5-43A2-8758-79E8FFF87E35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2017-11-14] (Microsoft)
      Task: {4EDA8B4B-6036-43FA-B03C-CA39963AE0BA} - System32\Tasks\{2FFF04F7-951E-40D4-8FF3-61447DD41F75} => C:\Windows\system32\pcalua.exe -a G:\Sims3EP07Setup.exe -d G:\
      Task: {50BD051A-EBBA-4A4A-A2F3-6CD7C7E8C720} - System32\Tasks\MirageAgent => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-12] (CyberLink)
      Task: {740D9B66-9B03-405A-8C37-7028EA06B5A2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-12-06] (AVAST Software)
      Task: {7723D1F6-A9CA-47E4-9B52-12E51280C025} - System32\Tasks\SafeZone scheduled Autoupdate 1467990366 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
      Task: {8FDFD487-DC12-4760-B323-6964CA79CEDE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-10] (AVAST Software)
      Task: {980B8480-1ADD-473B-86B8-6E6BE4369FB7} - \Games\UpdateCheck_S-1-5-21-1148897783-301171496-773222092-1000 -> No File <==== ATTENTION
      Task: {9887A74B-E7D0-4B6B-87F4-4F7FF050C74B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
      Task: {9BE45B9F-400B-47F9-92DA-FFC8A0300C4F} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe
      Task: {9C38147C-B734-4A29-9EFB-7784C5B835C1} - System32\Tasks\HPCeeScheduleForronnycrespo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
      Task: {9D2BB2C2-0D65-4D23-9AE4-1BF36DBFA68C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-16] (Google Inc.)
      Task: {AC1491A3-BEE9-49F4-A39B-65CB209EBA9B} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
      Task: {AE619B96-14E2-4AB0-B6D5-09A168B2292D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
      Task: {B7A89F40-1291-4B67-BDF7-B7A77906D473} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-21] (CyberLink)
      Task: {C3B94BC9-045C-41F5-897C-87E6E1BAD49C} - System32\Tasks\HPCeeScheduleForRONNYCRESPO-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
      Task: {CEE23C50-BF62-4B94-8B20-B0BD0B1F6359} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-16] (Google Inc.)
      Task: {DD649456-0CA7-490F-8B67-2A35AE710DF1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
      Task: {DFB8EEE8-92ED-4520-983A-676975657473} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
      Task: {E4712426-587D-4131-80E3-F1FD8402E290} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2017-06-02] (Nero AG)
      Task: {F6D710B6-D8AE-417B-A6D4-B29B1822FF50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2017-11-14] (Microsoft)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      Task: C:\WINDOWS\Tasks\HPCeeScheduleForRONNYCRESPO-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
      Task: C:\WINDOWS\Tasks\HPCeeScheduleForronnycrespo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
      Task: C:\WINDOWS\Tasks\Yahoo! Powered coder.job => Wscript.exe C:\ProgramData\{59809CE3-D3C2-1625-5504-8867CF4603A9}\loto.txt <==== ATTENTION

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)

      WMI_ActiveScriptEventConsumer_ASEC: <==== ATTENTION

      ShortcutWithArgument: C:\Users\ronnycrespo\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> "hxxp://groznyg.ru/?utm_source=startlink03&utm_content=867fe3304d60f83d78282432a73b98c5&utm_term=91263E30B4E5A6A6FDA6AC90950C710A&utm_d=20160915"
      ShortcutWithArgument: C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\RONNYC~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
      ShortcutWithArgument: C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\andres - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
      ShortcutWithArgument: C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
      ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\RONNYC~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"

      ==================== Loaded Modules (Whitelisted) ==============

      2016-07-16 15:42 - 2016-07-16 15:42 - 000075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
      2017-03-18 16:58 - 2017-03-18 16:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
      2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
      2017-03-18 16:59 - 2017-03-20 01:13 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2017-12-12 00:07 - 2017-12-12 00:10 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      2017-12-12 00:07 - 2017-12-12 00:10 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
      2017-12-12 00:07 - 2017-12-12 00:10 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
      2017-12-12 00:07 - 2017-12-12 00:10 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
      2017-11-10 13:24 - 2017-11-10 13:24 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
      2017-12-16 18:01 - 2017-12-13 22:49 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\libglesv2.dll
      2017-12-16 18:01 - 2017-12-13 22:49 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\libegl.dll
      2016-07-08 11:03 - 2016-03-31 17:57 - 000625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
      2017-12-16 21:29 - 2016-08-18 18:43 - 000442144 ____N () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
      2017-12-16 21:29 - 2016-08-18 18:43 - 000210720 ____N () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
      2017-12-16 21:29 - 2016-08-18 18:43 - 000059680 ____N () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
      2017-12-16 21:29 - 2017-08-04 13:44 - 000082720 ____N () C:\Program Files (x86)\IObit\Advanced SystemCare\GetProcessDLL.dll
      2017-12-16 21:29 - 2015-12-28 13:50 - 000899872 ____N () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
      2016-07-08 11:03 - 2015-12-23 19:02 - 000190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
      2016-07-08 11:03 - 2015-12-23 19:02 - 000057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
      2017-12-06 10:37 - 2017-12-06 10:37 - 000102088 _____ () C:\Users\ronnycrespo\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
      2017-12-11 18:37 - 2017-12-11 10:54 - 001893880 _____ () C:\Users\ronnycrespo\AppData\Local\Discord\app-0.0.299\ffmpeg.dll
      2017-12-16 18:17 - 2017-12-16 18:17 - 001886712 _____ () \\?\C:\Users\ronnycrespo\AppData\Roaming\discord\0.0.299\modules\discord_toaster\discord_toaster.node
      2017-12-16 21:29 - 2017-06-10 15:33 - 000631584 ____N () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
      2017-11-10 13:24 - 2017-11-10 13:24 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
      2017-11-10 13:24 - 2017-11-10 13:24 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
      2017-07-03 13:28 - 2017-07-03 13:28 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2017-11-10 13:24 - 2017-11-10 13:24 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
      2017-11-10 13:24 - 2017-11-10 13:24 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
      2017-11-10 13:24 - 2017-11-10 13:24 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
      2015-01-24 14:07 - 2015-01-24 14:07 - 000086528 _____ () C:\Program Files (x86)\Privoxy\mgwz.dll
      2017-07-29 21:48 - 2017-07-29 21:48 - 001162752 _____ () C:\Users\ronnycrespo\AppData\Local\Facebook\Games\CefSharp.Core.dll
      2017-07-29 21:48 - 2017-07-29 21:48 - 067197440 _____ () C:\Users\ronnycrespo\AppData\Local\Facebook\Games\libcef.dll
      2011-07-27 22:42 - 2011-02-15 13:59 - 000015624 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display\ACPIDll.dll
      2017-12-11 18:37 - 2017-12-11 10:54 - 001938424 _____ () C:\Users\ronnycrespo\AppData\Local\Discord\app-0.0.299\libglesv2.dll
      2017-12-11 18:37 - 2017-12-11 10:54 - 000095736 _____ () C:\Users\ronnycrespo\AppData\Local\Discord\app-0.0.299\libegl.dll
      2017-05-26 08:58 - 2016-12-12 16:52 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
      2017-05-26 08:58 - 2016-12-12 16:52 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
      2017-05-26 08:58 - 2016-12-12 16:52 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
      2017-05-26 08:58 - 2016-08-10 17:13 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll
      2017-05-26 08:58 - 2017-05-09 10:59 - 000631584 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
      2017-12-16 18:17 - 2017-12-16 18:17 - 009802232 _____ () \\?\C:\Users\ronnycrespo\AppData\Roaming\discord\0.0.299\modules\discord_voice\discord_voice.node
      2017-12-16 18:17 - 2017-12-16 18:17 - 001505784 _____ () \\?\C:\Users\ronnycrespo\AppData\Roaming\discord\0.0.299\modules\discord_utils\discord_utils.node
      2017-12-13 00:07 - 2017-12-13 00:07 - 000513016 _____ () \\?\C:\Users\ronnycrespo\AppData\Roaming\discord\0.0.299\modules\discord_erlpack\discord_erlpack.node
      2017-12-13 00:07 - 2017-12-13 00:07 - 002662904 _____ () \\?\C:\Users\ronnycrespo\AppData\Roaming\discord\0.0.299\modules\discord_rpc\discord_rpc.node
      2017-12-13 00:07 - 2017-12-13 00:07 - 001517048 _____ () \\?\C:\Users\ronnycrespo\AppData\Roaming\discord\0.0.299\modules\discord_game_utils\discord_game_utils.node
      2017-12-16 18:21 - 2017-12-16 18:21 - 002749944 _____ () \\?\C:\Users\ronnycrespo\AppData\Roaming\discord\0.0.299\modules\discord_contact_import\discord_contact_import.node
      2017-07-29 21:48 - 2017-07-29 21:48 - 000752640 _____ () C:\Users\ronnycrespo\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
      2017-07-29 21:48 - 2017-07-29 21:48 - 001886208 _____ () C:\Users\ronnycrespo\AppData\Local\Facebook\Games\libglesv2.dll
      2017-07-29 21:48 - 2017-07-29 21:48 - 000078848 _____ () C:\Users\ronnycrespo\AppData\Local\Facebook\Games\libegl.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)


      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)

      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\008i.com -> 008i.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\008k.com -> 008k.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\00hq.com -> 00hq.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\0190-dialers.com -> 0190-dialers.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\01i.info -> 01i.info
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\05p.com -> 05p.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\0calories.net -> 0calories.net
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\0cj.net -> 0cj.net
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\0scan.com -> 0scan.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\1-se.com -> 1-se.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\1001movie.com -> 1001movie.com
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\1001night.biz -> 1001night.biz
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\100gal.net -> 100gal.net
      IE restricted site: HKU\S-1-5-21-1148897783-301171496-773222092-1000\...\100sexlinks.com -> 100sexlinks.com

      There are 4788 more sites.


      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2009-07-13 22:34 - 2017-12-16 15:32 - 000007037 ____N C:\WINDOWS\system32\Drivers\etc\hosts

      0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
      0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
      0.0.0.0 media.opencandy.com
      0.0.0.0 cdn.opencandy.com
      0.0.0.0 tracking.opencandy.com
      0.0.0.0 api.opencandy.com
      0.0.0.0 api.recommendedsw.com
      0.0.0.0 rp.yefeneri2.com
      0.0.0.0 os.yefeneri2.com
      0.0.0.0 os2.yefeneri2.com
      0.0.0.0 installer.betterinstaller.com
      0.0.0.0 installer.filebulldog.com
      0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
      0.0.0.0 inno.bisrv.com
      0.0.0.0 nsis.bisrv.com
      0.0.0.0 cdn.file2desktop.com
      0.0.0.0 cdn.goateastcach.us
      0.0.0.0 cdn.guttastatdk.us
      0.0.0.0 cdn.inskinmedia.com
      0.0.0.0 cdn.insta.oibundles2.com
      0.0.0.0 cdn.insta.playbryte.com
      0.0.0.0 cdn.llogetfastcach.us
      0.0.0.0 cdn.montiera.com
      0.0.0.0 cdn.msdwnld.com
      0.0.0.0 cdn.mypcbackup.com
      0.0.0.0 cdn.ppdownload.com
      0.0.0.0 cdn.riceateastcach.us
      0.0.0.0 cdn.shyapotato.us
      0.0.0.0 cdn.solimba.com
      0.0.0.0 cdn.tuto4pc.com

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-1148897783-301171496-773222092-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ronnycrespo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
      DNS Servers: 192.168.1.181
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
      Windows Firewall is enabled.

    Página 1 de 2 12 ÚltimoÚltimo