• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 12

    Resultado HijackThis (Terminado)

    ...

    1. #1
      Usuario Avatar de gl2101
      Registrado
      dic 2009
      Ubicación
      Barcelona
      Mensajes
      56

      Resultado HijackThis (Terminado)

      Buenas tardes.
      A pesar de que mi PC en principio funciona correctamente (excepto tal vez por el hecho de que el arranque es algo lento), se me ha ocurrido analizarlo con HijackThis, y he obtenido el resultado que añado al final del post.
      He analizado el resultado en la pàgina HijackThis.de, y en muchas entradas me da avisos como el siguiente:

      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\Windows\system32\svchost.exe
      This entry is not running from the System32 folder, so it is probably nasty. This service (svchost.exe) seems to be nasty.
      This process is not running from the System32 folder as it is supposed to be.

      Sin embargo tanto el archivo umpnpmgr.dll como el svchost.exe si que se encuentran en la carpeta C:\Windows\system32, por lo que no veo la razón de la alarma, y me resisto a eliminar estas entradas, pues son muchas y probablemente necesarias.

      ¿Cual es vuestra opinión al respecto?

      Logfile of Trend Micro HijackThis v2.0.5
      Scan saved at 18:07:55, on 20/01/2018
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.9600.18817)


      Boot mode: Normal

      Running processes:
      C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Program Files\AVAST Software\Avast\AvastUI.exe
      C:\Program Files (x86)\FeedReader30\feedreader.exe
      C:\Users\Guillermo\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Users\Guillermo\AppData\Local\MEGAsync\MEGAsync.exe
      C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
      C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      C:\Users\Guillermo\AppData\Local\Google\Update\1.3.33.7\GoogleCrashHandler.exe
      C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
      C:\Program Files (x86)\Utilidades sencillas\HijackThis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.es/#spf=1
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      F2 - REG:system.ini: UserInit=userinit.exe,
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
      O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
      O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
      O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
      O4 - HKLM\..\Run: [Bonus.SSR.FR12] "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun
      O4 - HKLM\..\Run: [SilentCleanService] C:\Program Files (x86)\iMobie\PhoneClean\SilentCleanServer.exe
      O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
      O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
      O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
      O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
      O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files (x86)\FeedReader30\feedreader.exe"
      O4 - HKCU\..\Run: [Google Update] C:\Users\Guillermo\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
      O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Guillermo\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
      O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
      O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
      O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
      O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
      O4 - HKUS\S-1-5-18\..\RunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe" (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\RunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe" (User 'Default user')
      O4 - Startup: EOS Utility.lnk = C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
      O4 - Startup: MEGAsync.lnk = Guillermo\AppData\Local\MEGAsync\MEGAsync.exe
      O4 - Startup: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
      O4 - Startup: WindowsUpdateNotifier.lnk = C:\Program Files (x86)\Windows Update Notifier\WindowsUpdateNotifier.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
      O4 - Global Startup: Who Is On My Wifi.lnk = C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
      O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
      O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: http://ver.movistarplus.es
      O15 - Trusted Zone: http://www.xtec.cat
      O17 - HKLM\System\CCS\Services\Tcpip\..\{BFB85F5F-28A0-4288-8AD5-141A7EABC37A}: NameServer = 209.244.0.3,209.244.0.4
      O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
      O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
      O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe
      O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
      O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
      O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: ews-dbserver - Unknown owner - C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\binaries\dbserver\bin\ews-mysqld.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Servicio HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: HP Touchpoint Analytics (HPTouchpointAnalyticsService) - HP Inc. - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
      O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
      O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
      O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\GeofenceMonitorService.dll,-1 (lfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
      O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
      O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
      O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
      O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
      O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
      O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
      O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
      O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
      O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
      O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
      O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vmicres.dll,-801 (vmicguestinterface) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: VRLService - Chaos Software Ltd. - C:\Program Files\Chaos Group\VRLService\OLS/vrol.exe
      O23 - Service: V-Ray Swarm (vrswrm-service) - Unknown owner - C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
      O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
      O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\Windows\System32\svchost.exe
      O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
      O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

      --
      End of file - 32215 bytes

    2. #2
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.263

      re: Resultado HijackThis (Terminado)

      Saludos gl2101

      Te recomendaría no eliminar ninguna de esas entradas ya que desgraciadamente, Hijackthis no está actualizado a los nuevos sistema operativos windows, ni tampoco ha evolucionado para la detección de los nuevos malwares. De ahí que páginas web donde analizan de forma automática estos reportes de Hijackthis pueden inducirte a error y aconsejarte eliminar entradas legítimas. Por este motivo, aunque nunca han sido totalmente fiables, en la actualidad con más razón es totalmente desaconsejable utilizar este tipo de análisis automatizados.

      Si quieres que analicemos tu equipo, para descartar infecciones y evaluar procesos activos, realiza el siguiente procedimiento:


      Paso 1- Vamos a descargar en TU ESCRITORIO todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía):




      Paso 2- Ahora vamos a ejecutar Malwarebytes: es conveniente que inviertas unos minutos en leer con detalle su manual, para configurarlo, actualizarlo y usarlo correctamente.

      • Pulsa sobre Análisis y seleccionas Análisis Personalizado; a continuación pulsas sobre Configurar Análisis: seleccionas todas la unidades que tengas y pulsas sobre Analizar ahora.
      • Cuando Termine el análisis, Seleccionas "Eliminar Seleccionados".
      • Reinicias el sistema.
      • En el apartado "Historial" encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.




      Paso 3 - A continuación, ejecutaremos CCleaner. Debes usar, sus dos opciones principales, de acuerdo a su Manual:

      • "Limpiador": para borrar cookies, temporales de internet y todos los archivos que éste te muestre como obsoletos.
      • "Registro" para limpiar todo el Registro de Windows (haciendo copia de seguridad).
      • NO necesitamos este reporte.




      Paso 4 - Por último vamos a ejecutar Farbar Recovery Scan Tool (FRST) que lo debes de tener descargado en tu escritorio:

      • La guardas en el Escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe/Frst64.exe según el caso.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.
      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.
      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta.
      • Utiliza dos mensajes si te dice que es muy largo.




      Paso 5 - En tu próxima respuesta, pegas los reportes de Malwarebytes' y FRST.


      Saludos

      Pd: para los románticos y amantes de Hijackthis, se recomienda utilizar la versión alpha HiJackThis Fork, aunque en la actualidad hay herramienta más potentes adaptadas a los nuevos malwares.
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de gl2101
      Registrado
      dic 2009
      Ubicación
      Barcelona
      Mensajes
      56

      re: Resultado HijackThis (Terminado)

      Gracias por vuestra atención:

      Adjunto reportes en respuestas separadas.

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 23/1/18
      Hora del análisis: 16:23
      Archivo de registro: 57e31696-0051-11e8-aec2-e03f4913ea93.json
      Administrador: Sí

      -Información del software-
      Versión: 3.3.1.2183
      Versión de los componentes: 1.0.262
      Versión del paquete de actualización: 1.0.3766
      Licencia: Premium

      -Información del sistema-
      SO: Windows 8.1
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: PC-GUILLERMO\Guillermo

      -Resumen del análisis-
      Tipo de análisis: Análisis personalizado
      Resultado: Completado
      Objetos analizados: 766758
      Amenazas detectadas: 0
      Amenazas en cuarentena: 0
      (No hay elementos maliciosos detectados)
      Tiempo transcurrido: 1 hr, 37 min, 0 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

    4. #4
      Usuario Avatar de gl2101
      Registrado
      dic 2009
      Ubicación
      Barcelona
      Mensajes
      56

      re: Resultado HijackThis (Terminado)

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.01.2018
      Ran by Guillermo (administrator) on PC-GUILLERMO (23-01-2018 18:21:31)
      Running from C:\Users\Guillermo\Desktop
      Loaded Profiles: Guillermo (Available Profiles: Guillermo & Administrador)
      Platform: Windows 8.1 (Update) (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
      (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
      (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
      (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
      (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
      (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
      (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
      (Chaos Software Ltd.) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
      () C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
      (Chaos Software Ltd.) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      () C:\Program Files (x86)\FeedReader30\feedreader.exe
      (Google, Inc) C:\Users\Guillermo\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
      (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
      (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      (Mega Limited) C:\Users\Guillermo\AppData\Local\MEGAsync\MEGAsync.exe
      (Christoph Pangerl) C:\Program Files (x86)\Windows Update Notifier\WindowsUpdateNotifier.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
      (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
      (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
      (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      (HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      (Google Inc.) C:\Users\Guillermo\AppData\Local\Google\Update\1.3.33.7\GoogleCrashHandler.exe
      (Google Inc.) C:\Users\Guillermo\AppData\Local\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
      (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
      HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-21] (AVAST Software)
      HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
      HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
      HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
      HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
      HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-11-30] (Apple Inc.)
      HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
      HKLM-x32\...\Run: [] => [X]
      HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2213160 2007-12-03] (Nero AG)
      HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1527960 2016-01-20] (ABBYY Production LLC.)
      HKLM-x32\...\Run: [SilentCleanService] => C:\Program Files (x86)\iMobie\PhoneClean\SilentCleanServer.exe [494056 2016-10-20] (iMobie Inc.)
      HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
      Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [799880 2017-10-30] (Sandboxie Holdings, LLC)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-13] (Nero AG)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-01-08] (Glarysoft Ltd)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [feedreader.exe] => C:\Program Files (x86)\FeedReader30\feedreader.exe [2058240 2009-03-29] ()
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [Google Update] => C:\Users\Guillermo\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-16] (Google Inc.)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [Google Photos Backup] => C:\Users\Guillermo\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-12-08] (Apple Inc.)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-12-08] (Apple Inc.)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2013-08-23] (Microsoft Corporation)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-12-08] (Apple Inc.)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-12-08] (Apple Inc.)
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\MountPoints2: {36bbf8e5-8b4f-11e4-83ae-e03f4913ea93} - "H:\Startme.exe"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\MountPoints2: {4923e991-5aff-11e5-858f-e03f4913ea93} - "G:\PC/GD_BIO_1R.exe"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\MountPoints2: {64d6294c-fccd-11e5-86a4-e03f4913ea93} - "G:\LaunchU3.exe" -a
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\MountPoints2: {cab37e59-e564-11e5-867e-e03f4913ea93} - "J:\LaunchU3.exe" -a
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\MountPoints2: {cdcc88bb-e010-11e7-8959-e03f4913ea93} - "G:\HiSuiteDownLoader.exe"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\MountPoints2: {f7e9579c-b53b-11e4-8429-e03f4913ea93} - "G:\autorun.exe"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2013-08-22] (Microsoft Corporation)
      HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [67384 2017-12-08] (Apple Inc.)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-11-30]
      ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-06-19]
      ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk [2017-12-02]
      ShortcutTarget: Who Is On My Wifi.lnk -> C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe (IO3O LLC)
      Startup: C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2014-06-19]
      ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
      Startup: C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-02-03]
      ShortcutTarget: MEGAsync.lnk -> C:\Users\Guillermo\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
      Startup: C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk [2014-05-07]
      ShortcutTarget: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
      Startup: C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WindowsUpdateNotifier.lnk [2018-01-23]
      ShortcutTarget: WindowsUpdateNotifier.lnk -> C:\Program Files (x86)\Windows Update Notifier\WindowsUpdateNotifier.exe (Christoph Pangerl)
      BootExecute: autocheck autochk * sdnclean64.exe
      GroupPolicy: Restriction <==== ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\..\Interfaces\{BFB85F5F-28A0-4288-8AD5-141A7EABC37A}: [NameServer] 209.244.0.3,209.244.0.4

      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.es/#spf=1
      SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
      SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003 -> DefaultScope {414B3BFF-61FE-4CB2-9C1D-F709095BB4FD} URL = hxxps://www.qwant.com/?q={searchTerms}&client=opensearch
      SearchScopes: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003 -> {414B3BFF-61FE-4CB2-9C1D-F709095BB4FD} URL = hxxps://www.qwant.com/?q={searchTerms}&client=opensearch
      SearchScopes: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
      SearchScopes: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
      BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-10] (AVAST Software)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-20] (Oracle Corporation)
      BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-10] (AVAST Software)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-20] (Oracle Corporation)
      Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

      FireFox:
      ========
      FF DefaultProfile: nf8ubbkg.default
      FF DefaultProfile: 4qnmzlro.default
      FF ProfilePath: C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\44rz5yp8.default [not found] <==== ATTENTION
      FF DefaultProfile: lj3g0c25.default
      FF ProfilePath: C:\Users\Guillermo\AppData\Roaming\webradio-face99e7ab6d84ab7c662430c101b816\Profiles\nf8ubbkg.default [2016-05-17]
      FF ProfilePath: C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default [2018-01-23]
      FF Homepage: Mozilla\Firefox\Profiles\4qnmzlro.default -> about:home
      FF Extension: (ADB Helper) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-11-14] [Legacy]
      FF Extension: (Botón de Google Académico) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-11-16]
      FF Extension: (Diccionari català (general)) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2016-07-29] [Legacy]
      FF Extension: (British English Dictionary (Updated)) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2016-07-29] [Legacy] [not signed]
      FF Extension: (Diccionario de Español/España) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-01-28] [Legacy]
      FF Extension: (I don't care about cookies) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-12-29]
      FF Extension: (Open in IE™) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-12-18]
      FF Extension: (S3.Translator) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-12-22]
      FF Extension: (Avast SafePrice) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2018-01-02]
      FF Extension: (Avast Online Security) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-10-06]
      FF Extension: (ColorfulTabs) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}.xpi [2017-12-26]
      FF Extension: (WX Download Status Bar) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\{a1c84bb7-d5fc-4906-90b4-965e520b29bf}.xpi [2018-01-22]
      FF Extension: (Video DownloadHelper) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-19]
      FF Extension: (Unpaywall) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\{f209234a-76f0-4735-9920-eb62507a54cd}.xpi [2018-01-15]
      FF SearchPlugin: C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\searchplugins\google-lavasoft.xml [2016-07-29]
      FF ProfilePath: C:\Users\Guillermo\AppData\Roaming\internetradio-08ac29b1795d0c93f780050049fbff0f\Profiles\lj3g0c25.default [2016-05-17]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
      FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
      FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
      FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
      FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
      FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-20] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-20] (Oracle Corporation)
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
      FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2018-01-06] (Nitro Software, Inc.)
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
      FF Plugin HKU\S-1-5-21-1594238518-2351825753-3521044555-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Guillermo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]
      FF Plugin HKU\S-1-5-21-1594238518-2351825753-3521044555-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Guillermo\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
      FF Plugin HKU\S-1-5-21-1594238518-2351825753-3521044555-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Guillermo\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)

      Chrome:
      =======
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

      (Continua)

    5. #5
      Usuario Avatar de gl2101
      Registrado
      dic 2009
      Ubicación
      Barcelona
      Mensajes
      56

      re: Resultado HijackThis (Terminado)

      (Continuación)

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S4 ABBYY.Licensing.FineReader.Corporate.12.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\12.00\Licensing\CE\NetworkLicenseServer.exe [964848 2015-11-30] (ABBYY Production LLC)
      S3 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [224176 2010-11-19] ()
      S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
      S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
      R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
      R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2017-12-21] (AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-21] (AVAST Software)
      R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
      R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
      R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
      R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
      R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
      S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
      S4 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2012-12-30] (Microsoft Corporation)
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
      S3 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [869672 2007-12-03] (Nero AG)
      R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
      S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [447784 2007-12-13] (Nero AG)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
      R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
      R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [198792 2017-10-30] (Sandboxie Holdings, LLC)
      R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
      R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
      R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
      S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
      S3 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
      R2 VRLService; C:\Program Files\Chaos Group\VRLService\OLS/vrol.exe [6520832 2017-10-29] (Chaos Software Ltd.) [File not signed]
      R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe [90176 2017-10-29] ()
      S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
      S2 ews-dbserver; C:\Program Files (x86)\EasyPHP-Webserver-14.1b2\binaries\dbserver\bin\ews-mysqld.exe ews-dbserver [X]
      R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2013-10-12] (AnvSoft Inc.)
      R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
      R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2017-12-21] (AVAST Software)
      R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2017-12-21] (AVAST Software)
      R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2017-12-21] (AVAST Software)
      R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2017-12-21] (AVAST Software)
      R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2017-12-21] (AVAST Software)
      R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2017-12-21] (AVAST Software)
      S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2017-12-21] (AVAST Software)
      R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-01] (AVAST Software)
      R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-12] (AVAST Software)
      R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2017-12-21] (AVAST Software)
      R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2017-12-21] (AVAST Software)
      R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2017-12-21] (AVAST Software)
      R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-12] (AVAST Software)
      R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2017-12-21] (AVAST Software)
      R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2017-12-21] (AVAST Software)
      S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
      S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-12-17] ()
      R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-04-30] (Glarysoft Ltd)
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-01-01] (Malwarebytes)
      R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [110016 2018-01-23] (Malwarebytes)
      R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [46008 2018-01-23] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-23] (Malwarebytes)
      R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [94144 2018-01-23] (Malwarebytes)
      R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
      R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
      S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
      S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
      S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()
      S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] () [File not signed]
      S3 rspWhySoSlow; C:\Windows\System32\DRIVERS\rspWhy64.sys [27904 2015-08-10] (Resplendence Software Projects Sp.)
      R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [209544 2017-10-30] (Sandboxie Holdings, LLC)
      S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [41512 2017-12-07] ()
      R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
      U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
      R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [200832 2017-12-18] (Oracle Corporation)
      R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [211704 2017-12-18] (Oracle Corporation)
      S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [144632 2017-12-18] (Oracle Corporation)
      S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
      S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
      S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
      S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-01-23 18:20 - 2018-01-23 18:22 - 000034692 _____ C:\Users\Guillermo\Desktop\FRST.txt
      2018-01-23 18:19 - 2018-01-23 18:20 - 000000000 ____D C:\FRST
      2018-01-23 16:21 - 2018-01-23 16:21 - 002393088 _____ (Farbar) C:\Users\Guillermo\Desktop\FRST64.exe
      2018-01-21 14:05 - 2018-01-21 14:05 - 000000000 ____D C:\Users\Guillermo\AppData\LocalLow\Nitro
      2018-01-20 17:06 - 2018-01-20 17:06 - 000001962 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro.lnk
      2018-01-20 17:06 - 2018-01-20 17:06 - 000001950 _____ C:\Users\Public\Desktop\Nitro Pro.lnk
      2018-01-20 17:06 - 2018-01-20 17:06 - 000000000 ____D C:\Program Files\Common Files\Nitro
      2018-01-20 17:06 - 2018-01-06 01:52 - 000749664 _____ (Nitro Software, Inc.) C:\Windows\system32\NxPrinterMonitor11.dll
      2018-01-20 17:06 - 2018-01-06 01:52 - 000131168 _____ (Nitro Software, Inc.) C:\Windows\system32\NxPrinterMonitorUI11.dll
      2018-01-20 17:05 - 2018-01-20 17:05 - 000000000 ____D C:\Users\Guillermo\AppData\Local\Downloaded Installations
      2018-01-20 10:32 - 2018-01-20 10:32 - 000000000 ____D C:\ProgramData\Caphyon
      2018-01-17 18:51 - 2017-12-15 03:03 - 000059240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
      2018-01-11 18:44 - 2018-01-23 18:07 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2018-01-11 16:52 - 2018-01-11 16:52 - 002529622 _____ C:\Users\Guillermo\AppData\Local\[j0003]-[p06].bmp
      2018-01-11 16:51 - 2018-01-11 16:51 - 002529622 _____ C:\Users\Guillermo\AppData\Local\[j0002]-[p06].bmp
      2018-01-10 19:23 - 2018-01-10 19:23 - 002529622 _____ C:\Users\Guillermo\AppData\Local\[j0005]-[p04].bmp
      2018-01-10 17:03 - 2018-01-10 17:03 - 000006382 _____ C:\Users\Guillermo\Documents\cc_20180110_170259.reg
      2018-01-10 16:35 - 2017-10-04 09:21 - 000029352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
      2018-01-10 16:35 - 2017-10-04 09:21 - 000019088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
      2018-01-10 16:35 - 2017-10-04 04:45 - 000030888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
      2018-01-10 16:35 - 2017-10-04 04:45 - 000019088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
      2018-01-09 16:32 - 2018-01-02 09:00 - 000590680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
      2018-01-09 16:32 - 2018-01-02 09:00 - 000242520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
      2018-01-09 16:32 - 2018-01-02 09:00 - 000214392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
      2018-01-09 16:32 - 2018-01-02 08:56 - 002530400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
      2018-01-09 16:32 - 2018-01-02 08:56 - 000567656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
      2018-01-09 16:32 - 2018-01-02 08:56 - 000397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
      2018-01-09 16:32 - 2018-01-02 08:56 - 000136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
      2018-01-09 16:32 - 2018-01-02 07:39 - 022374248 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2018-01-09 16:32 - 2018-01-02 07:39 - 007408984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2018-01-09 16:32 - 2018-01-02 07:39 - 002013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2018-01-09 16:32 - 2018-01-02 07:39 - 000418648 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
      2018-01-09 16:32 - 2018-01-02 07:39 - 000354648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
      2018-01-09 16:32 - 2018-01-02 07:38 - 002176064 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
      2018-01-09 16:32 - 2018-01-02 07:38 - 001662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
      2018-01-09 16:32 - 2018-01-02 07:38 - 001063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
      2018-01-09 16:32 - 2018-01-02 07:37 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2018-01-09 16:32 - 2018-01-02 07:37 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2018-01-09 16:32 - 2018-01-02 07:37 - 001536120 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
      2018-01-09 16:32 - 2018-01-02 07:37 - 001500432 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
      2018-01-09 16:32 - 2018-01-02 07:37 - 001371352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
      2018-01-09 16:32 - 2018-01-02 07:37 - 001135280 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2018-01-09 16:32 - 2018-01-02 07:37 - 000685440 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2018-01-09 16:32 - 2018-01-02 07:35 - 001307840 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
      2018-01-09 16:32 - 2018-01-02 07:35 - 000989528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
      2018-01-09 16:32 - 2018-01-02 07:05 - 000164296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
      2018-01-09 16:32 - 2018-01-02 07:03 - 025739264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2018-01-09 16:32 - 2018-01-02 07:03 - 000341384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
      2018-01-09 16:32 - 2018-01-02 07:01 - 001902328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
      2018-01-09 16:32 - 2018-01-02 07:00 - 019790760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
      2018-01-09 16:32 - 2018-01-02 06:59 - 001565520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
      2018-01-09 16:32 - 2018-01-02 06:59 - 001213784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
      2018-01-09 16:32 - 2018-01-02 06:58 - 001502000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
      2018-01-09 16:32 - 2018-01-02 06:48 - 000507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2018-01-09 16:32 - 2018-01-02 06:40 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
      2018-01-09 16:32 - 2018-01-02 06:39 - 000686080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2018-01-09 16:32 - 2018-01-02 06:39 - 000402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
      2018-01-09 16:32 - 2018-01-02 06:39 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
      2018-01-09 16:32 - 2018-01-02 06:39 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
      2018-01-09 16:32 - 2018-01-02 06:38 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
      2018-01-09 16:32 - 2018-01-02 06:38 - 000445952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
      2018-01-09 16:32 - 2018-01-02 06:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
      2018-01-09 16:32 - 2018-01-02 06:38 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2018-01-09 16:32 - 2018-01-02 06:38 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
      2018-01-09 16:32 - 2018-01-02 06:38 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
      2018-01-09 16:32 - 2018-01-02 06:38 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
      2018-01-09 16:32 - 2018-01-02 06:37 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
      2018-01-09 16:32 - 2018-01-02 06:37 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
      2018-01-09 16:32 - 2018-01-02 06:34 - 000360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
      2018-01-09 16:32 - 2018-01-02 06:31 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
      2018-01-09 16:32 - 2018-01-02 06:30 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
      2018-01-09 16:32 - 2018-01-02 06:28 - 005796352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2018-01-09 16:32 - 2018-01-02 06:28 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2018-01-09 16:32 - 2018-01-02 06:28 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
      2018-01-09 16:32 - 2018-01-02 06:28 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
      2018-01-09 16:32 - 2018-01-02 06:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
      2018-01-09 16:32 - 2018-01-02 06:20 - 020275200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2018-01-09 16:32 - 2018-01-02 06:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
      2018-01-09 16:32 - 2018-01-02 06:18 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
      2018-01-09 16:32 - 2018-01-02 06:17 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
      2018-01-09 16:32 - 2018-01-02 06:17 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
      2018-01-09 16:32 - 2018-01-02 06:16 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2018-01-09 16:32 - 2018-01-02 06:09 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
      2018-01-09 16:32 - 2018-01-02 06:06 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
      2018-01-09 16:32 - 2018-01-02 06:02 - 000862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2018-01-09 16:32 - 2018-01-02 05:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
      2018-01-09 16:32 - 2018-01-02 05:59 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
      2018-01-09 16:32 - 2018-01-02 05:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
      2018-01-09 16:32 - 2018-01-02 05:56 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
      2018-01-09 16:32 - 2018-01-02 05:54 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
      2018-01-09 16:32 - 2018-01-02 05:53 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
      2018-01-09 16:32 - 2018-01-02 05:52 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2018-01-09 16:32 - 2018-01-02 05:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
      2018-01-09 16:32 - 2018-01-02 05:49 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
      2018-01-09 16:32 - 2018-01-02 05:48 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
      2018-01-09 16:32 - 2018-01-02 05:45 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
      2018-01-09 16:32 - 2018-01-02 05:44 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2018-01-09 16:32 - 2018-01-02 05:44 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
      2018-01-09 16:32 - 2018-01-02 05:43 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
      2018-01-09 16:32 - 2018-01-02 05:42 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
      2018-01-09 16:32 - 2018-01-02 05:42 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
      2018-01-09 16:32 - 2018-01-02 05:41 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
      2018-01-09 16:32 - 2018-01-02 05:40 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
      2018-01-09 16:32 - 2018-01-02 05:40 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
      2018-01-09 16:32 - 2018-01-02 05:40 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
      2018-01-09 16:32 - 2018-01-02 05:38 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
      2018-01-09 16:32 - 2018-01-02 05:37 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
      2018-01-09 16:32 - 2018-01-02 05:34 - 001217536 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
      2018-01-09 16:32 - 2018-01-02 05:34 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
      2018-01-09 16:32 - 2018-01-02 05:33 - 001080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
      2018-01-09 16:32 - 2018-01-02 05:33 - 000845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
      2018-01-09 16:32 - 2018-01-02 05:33 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
      2018-01-09 16:32 - 2018-01-02 05:32 - 000571392 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
      2018-01-09 16:32 - 2018-01-02 05:29 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
      2018-01-09 16:32 - 2018-01-02 05:29 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
      2018-01-09 16:32 - 2018-01-02 05:27 - 001696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
      2018-01-09 16:32 - 2018-01-02 05:27 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
      2018-01-09 16:32 - 2018-01-02 05:26 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2018-01-09 16:32 - 2018-01-02 05:25 - 000795648 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
      2018-01-09 16:32 - 2018-01-02 05:25 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
      2018-01-09 16:32 - 2018-01-02 05:25 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
      2018-01-09 16:32 - 2018-01-02 05:23 - 004508160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2018-01-09 16:32 - 2018-01-02 05:23 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
      2018-01-09 16:32 - 2018-01-02 05:22 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
      2018-01-09 16:32 - 2018-01-02 05:22 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
      2018-01-09 16:32 - 2018-01-02 05:21 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
      2018-01-09 16:32 - 2018-01-02 05:20 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2018-01-09 16:32 - 2018-01-02 05:18 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
      2018-01-09 16:32 - 2018-01-02 05:18 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
      2018-01-09 16:32 - 2018-01-02 05:17 - 001547264 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
      2018-01-09 16:32 - 2018-01-02 05:17 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
      2018-01-09 16:32 - 2018-01-02 05:17 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
      2018-01-09 16:32 - 2018-01-02 05:17 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
      2018-01-09 16:32 - 2018-01-02 05:16 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
      2018-01-09 16:32 - 2018-01-02 05:16 - 000881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
      2018-01-09 16:32 - 2018-01-02 05:16 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
      2018-01-09 16:32 - 2018-01-02 05:16 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
      2018-01-09 16:32 - 2018-01-02 05:15 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
      2018-01-09 16:32 - 2018-01-02 05:13 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
      2018-01-09 16:32 - 2018-01-02 05:11 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
      2018-01-09 16:32 - 2018-01-02 05:11 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
      2018-01-09 16:32 - 2018-01-02 05:09 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
      2018-01-09 16:32 - 2018-01-02 05:09 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
      2018-01-09 16:32 - 2018-01-02 05:09 - 000543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
      2018-01-09 16:32 - 2018-01-02 05:08 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
      2018-01-09 16:32 - 2018-01-02 05:07 - 001265664 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
      2018-01-09 16:32 - 2018-01-02 05:07 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
      2018-01-09 16:32 - 2018-01-02 05:06 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
      2018-01-09 16:32 - 2018-01-02 05:05 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
      2018-01-09 16:32 - 2018-01-02 05:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
      2018-01-09 16:32 - 2018-01-02 04:59 - 000177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
      2018-01-09 16:32 - 2018-01-02 04:58 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2018-01-09 16:32 - 2018-01-02 04:57 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
      2018-01-09 16:32 - 2018-01-02 04:56 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
      2018-01-09 16:32 - 2018-01-02 04:55 - 003548160 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
      2018-01-09 16:32 - 2018-01-02 04:54 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
      2018-01-09 16:32 - 2018-01-02 04:53 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
      2018-01-09 16:32 - 2017-12-29 09:21 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
      2018-01-09 16:32 - 2017-12-15 00:26 - 000374096 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
      2018-01-09 16:32 - 2017-12-14 22:39 - 000315736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
      2018-01-09 16:32 - 2017-12-14 11:19 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
      2018-01-09 16:32 - 2017-12-14 11:17 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
      2018-01-09 16:32 - 2017-12-10 14:59 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
      2018-01-09 16:32 - 2017-12-10 14:58 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
      2018-01-09 16:32 - 2017-12-10 14:46 - 007079424 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
      2018-01-09 16:32 - 2017-12-10 14:24 - 005275136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
      2018-01-09 16:32 - 2017-12-10 14:06 - 007797760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
      2018-01-09 16:32 - 2017-12-10 13:59 - 005270528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
      2018-01-09 16:32 - 2017-12-06 05:42 - 002452816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2018-01-09 16:32 - 2017-12-05 17:58 - 004168192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2018-01-09 16:32 - 2014-10-29 03:42 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
      2018-01-09 16:32 - 2014-10-29 03:36 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
      2018-01-09 16:32 - 2014-10-29 02:54 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
      2018-01-09 16:32 - 2014-10-29 02:53 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
      2018-01-09 16:32 - 2014-10-29 02:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
      2018-01-09 16:32 - 2014-10-29 02:26 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
      2018-01-09 16:32 - 2014-10-29 02:26 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
      2018-01-09 16:32 - 2014-10-29 02:24 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
      2018-01-09 16:32 - 2014-10-29 02:05 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
      2018-01-07 20:22 - 2018-01-07 20:22 - 000001878 _____ C:\Users\Guillermo\Desktop\Kodi.lnk
      2018-01-07 19:36 - 2018-01-13 17:24 - 000000000 ____D C:\Users\Guillermo\AppData\Roaming\Kodi
      2018-01-07 19:35 - 2018-01-07 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
      2018-01-07 19:35 - 2018-01-07 19:35 - 000000000 ____D C:\Program Files (x86)\Kodi
      2018-01-07 16:22 - 2018-01-07 16:22 - 000001099 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
      2018-01-07 16:22 - 2018-01-07 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
      2018-01-06 11:34 - 2018-01-06 11:34 - 000000000 ____D C:\NoBot
      2018-01-05 16:54 - 2018-01-05 16:54 - 000000000 ____D C:\Users\Guillermo\AppData\Local\CrystalDiskMark5
      2018-01-01 13:17 - 2018-01-01 13:17 - 000001945 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
      2018-01-01 13:15 - 2017-12-21 17:07 - 000365680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      2017-12-31 17:35 - 2017-12-31 17:35 - 000000000 ____D C:\Users\Guillermo\Documents\MEGAsync
      2017-12-31 13:51 - 2017-12-31 13:51 - 000000000 ____D C:\Users\Guillermo\AppData\Local\BootRacer
      2017-12-31 13:46 - 2017-12-31 13:48 - 000004096 _____ C:\Users\Public\Documents\bootracer.his
      2017-12-31 13:44 - 2018-01-01 13:03 - 000000000 ____D C:\Program Files (x86)\BootRacer
      2017-12-31 13:44 - 2017-12-31 13:48 - 000000000 ____D C:\ProgramData\BootRacer
      2017-12-29 14:25 - 2017-12-29 14:25 - 000000218 _____ C:\Users\Guillermo\AppData\Local\recently-used.xbel

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-01-23 18:21 - 2016-11-15 18:25 - 000000000 ____D C:\Users\Guillermo\AppData\LocalLow\Mozilla
      2018-01-23 18:18 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
      2018-01-23 17:26 - 2014-07-03 13:11 - 004556288 ___SH C:\Users\Guillermo\Desktop\Thumbs.db
      2018-01-23 17:18 - 2014-06-04 19:13 - 000000960 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003UA.job
      2018-01-23 17:16 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness
      2018-01-23 16:53 - 2015-08-02 12:07 - 000000000 ____D C:\Users\Guillermo\AppData\Local\ClassicShell
      2018-01-23 16:12 - 2014-08-02 08:47 - 000000000 ____D C:\Users\Guillermo\AppData\Local\Adobe
      2018-01-23 16:12 - 2014-05-07 18:46 - 000000000 ____D C:\ProgramData\NVIDIA
      2018-01-23 16:03 - 2017-12-14 17:00 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2018-01-23 16:03 - 2017-12-14 17:00 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2018-01-23 16:03 - 2017-12-14 17:00 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2018-01-23 16:01 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-01-22 20:18 - 2014-06-04 19:13 - 000000938 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003Core.job
      2018-01-22 16:16 - 2017-11-17 21:37 - 000003196 _____ C:\Windows\System32\Tasks\HPCeeScheduleForGuillermo
      2018-01-22 16:16 - 2017-11-17 21:37 - 000000374 _____ C:\Windows\Tasks\HPCeeScheduleForGuillermo.job
      2018-01-22 15:56 - 2014-05-07 19:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2018-01-21 19:41 - 2016-05-26 16:40 - 001130496 _____ C:\Users\Guillermo\Documents\Alumnos.accdb
      2018-01-21 19:41 - 2015-05-26 20:37 - 000007909 _____ C:\Users\Guillermo\Documents\Menu Settings.xml
      2018-01-21 14:25 - 2014-05-07 19:45 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1594238518-2351825753-3521044555-1003
      2018-01-21 14:07 - 2014-05-22 16:06 - 000000000 ___RD C:\Users\Guillermo\Desktop\Iconos escritorio
      2018-01-21 13:02 - 2017-01-28 14:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2018-01-21 13:02 - 2014-05-07 19:07 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
      2018-01-21 12:52 - 2017-03-19 18:56 - 000001235 _____ C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Nitro Pro.lnk
      2018-01-20 18:45 - 2017-10-25 16:50 - 000003872 _____ C:\Windows\System32\Tasks\CCleaner Update
      2018-01-20 18:45 - 2017-09-27 15:32 - 000003230 _____ C:\Windows\System32\Tasks\klcp_update
      2018-01-20 18:45 - 2017-09-08 17:36 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2018-01-20 18:45 - 2017-09-08 17:36 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2018-01-20 18:45 - 2017-09-08 17:36 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2018-01-20 18:45 - 2017-09-08 17:36 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2018-01-20 18:45 - 2017-09-08 17:36 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2018-01-20 18:45 - 2017-09-08 17:36 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2018-01-20 18:45 - 2017-09-08 17:36 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2018-01-20 18:45 - 2017-09-08 17:36 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
      2018-01-20 18:45 - 2017-02-14 17:33 - 000002806 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
      2018-01-20 18:45 - 2016-07-30 13:28 - 000003908 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1469881689
      2018-01-20 18:45 - 2016-06-06 19:56 - 000004168 _____ C:\Windows\System32\Tasks\Malwarebytes antimalware
      2018-01-20 18:45 - 2016-02-18 16:10 - 000003718 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003UA
      2018-01-20 18:45 - 2016-02-18 16:10 - 000003446 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003Core
      2018-01-20 18:45 - 2015-12-03 15:56 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
      2018-01-20 18:45 - 2015-06-18 16:06 - 000003806 _____ C:\Windows\System32\Tasks\GlaryOneClickOptimizer 5
      2018-01-20 18:45 - 2015-04-11 17:17 - 000004038 _____ C:\Windows\System32\Tasks\Glary utilities
      2018-01-20 18:45 - 2015-04-07 17:14 - 000003320 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
      2018-01-20 18:45 - 2015-04-07 17:14 - 000002988 _____ C:\Windows\System32\Tasks\GU5SkipUAC
      2018-01-20 18:45 - 2014-12-23 17:44 - 000004038 _____ C:\Windows\System32\Tasks\Ejecutar spybot Search&Destroy
      2018-01-20 18:45 - 2014-06-04 19:13 - 000003816 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003UA
      2018-01-20 18:45 - 2014-06-04 19:13 - 000003466 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003Core
      2018-01-20 18:45 - 2014-05-23 19:32 - 000003532 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
      2018-01-20 18:45 - 2014-05-23 19:32 - 000003404 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
      2018-01-20 18:45 - 2014-05-07 00:03 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1594238518-2351825753-3521044555-1001
      2018-01-20 17:59 - 2016-10-18 16:13 - 000000000 ____D C:\Program Files (x86)\Utilidades sencillas
      2018-01-20 17:47 - 2017-11-25 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2018-01-20 17:47 - 2014-06-14 09:12 - 000000000 ____D C:\ProgramData\Oracle
      2018-01-20 17:46 - 2017-11-25 15:05 - 000097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
      2018-01-20 17:46 - 2017-09-22 16:19 - 000000000 ____D C:\Program Files (x86)\Java
      2018-01-20 17:06 - 2015-06-07 20:03 - 000000000 ____D C:\Program Files\Nitro
      2018-01-20 17:06 - 2014-05-22 07:54 - 000000000 ____D C:\Program Files (x86)\Nitro
      2018-01-20 14:10 - 2014-06-12 17:25 - 000000000 ____D C:\Users\Guillermo\AppData\Local\CrashDumps
      2018-01-19 19:17 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
      2018-01-19 16:45 - 2014-05-21 19:40 - 000000000 ____D C:\Users\Guillermo\AppData\Local\MEGAsync
      2018-01-18 15:55 - 2014-05-07 18:46 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2018-01-17 21:04 - 2014-10-24 17:59 - 000000000 ____D C:\wifidata
      2018-01-17 20:48 - 2014-12-27 10:25 - 000000000 ____D C:\Users\Guillermo\AppData\Roaming\vlc
      2018-01-17 18:52 - 2014-05-07 18:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
      2018-01-17 18:51 - 2014-05-07 18:45 - 000000000 ____D C:\Program Files\NVIDIA Corporation
      2018-01-16 18:47 - 2013-08-22 14:25 - 000524288 ___SH C:\Windows\system32\config\BBI
      2018-01-16 17:39 - 2014-11-25 20:08 - 000000000 ____D C:\Program Files\CCleaner
      2018-01-15 20:24 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
      2018-01-12 17:36 - 2014-05-11 19:52 - 000000000 ____D C:\Users\Guillermo\AppData\Roaming\Skype
      2018-01-12 15:59 - 2016-07-30 13:26 - 000457896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2018-01-12 15:59 - 2016-07-30 13:26 - 000146648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2018-01-11 18:18 - 2017-10-30 17:03 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
      2018-01-11 18:18 - 2015-04-07 17:14 - 000001103 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
      2018-01-11 18:18 - 2015-04-07 17:14 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
      2018-01-11 16:44 - 2014-06-18 12:26 - 000000000 ____D C:\ProgramData\Package Cache
      2018-01-11 16:39 - 2014-05-07 18:50 - 000000000 ____D C:\ProgramData\Intel
      2018-01-11 16:36 - 2014-05-07 18:50 - 000000000 ____D C:\Program Files\Intel
      2018-01-11 16:00 - 2017-02-15 17:31 - 005291000 _____ C:\Windows\system32\FNTCACHE.DAT
      2018-01-10 18:53 - 2014-05-07 00:00 - 001944824 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-01-10 18:53 - 2013-08-23 00:34 - 000848860 _____ C:\Windows\system32\perfh00A.dat
      2018-01-10 18:53 - 2013-08-23 00:34 - 000184820 _____ C:\Windows\system32\perfc00A.dat
      2018-01-10 17:09 - 2017-02-14 16:58 - 000168168 _____ C:\Users\Guillermo\AppData\Local\GDIPFONTCACHEV1.DAT
      2018-01-10 17:05 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
      2018-01-10 16:48 - 2014-05-08 20:24 - 000000000 ____D C:\Windows\system32\MRT
      2018-01-10 16:44 - 2017-10-11 15:23 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
      2018-01-10 16:43 - 2014-05-08 20:24 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2018-01-10 16:43 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2018-01-10 16:43 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed
      2018-01-10 15:33 - 2017-09-08 17:36 - 002425656 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
      2018-01-10 15:33 - 2017-09-08 17:36 - 002090800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
      2018-01-10 15:33 - 2017-09-08 17:36 - 001310008 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
      2018-01-10 10:41 - 2017-09-08 17:36 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
      2018-01-09 16:35 - 2013-08-22 16:36 - 000000000 ___RD C:\Windows\ToastData
      2018-01-07 16:34 - 2014-07-16 09:54 - 000000000 ____D C:\Users\Guillermo\.VirtualBox
      2018-01-07 10:34 - 2015-11-13 19:59 - 000110592 ___SH C:\Users\Guillermo\Downloads\Thumbs.db
      2018-01-06 11:50 - 2016-05-23 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilidades sencillas
      2018-01-02 16:53 - 2014-05-09 16:49 - 000007604 _____ C:\Users\Guillermo\AppData\Local\Resmon.ResmonCfg
      2018-01-01 19:33 - 2017-12-14 17:00 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2018-01-01 13:27 - 2014-11-19 23:15 - 000000000 ____D C:\Windows\pss
      2018-01-01 13:16 - 2017-02-08 07:28 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
      2018-01-01 13:05 - 2014-05-07 19:40 - 000000000 ____D C:\Users\Guillermo
      2018-01-01 13:03 - 2017-02-14 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2018-01-01 13:03 - 2016-06-09 19:50 - 000000000 ____D C:\Program Files (x86)\Pro Pinball - Timeshock
      2018-01-01 13:03 - 2015-05-12 20:22 - 000000000 ____D C:\Users\Guillermo\AppData\Roaming\Feedreader
      2018-01-01 13:03 - 2014-06-18 19:25 - 000000000 ____D C:\Users\Administrador
      2018-01-01 13:03 - 2014-06-06 22:50 - 000000000 ____D C:\Program Files (x86)\SimCity 4 Deluxe Edition
      2018-01-01 13:03 - 2014-05-30 19:14 - 000000000 ____D C:\ProgramData\ClassicShell
      2018-01-01 13:03 - 2014-05-08 17:10 - 000000000 ____D C:\Users\Guillermo\AppData\Local\Microsoft Help
      2018-01-01 12:56 - 2014-05-12 19:03 - 000000000 ____D C:\Users\Guillermo\AppData\Roaming\Nitro
      2018-01-01 12:56 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\registration
      2018-01-01 11:54 - 2015-08-02 13:32 - 000000000 ____D C:\Users\Administrador\AppData\Local\ClassicShell
      2018-01-01 11:52 - 2014-06-18 19:25 - 000000000 ____D C:\Users\Administrador\AppData\Local\NVIDIA Corporation
      2017-12-29 14:24 - 2016-12-10 13:24 - 000000000 ____D C:\Users\Guillermo\AppData\Roaming\deluge
      2017-12-27 12:38 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
      2017-12-27 12:00 - 2016-03-13 20:19 - 000000000 ____D C:\Users\Guillermo\AppData\Local\NitroSpoolDir

      ==================== Files in the root of some directories =======

      2015-09-14 16:44 - 2015-12-07 20:04 - 004143800 _____ (NesterSoft Inc.) C:\Program Files\SpyDetectFree64.exe
      2015-05-27 19:45 - 2017-02-17 18:32 - 000002298 _____ () C:\Users\Guillermo\AppData\Roaming\ASSDraw3.cfg
      2014-11-23 21:41 - 2014-11-23 21:41 - 002265009 _____ () C:\Users\Guillermo\AppData\Local\Inspiration.chm
      2014-06-23 17:26 - 2017-11-16 17:44 - 000000173 _____ () C:\Users\Guillermo\AppData\Local\msmathematics.qat.Guillermo
      2017-12-29 14:25 - 2017-12-29 14:25 - 000000218 _____ () C:\Users\Guillermo\AppData\Local\recently-used.xbel
      2014-05-09 16:49 - 2018-01-02 16:53 - 000007604 _____ () C:\Users\Guillermo\AppData\Local\Resmon.ResmonCfg
      2018-01-11 16:51 - 2018-01-11 16:51 - 002529622 _____ () C:\Users\Guillermo\AppData\Local\[j0002]-[p06].bmp
      2017-10-06 15:58 - 2017-10-06 15:58 - 002529622 _____ () C:\Users\Guillermo\AppData\Local\[j0002]-[p08].bmp
      2017-06-15 17:48 - 2017-06-15 17:48 - 002529622 _____ () C:\Users\Guillermo\AppData\Local\[j0002]-[p16].bmp
      2018-01-11 16:52 - 2018-01-11 16:52 - 002529622 _____ () C:\Users\Guillermo\AppData\Local\[j0003]-[p06].bmp
      2017-11-17 16:24 - 2017-11-17 16:24 - 002529622 _____ () C:\Users\Guillermo\AppData\Local\[j0004]-[p06].bmp
      2018-01-10 19:23 - 2018-01-10 19:23 - 002529622 _____ () C:\Users\Guillermo\AppData\Local\[j0005]-[p04].bmp
      2016-12-10 10:51 - 2016-12-10 10:51 - 002529622 _____ () C:\Users\Guillermo\AppData\Local\[j0006]-[p04].bmp

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2018-01-19 17:27

      ==================== End of FRST.txt ============================

    6. #6
      Usuario Avatar de gl2101
      Registrado
      dic 2009
      Ubicación
      Barcelona
      Mensajes
      56

      re: Resultado HijackThis (Terminado)

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
      Ran by Guillermo (23-01-2018 18:23:02)
      Running from C:\Users\Guillermo\Desktop
      Windows 8.1 (Update) (X64) (2014-05-06 22:57:50)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-1594238518-2351825753-3521044555-500 - Administrator - Enabled) => C:\Users\Administrador
      Guillermo (S-1-5-21-1594238518-2351825753-3521044555-1003 - Administrator - Enabled) => C:\Users\Guillermo
      HomeGroupUser$ (S-1-5-21-1594238518-2351825753-3521044555-1005 - Limited - Enabled)
      Invitado (S-1-5-21-1594238518-2351825753-3521044555-501 - Limited - Enabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
      AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
      7thShare Card Data Recovery version 1.3.1.8 (HKLM-x32\...\{7thShareCardRecovery}_is1) (Version: 1.3.1.8 - Best Video Converter, Blu-ray & DVD Ripper, Card Data Recovery)
      ABBYY FineReader 12 Corporate (HKLM-x32\...\{F12000CE-0001-0000-0000-074957833700}) (Version: 12.1.609 - ABBYY Production LLC)
      Able2Extract Professional 8.0 (HKLM-x32\...\{C894CC24-0DEC-4340-BCC9-DD4310DF3BED}_is1) (Version: 8.0 - Investintech.com Inc.)
      Abrosoft FantaMorph 5.4.8 (HKLM-x32\...\Abrosoft FantaMorph 5_is1) (Version: 5.4.8 - Abrosoft)
      ACD/Labs 2016 Freeware in C:\Program Files (x86)\ACD2016FREE\ (HKLM-x32\...\ACDLabs in C__Program_Files_(x86)_ACD2016FREE_) (Version: v14.00, FREE - ACD/Labs)
      Active Directory Authentication Library for SQL Server (HKLM\...\{E646D196-A17B-4F14-BE7B-F774527FE5E0}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
      Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{44DC843A-C591-4064-BE1F-2BDC177AF50C}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
      Actualización de NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
      Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated)
      Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
      Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.2 - Adobe Systems Incorporated)
      Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
      Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1.1 - Adobe Systems Incorporated)
      Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
      Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
      Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
      AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.)
      Amazon Kindle (HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
      Apple Application Support (32 bits) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
      Apple Application Support (64 bits) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
      Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
      Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
      Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
      Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
      Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
      AVI ReComp 1.5.6 (HKLM-x32\...\AVI ReComp) (Version: 1.5.6 - Mateusz Gola (aka Prozac))
      AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version: - )
      Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
      B110 (HKLM-x32\...\{CC2917EA-96EC-41D1-9756-760C32AF6F12}) (Version: 140.0.353.000 - Hewlett-Packard) Hidden
      Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
      Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
      BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
      Build Tools Language Resources - amd64 (HKLM\...\{6618DB5E-8788-46E1-94F4-9F1C0FC075BD}) (Version: 12.0.31010 - Microsoft Corporation) Hidden
      Build Tools Language Resources - x86 (HKLM-x32\...\{772590BC-E61B-4080-B9D5-A71497612F36}) (Version: 12.0.31010 - Microsoft Corporation) Hidden
      calibre 64bit (HKLM\...\{F2F685F3-1366-4EE2-AE6A-0DDC4DFAE21E}) (Version: 3.13.0 - Kovid Goyal)
      CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
      Camtasia 9 (HKLM\...\{B8A4CB7E-7F5B-484F-A127-E4431000EDCE}) (Version: 9.0.4.1948 - TechSmith Corporation) Hidden
      Camtasia 9 (HKLM-x32\...\{5957dd25-bb4e-4234-9dc0-b3e10a70f636}) (Version: 9.0.4.1948 - TechSmith Corporation)
      Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
      Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)
      Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)
      Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
      Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
      Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)
      Cartes du Ciel V3.10 (HKLM-x32\...\{A261F28E-6053-4414-9B84-AA8FE5F47AD4}_is1) (Version: - )
      CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
      CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
      Celestia 1.6.1 (HKLM-x32\...\Celestia_is1) (Version: - Shatters Software)
      Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
      Client Activator 2.0 - English (HKLM-x32\...\Rainbow Client Activator 2.0 English) (Version: - )
      Colin McRae Rally Remastered (HKLM-x32\...\Colin McRae Rally Remastered_is1) (Version: - )
      Collins Master Dictionary (HKLM-x32\...\{AB8F9BA0-D552-4644-B22B-B594E9A7DB88}) (Version: 1.01.0000 - RHM)
      Complemento Microsoft Report Viewer para Visual Studio 2015 (HKLM-x32\...\{83469E93-6C9B-46F9-9EC7-B9C4D2787321}) (Version: 12.0.2402.20 - Microsoft Corporation) Hidden
      Construïm Digital (HKLM-x32\...\Construïm Digital 1.2) (Version: 1.2 - Cruïlla)
      Copia de seguridad de carpetas personales de Microsoft Office (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
      CrystalMaker Demo for Windows 2.7.0 (HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\CrystalMaker Demo) (Version: 2.7.0 - CrystalMaker Software Ltd)
      D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version: - )
      Derive 6 - Evaluación (HKLM-x32\...\Derive 6 - Evaluación) (Version: 6.1 - Texas Instruments Incorporated)
      Descargar de TV3 versión 1.4 (HKLM-x32\...\{250CC799-6AA0-4F58-8F08-14498F6868FD}_is1) (Version: 1.4 - Televisión a la carta)
      Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
      DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
      D-Fend Reloaded 1.3.6 (desinstalar) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.4 - Alexander Herzog)
      Diseñador de XAML de Microsoft Visual Studio 2015 - ESN (HKLM-x32\...\{24F3BAF1-9522-35ED-A756-386141FD1267}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
      Dotfuscator and Analytics Community Edition 5.19.1 (HKLM-x32\...\{2A7F99F6-88A4-4B44-B350-41C0B147A39C}) (Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
      DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink Instal)
      eMule (HKLM-x32\...\eMule) (Version: - )
      Ensamblados de Windows Phone SDK 8.0 - esn (HKLM-x32\...\{4704E9DE-BAFC-32EE-AE78-D7A19D5868CB}) (Version: 11.0.60610 - Microsoft Corporation) Hidden
      Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
      ePUBee DRM Removal (HKLM-x32\...\ePUBee DRM Removal) (Version: 3.1.5.1 - ePUBee Inc.)
      erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
      ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
      Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
      FeedReader (HKLM-x32\...\FeedReader_is1) (Version: - i-Systems Inc.)
      FFmpeg (Windows) for Audacity versión 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
      FileZilla Client 3.29.0 (HKLM-x32\...\FileZilla Client) (Version: 3.29.0 - Tim Kosse)
      Free Video Converter V 3.2 (HKLM-x32\...\Free Video Converter_is1) (Version: 3.2.0.0 - Koyote Soft)
      FreeFileSync 9.6 (HKLM-x32\...\FreeFileSync_is1) (Version: 9.6 - FreeFileSync.org)
      G Suite Migration For Microsoft Outlook® 4.0.114.0 (HKLM-x32\...\{21AA6D39-6003-49C6-A9B1-94D9BEB78C2C}) (Version: 4.0.114.0 - Google, Inc.)
      G Suite Sync™ for Microsoft Outlook® 4.0.9.0 (HKLM-x32\...\{68DB6985-7635-4D55-8C56-C20BDC624E14}) (Version: 4.0.9.0 - Google, Inc.)
      Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Glary Utilities PRO 5.91 (HKLM-x32\...\Glary Utilities 5) (Version: 5.91.0.112 - Glarysoft Ltd)
      Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
      Google Photos Backup (HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
      GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
      gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
      Herramientas de diagnóstico para Microsoft Visual Studio 2015 Update 2 - ESN (HKLM-x32\...\{26ABCBF9-3856-4CBD-AD7D-381C4438F6D5}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
      Herramientas de diagnóstico para Microsoft Visual Studio 2015 Update 2 - ESN (HKLM-x32\...\{613EFD82-11BA-41BF-AA2D-9A86DAAAFC27}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
      Herramientas de recopilación de rendimiento de Microsoft Visual Studio 2015 - ESN (HKLM\...\{81C9398E-2615-4F4C-9FFB-C05CB0559EC7}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      Herramientas de Windows Phone 8.1 para Visual Studio 2013 - ESN (HKLM-x32\...\{A04B517D-7FBF-465C-B292-E0273BAC0CEB}) (Version: 12.0.30723 - Microsoft Corporation) Hidden
      Herramientas de Windows Phone 8.1 para Visual Studio 2015 - ESN (HKLM-x32\...\{05B721AA-CB56-4F4E-BC61-B83525CBD410}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
      Herramientas de Windows Phone 8.1 para Visual Studio Professional 2013 - ESN (HKLM-x32\...\{954ABE78-DC61-4C32-99CD-274FAA3EC325}) (Version: 12.0.30723 - Microsoft Corporation) Hidden
      Herramientas de Windows Phone 8.1 para Visual Studio Professional 2016 - ESN (HKLM-x32\...\{9C145CD1-81EC-400A-AF5B-4B4B53DD78D0}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
      HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
      HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{C63184F3-8343-408F-A948-DDB0AC969A99}) (Version: 14.0 - HP)
      HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
      HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.5.37.19 - HP)
      HP Support Solutions Framework (HKLM-x32\...\{8EF98706-3C4B-4C5B-B035-01187E17D0E6}) (Version: 12.8.47.1 - HP)
      HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
      HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
      HPAppStudio (HKLM-x32\...\{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}) (Version: 140.0.95.000 - Hewlett-Packard) Hidden
      HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
      HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
      HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
      HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
      HyperChem 8.0 Software (HKLM-x32\...\{A8725910-BA4B-4D85-94ED-9BBB89E0229B}) (Version: 8.0 - )
      IBM SPSS Statistics 24 (HKLM\...\{4762AE15-E5A3-43BF-8822-1CFC70FB147A}) (Version: 24.0.0.0 - IBM Corp)
      iCloud (HKLM\...\{99868C9C-C141-4DDE-A2C7-9DDF00F68F17}) (Version: 7.2.0.67 - Apple Inc.)
      IconViewer (HKLM\...\{C6F34AE0-0576-11d4-82FE-4491FCC00000}) (Version: 3.2.147 - Bot Productions)
      IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
      Inspiration 9 (HKLM-x32\...\Inspiration 9) (Version: - )
      Inspiration 9 PDF Driver (novaPDF 7.3 printer) (HKLM\...\Inspiration 9 PDF Driver_is1) (Version: - Softland)
      Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
      Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
      Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
      iTunes (HKLM\...\{D34CA653-87BB-4605-826F-5525EE0A4664}) (Version: 12.7.2.60 - Apple Inc.)
      Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
      Juegos para Windows 8 versión 1.00 (HKLM-x32\...\Juegos para Windows 8_is1) (Version: 1.00 - )
      K-Lite Codec Pack 13.7.8 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.8 - KLCP)
      Kodi (HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\Kodi) (Version: - XBMC-Foundation)
      LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
      LocalESPCui for es-es (HKLM-x32\...\{382C4C94-BEB5-4AAC-D093-696EE741A1E7}) (Version: 8.59.29989 - Microsoft) Hidden
      Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
      MapViewer 7 (HKLM-x32\...\{FE0A6735-AFB2-4495-8371-5BD04BD7F58F}) (Version: 7.2.1931.0 - Golden Software, Inc.)
      MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
      Mathcad 2001 Online Documentation (HKLM-x32\...\Mathcad 2001 Online Documentation) (Version: - )
      Mathcad 2001 Professional (HKLM-x32\...\{31A38B62-9168-4052-920A-F1405F43FEA8}) (Version: 10.00.0000 - MathSoft)
      MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
      MicroEvolució (HKLM-x32\...\{EC5B9AD3-3A9F-429C-A6A7-BDE71AC8E43A}) (Version: 1.11.0000 - Josep M. Llort Planchadell)
      Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
      Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
      Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
      Microsoft .NET Framework 4.5.1 SDK (español) (HKLM-x32\...\{23549951-AEAB-4407-B23D-EB1703B14DBA}) (Version: 4.5.51641 - Microsoft Corporation)
      Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
      Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
      Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
      Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
      Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
      Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
      Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
      Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
      Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
      Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
      Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
      Microsoft Combat Flight Simulator 3.0 (HKLM-x32\...\Combat Flight Simulator 3.0) (Version: - )
      Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
      Microsoft Mathematics (64 bits) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
      Microsoft Mathematics Add-in (32-bit) (HKLM-x32\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.040811.01 - Microsoft Corporation)
      Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
      Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
      Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
      Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
      Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
      Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
      Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
      Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
      Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
      Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
      Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
      Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
      Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
      Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation)
      Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation)
      Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation)
      Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation)
      Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation)
      Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
      Microsoft SQL Server Compact 4.0 SP1 x64 ESN (HKLM\...\{D7126FFC-90BA-4120-8FFB-3688C9931A09}) (Version: 4.0.8876.1 - Microsoft Corporation)
      Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation)
      Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
      Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
      Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation)
      Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation)
      Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.7015.1000 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
      Microsoft Visual Studio Community 2015 with Update 2 (HKLM-x32\...\{04fa3a35-1f49-4510-8051-819cdc1e6e01}) (Version: 14.0.25123.0 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
      Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
      Monkey Island™ Edición Especial Colección (HKLM-x32\...\MISEC) (Version: 1.0.0.0 - LucasArts)
      Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
      Mozilla Firefox 58.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 58.0 (x64 es-ES)) (Version: 58.0 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
      MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{13FE8B50-B340-4FDA-BB6E-AA1F5FAB8205}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
      MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
      Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      Nero 8 (HKLM-x32\...\{7042FC7D-ED2E-4C93-B3AA-63D117D31034}) (Version: 8.2.82 - Nero AG)
      Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
      Nitro Pro (HKLM\...\{1778BA69-B074-459C-9D5A-A6C5D2CA8CFE}) (Version: 11.0.8.470 - Nitro)
      NVIDIA Controlador de 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
      NVIDIA Controlador de audio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
      NVIDIA Controlador de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
      NVIDIA Controlador de la controladora 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
      NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
      NVIDIA Software del sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
      OneClickFirewall (HKLM\...\OneClickFirewall) (Version: 1.0.0.2 - hxxp://winaero.com)
      Oracle VM VirtualBox 5.2.4 (HKLM\...\{33042B56-E453-40AB-B313-0EB544FAC0F9}) (Version: 5.2.4 - Oracle Corporation)
      Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
      Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
      Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.5 - Panda Security)
      Panda USB Vaccine 1.0.0.50a (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
      Panel de control de NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
      Paquete de compatibilidad con múltiples versiones de Microsoft .NET Framework 4.5.1 (español) (HKLM-x32\...\{D2D0CD35-523F-3D07-8ADE-96A5B4B74485}) (Version: 4.5.50932 - Microsoft Corporation)
      Paquete de compatibilidad con múltiples versiones de Microsoft .NET Framework 4.5.1 RC para aplicaciones de la Tienda Windows (español) (HKLM-x32\...\{05ADAC3C-CCB3-3E05-BF2F-C1DE5C22C174}) (Version: 4.5.21005 - Microsoft Corporation) Hidden
      Paquete de compatibilidad con múltiples versiones de Microsoft .NET Framework 4.5.2 (español) (HKLM-x32\...\{861D5F0D-20DC-3CAF-95ED-1048B7A6177D}) (Version: 4.5.51209 - Microsoft Corporation)
      Paquete de compatibilidad de Microsoft .NET Framework 4.6 (español) (HKLM-x32\...\{2BE2ECA7-7F57-45DC-9ACC-E709425BE8CC}) (Version: 4.6.00127 - Microsoft Corporation)
      Paquete de compatibilidad de Microsoft .NET Framework 4.6.1 (español) (HKLM-x32\...\{2ECA62A3-BA78-4B96-BEA3-0E9DA82F08D9}) (Version: 4.6.01055 - Microsoft Corporation)
      Paquete de idioma de componentes compartidos de Microsoft Azure para Visual Studio 2015 (ESN) - v1.7 (HKLM-x32\...\{6E81AC23-F629-4BC4-8806-4F87E407A4D4}) (Version: 1.7.40113.5 - Microsoft Corporation) Hidden
      Paquete de idioma de Dotfuscator and Analytics Community Edition 5.19.1 es-ES (HKLM-x32\...\{A8F66459-FD65-4C8E-B957-7B4F4C03318E}) (Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
      Paquete de idioma de herramientas de pruebas para Microsoft Visual Studio 2015 - ESN (HKLM-x32\...\{E31BB45D-E7C6-4BA5-A9A9-C28C38F70C7A}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      Paquete de idioma de herramientas de Servicios móviles de Microsoft Azure para Visual Studio - v1.4 (HKLM-x32\...\{5CFEE0B1-74F6-4440-B8B1-53B36B5335B1}) (Version: 1.4.30611.1601 - Microsoft Corporation) Hidden
      Paquete de idioma de Microsoft Help Viewer 2.2 - ESN (HKLM-x32\...\Paquete de idioma de Visor de Ayuda de Microsoft 2.2 - ESN) (Version: 2.2.25123 - Microsoft Corporation)
      Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
      Paquete de idioma de Microsoft Visual Studio 2015 - ESN (HKLM-x32\...\{158bedea-b1ff-4950-bfe6-25927b20e591}) (Version: 14.0.23107.10 - Microsoft Corporation) Hidden
      Paquete de idioma de Visor de Ayuda de Microsoft 2.2 - ESN (HKLM-x32\...\{92A3609B-7F81-32D1-A67E-EA4794966D91}) (Version: 2.2.25123 - Microsoft Corporation) Hidden
      Paquete de idioma del complemento de Microsoft Visual Studio 2015 para Windows Phone - ESN (HKLM-x32\...\{FE67ED7A-6ED2-356C-8B46-7BCC876A507A}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      PatchCleaner (HKLM-x32\...\{8DEE15B5-DC0E-43C2-8E4A-D426761C2B76}) (Version: 1.3.0 - HomeDev)
      Pavtube Video Converter Ver 4.6.1.5363 (HKLM-x32\...\{B4EE51E6-2C80-4B04-BDE0-ED4E87BEFECD}_is1) (Version: - )
      PDFPasswordRemover 1.5 (HKLM-x32\...\PDFPasswordRemover_is1) (Version: - PDFPasswordRemover)
      PhoneClean (HKLM-x32\...\PhoneClean) (Version: 4.0.6.0 - iMobie Inc.)
      Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
      Plantillas de proyecto y elementos para Visual Studio Community 2015 - ESN (HKLM-x32\...\{80487092-7323-4E6B-A4FD-7E7C03598550}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      POV-Ray for Windows v3.62 (HKLM-x32\...\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}) (Version: 3.62 - Persistence of Vision Raytracer Pty. Ltd.)
      PreEmptive Analytics Client Spanish Language Pack (HKLM-x32\...\{75D87FED-788B-4491-BB5E-15ED4E24C909}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
      PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
      Preparación de Microsoft Visual Studio 2015 (HKLM-x32\...\{962626DD-AC0E-4704-B348-DD2449BA8F9D}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
      Prerequisites for SSDT RC0 (HKLM-x32\...\{AB72EB1C-9CF4-4274-984D-5EDA8BF37A08}) (Version: 13.0.1100.286 - Microsoft Corporation)
      Pro Pinball - Timeshock! (HKLM-x32\...\GOGPACKPPINBALLTIMESHOCK_is1) (Version: 2.0.0.4 - GOG.com)
      Pro Race Driver (HKLM-x32\...\Pro Race Driver) (Version: - FX Interactive)
      PS_AIO_07_B110_SW_Min (HKLM-x32\...\{C0974FF0-282B-4730-A50C-B112FA263E17}) (Version: 140.0.365.000 - Hewlett-Packard) Hidden
      QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
      RadioSure (HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\RadioSure) (Version: - )
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
      Recursos de Microsoft Visual Studio 2015 Devenv (HKLM-x32\...\{35AE57BF-AC51-312C-BA4B-266E123B807D}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      Recursos de Microsoft Visual Studio 2015 Shell (mínimos) (HKLM-x32\...\{CCEC8B0D-D647-3060-972B-D4BB55CB16E2}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
      Resource Tuner 2.04 (HKLM-x32\...\Resource Tuner_is1) (Version: 2.04 - Heaventools Software)
      Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      Roslyn Language Services - x86 (HKLM-x32\...\{E6CAD8B3-5682-31CA-A05E-79F6DBF81066}) (Version: 14.0.25132 - Microsoft Corporation) Hidden
      SafeZone Stable 1.48.2066.114 (HKLM-x32\...\SafeZone 1.48.2066.114) (Version: 1.48.2066.114 - Avast Software) Hidden
      SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
      Sandboxie 5.22 (64-bit) (HKLM\...\Sandboxie) (Version: 5.22 - Sandboxie Holdings, LLC)
      Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
      SDK de Microsoft .NET Framework 4.6 (español) (HKLM-x32\...\{400687A4-8A54-4903-881D-8904AF08600A}) (Version: 4.6.00081 - Microsoft Corporation)
      SDK de Microsoft .NET Framework 4.6.1 (español) (HKLM-x32\...\{07570008-8840-4A14-A752-1367157138A5}) (Version: 4.6.01055 - Microsoft Corporation)
      Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft)
      Servicios de lenguaje Roslyn - x86 (HKLM-x32\...\{98F8B223-AA46-36F1-B15A-C856954804D0}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
      Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
      SimCity 4 Deluxe Edition (HKLM-x32\...\GOGPACKSC4_is1) (Version: 2.0.0.8 - GOG.com)
      SketchUp 2017 (HKLM\...\{0917C390-BE6D-4B90-9C8B-FF11BA43933A}) (Version: 17.0.18899 - Trimble Navigation Limited)
      SkyChart III Demo (HKLM-x32\...\SkyChart III Demo) (Version: - )
      Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
      Software de cámara Web Logitech (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
      SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
      Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
      Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
      Stellarium 0.16.1 (HKLM\...\Stellarium_is1) (Version: 0.16.1 - Stellarium team)
      swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
      System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
      Team Explorer for Microsoft Visual Studio 2015 Update 2 (HKLM-x32\...\{7932CD6F-86D3-3EE4-8A02-B954404D1FFC}) (Version: 14.95.25118 - Microsoft) Hidden
      Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
      TomTom MyDrive Connect 4.1.4.3089 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3089 - TomTom)
      Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
      TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
      TypeScript Power Tool (HKLM-x32\...\{60890089-588B-4362-B9C5-A9C11D6E5DD1}) (Version: 1.8.9.0 - Microsoft Corporation) Hidden
      TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{4AC64C61-A7EC-4E4E-8F28-F57EB3430334}) (Version: 1.8.31.0 - Microsoft Corporation) Hidden
      Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
      Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
      Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
      Utilidad Intel(R) para ID de procesadores (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.90.0000 - Intel Corporation)
      VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
      VdhCoApp 1.1.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
      VideoPad, software para edición de vídeo (HKLM-x32\...\VideoPad) (Version: 3.88 - NCH Software)
      VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
      Vistas web del depurador de rendimiento de Microsoft Visual Studio 2015 Update 2 - Recursos ESN (HKLM-x32\...\{BC5F844C-07CB-476E-878A-F98C6D3521D7}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
      Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
      Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
      VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
      VobSub 2.23 (HKLM-x32\...\VobSub) (Version: 2.23 - Gabest)
      V-Ray 3.4 for SketchUp (HKLM\...\V-Ray 3.4 for SketchUp) (Version: 3.40.02 - Chaos Software Ltd)
      V-Ray Online License Server (HKLM\...\V-Ray Online License Server) (Version: 4.3.1 - Chaos Software Ltd)
      V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.3.5 - Chaos Software Ltd)
      VS Update core components (HKLM-x32\...\{6A878817-D626-305A-BE8D-94C93F70E27A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden
      vs_update2notification (HKLM-x32\...\{C0719D2C-5CA9-3824-903F-74F2CB9257D3}) (Version: 14.0.25132 - Microsoft Corporation) Hidden
      VSDC Free Video Editor versión 5.8.2.797 (HKLM\...\VSDC Free Video Editor_is1) (Version: 5.8.2.797 - Flash-Integro LLC)
      WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
      WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
      WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
      Who Is On My Wifi version 4.0.3 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 4.0.3 - IO3O LLC)
      WhySoSlow 0.95 (HKLM\...\WhySoSlowPro_is1) (Version: - Resplendence Software Projects Sp.)
      WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
      Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
      Windows Repair Toolbox version 1.5.0.5 (HKLM-x32\...\{A8D7DA31-9E70-437D-97C4-C4887752E029}_is1) (Version: 1.5.0.5 - Alexandre Miguel Canotilho Coelho)
      WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
      WinImage (HKLM\...\WinImage) (Version: - )
      WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
      WinStars 2.0 (HKLM-x32\...\WinStars 2.0_is1) (Version: - Franck RICHARD)
      WorldWide Telescope (HKLM-x32\...\{412B591F-3F86-4A1C-9DF6-854892DE27BB}) (Version: 5.5.03 - WorldWide Telescope)
      Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
      Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)
      Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
      Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003_Classes\CLSID\{1F228C29-E712-7F7E-4F92-1C3F784E65B9}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003_Classes\CLSID\{6921380F-FB44-3D20-B1A0-CF7C5F2AEEB1}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
      CustomCLSID: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Guillermo\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
      CustomCLSID: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
      CustomCLSID: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Guillermo\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
      ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
      ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
      ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
      ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
      ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-12-04] (Nero AG)
      ContextMenuHandlers1-x32: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-01-20] (ABBYY Production LLC.)
      ContextMenuHandlers1-x32: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
      ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ContextMenuHandlers1-x32: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2018-01-06] (Nitro Software, Inc.)
      ContextMenuHandlers1-x32: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-12-08] (Apple Inc.)
      ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
      ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
      ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
      ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
      ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
      ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
      ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
      ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
      ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-01-20] (ABBYY Production LLC.)
      ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
      ContextMenuHandlers6-x32: [IconLayout] -> {19F500E0-9964-11cf-B63D-08002B317C03} => Layout.dll -> No File
      ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
      ContextMenuHandlers6-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
      ContextMenuHandlers6-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
      ContextMenuHandlers6-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
      ContextMenuHandlers6-x32: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)
      ContextMenuHandlers6-x32: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
      ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

      (continua)

    7. #7
      Usuario Avatar de gl2101
      Registrado
      dic 2009
      Ubicación
      Barcelona
      Mensajes
      56

      re: Resultado HijackThis (Terminado)

      (Continuación)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {0D405DC1-BE1C-4A36-836A-25D33F98AB91} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-21] (AVAST Software)
      Task: {14B797DE-CC8E-4629-8E53-42E9FC944C9B} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-12-07] ()
      Task: {169F65A9-2270-4A15-B917-84157856588A} - System32\Tasks\Glary utilities => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2018-01-08] (Glarysoft Ltd)
      Task: {20848548-80E2-412D-B8F1-4DD79D62B3C9} - System32\Tasks\AdobeAAMUpdater-1.0-PC-GUILLERMO-Guillermo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
      Task: {2673BD9A-C63F-48B5-90F3-0FB16CFF8033} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
      Task: {2922C84E-D981-4EA0-9EF3-EFC1ECF74B87} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
      Task: {29CCF8D7-4356-4C7F-AD2C-54FE14539117} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
      Task: {4DAF0BCB-5321-4098-A038-90270558C981} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
      Task: {5151B826-8323-49BA-BFCE-29F57FE67E40} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
      Task: {524208EA-A7CE-45BB-83F8-3D26AF7A6437} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
      Task: {598B3720-15A2-42E4-B4DB-1CAC37A2A376} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
      Task: {5E813365-5965-4D51-AF70-0C2DD2B92F3D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-05-15] (Microsoft Corporation)
      Task: {60A29B88-4F05-461B-AC6A-BEC252F9E0AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-11-08] (HP Inc.)
      Task: {612EF031-A252-4892-9243-1390D79DA6ED} - System32\Tasks\Malwarebytes antimalware => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
      Task: {64B3E528-A65B-4B3D-959C-FA7EB41E0AF7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
      Task: {65A5BECD-97D9-445A-8E68-11DD5BE0C640} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-17] ()
      Task: {67B5D3CE-E904-4897-8299-EE994B1686AC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
      Task: {73A68AC1-63E7-4EA0-A904-4B7BBEA45995} - System32\Tasks\SafeZone scheduled Autoupdate 1469881689 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
      Task: {78152CB0-7A5A-4E53-8805-CDFA56D8C8C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003Core => C:\Users\Guillermo\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-18] (Google Inc.)
      Task: {798EBD4C-443C-47E3-AD85-8CCF47AD7FBF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
      Task: {7B61CB0B-0125-47C0-B425-A4F61BE11C20} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
      Task: {7CA6B4D2-64E6-44CB-9F93-9FEF70A48985} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-06] (AVAST Software)
      Task: {813B87ED-D45A-44D4-8E17-F08C33928A22} - System32\Tasks\HPCeeScheduleForGuillermo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
      Task: {81486C83-36BA-470B-8CD7-2E00ACE326FD} - System32\Tasks\{80E431A0-0FA9-41BE-8FE1-6C66B07B8311} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\MathSoft\Mathcad 2001 Professional\mathcad.exe" -d "C:\Program Files (x86)\MathSoft\Mathcad 2001 Professional\"
      Task: {81D6D64F-2D52-4AB4-ACB8-8FA0A1C2C410} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-10-11] (HP Inc.)
      Task: {85DED513-BF68-4164-83DB-18A0D586F7DD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
      Task: {86D977F7-A831-4272-9BAB-D933ACCEE5AF} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2018-01-08] (Glarysoft Ltd)
      Task: {8E9E7097-EA68-47A4-900E-C32D01B09852} - System32\Tasks\GlaryOneClickOptimizer 5 => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe [2018-01-08] (Glarysoft Ltd)
      Task: {9419CEB7-94BD-4F86-903F-CEF243E739F7} - System32\Tasks\Ejecutar spybot Search&Destroy => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
      Task: {98150D2B-F6EB-481F-A41E-5D6313E08CC9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
      Task: {9BA399A6-7A4E-46DA-9A7D-1F5DB6E05D09} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
      Task: {A546A550-7A47-4315-9348-E0557EE07582} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
      Task: {B309D72C-8A36-408F-9D45-D242CE747D73} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2018-01-10] (Microsoft Corporation)
      Task: {B8759A6B-F0FB-4388-9D54-7BFE11833D86} - System32\Tasks\AdobeAAMUpdater-1.0-Usuario-Guillermo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
      Task: {C0D7ADBC-E7A2-4413-9D2F-2D0CAC691593} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003UA => C:\Users\Guillermo\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-18] (Google Inc.)
      Task: {C50948B6-5B56-4812-B830-39F0E35839FB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd)
      Task: {C999BA27-400C-4EA3-B916-E847438E38F2} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1594238518-2351825753-3521044555-1003 => C:\Users\Guillermo\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-19] (Mega Limited)
      Task: {D153C74E-C12B-4287-A237-1B654D76202A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003UA => C:\Users\Guillermo\AppData\Local\Facebook\Update\FacebookUpdate.exe
      Task: {D39AA8B6-211D-40B5-BC2C-31BB077AB06F} - System32\Tasks\{3388B0FF-7C15-457E-9A18-0D366E84E17F} => C:\Windows\system32\pcalua.exe -a F:\setup.exe -d F:\
      Task: {D793522E-F538-43A6-B3FF-A2354CD996CA} - System32\Tasks\Ejecutar Secunia PSI => C:\Program Files (x86)\Secunia\PSI\psi.exe [2013-12-06] (Secunia)
      Task: {D802D4A7-0AAD-488F-B401-C9DC259F53A8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
      Task: {DB10C3FE-3F4D-42E6-9ACF-823D35E4188F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
      Task: {DB8FFE90-88F9-4169-AFC2-B32AC6B24E88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
      Task: {E32AAD11-877C-4C37-BEB7-B3DE21976266} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
      Task: {E684CBE9-C9E7-4D68-8881-101666083A92} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2018-01-08] (Glarysoft Ltd)
      Task: {EF05F1E9-C2ED-4F83-A843-21980F04E500} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
      Task: {F44C9048-1188-4618-A992-F04EEA47A746} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003Core => C:\Users\Guillermo\AppData\Local\Facebook\Update\FacebookUpdate.exe
      Task: {FB5A1AE6-5D8A-4D90-ABBB-B930E9FD6EEC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003Core.job => C:\Users\Guillermo\AppData\Local\Facebook\Update\FacebookUpdate.exe
      Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1594238518-2351825753-3521044555-1003UA.job => C:\Users\Guillermo\AppData\Local\Facebook\Update\FacebookUpdate.exe
      Task: C:\Windows\Tasks\HPCeeScheduleForGuillermo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      Shortcut: C:\Users\Guillermo\Desktop\Iconos escritorio\Ciències de la naturalesa 1r ESO. Projecte 3.16 LIX.lnk -> C:\Users\Guillermo\Cruïlla Llibres digitals\launch34_F8F55BE8-B434-4859-903D-090300CF8BA4.bat ()
      Shortcut: C:\Users\Guillermo\Desktop\Iconos escritorio\Ciències de la naturalesa. 1r ESO. Connecta 2.0 LIX.lnk -> C:\Users\Guillermo\Cruïlla Llibres digitals\launch34_CE753079-6A5A-4929-BE8C-95367CD61007.bat ()
      Shortcut: C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Ciències de la naturalesa 1r ESO. Projecte 3.16 LIX.lnk -> C:\Users\Guillermo\Cruïlla Llibres digitals\launch34_F8F55BE8-B434-4859-903D-090300CF8BA4.bat ()
      Shortcut: C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Ciències de la naturalesa. 1r ESO. Connecta 2.0 LIX.lnk -> C:\Users\Guillermo\Cruïlla Llibres digitals\launch34_CE753079-6A5A-4929-BE8C-95367CD61007.bat ()
      Shortcut: C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cruïlla Llibres digitals\Ciències de la naturalesa 1r ESO. Projecte 3.16 LIX.lnk -> C:\Users\Guillermo\Cruïlla Llibres digitals\launch34_F8F55BE8-B434-4859-903D-090300CF8BA4.bat ()
      Shortcut: C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cruïlla Llibres digitals\Ciències de la naturalesa. 1r ESO. Connecta 2.0 LIX.lnk -> C:\Users\Guillermo\Cruïlla Llibres digitals\launch34_CE753079-6A5A-4929-BE8C-95367CD61007.bat ()
      Shortcut: C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cruïlla Llibres digitals\zDesinstal·lar Ciències de la naturalesa 1r ESO. Projecte 3.16 LIX.lnk -> C:\Users\Guillermo\Cruïlla Llibres digitals\uninstall34_F8F55BE8-B434-4859-903D-090300CF8BA4.bat ()
      Shortcut: C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cruïlla Llibres digitals\zDesinstal·lar Ciències de la naturalesa. 1r ESO. Connecta 2.0 LIX.lnk -> C:\Users\Guillermo\Cruïlla Llibres digitals\uninstall34_CE753079-6A5A-4929-BE8C-95367CD61007.bat ()

      ==================== Loaded Modules (Whitelisted) ==============

      2014-05-07 18:46 - 2016-11-14 12:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
      2017-11-06 20:32 - 2017-11-06 20:32 - 000076456 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
      2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\Guillermo\AppData\Local\MEGAsync\ShellExtX64.dll
      2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
      2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
      2017-11-30 18:54 - 2017-11-30 18:54 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
      2014-05-07 18:42 - 2013-05-07 08:45 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
      2017-09-08 17:36 - 2018-01-10 15:33 - 001268024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-10-29 13:26 - 2017-10-29 13:26 - 000144384 _____ () \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\os-service\build\Release\service.node
      2017-10-29 13:26 - 2017-10-29 13:26 - 000200704 _____ () \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\vrloffline-win32\vrloffline.node
      2017-10-29 13:27 - 2017-10-29 13:27 - 000090176 _____ () C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
      2017-11-05 19:54 - 2017-12-17 19:13 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-11-05 19:54 - 2017-12-17 19:13 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
      2017-10-29 13:27 - 2017-10-29 13:27 - 000204800 _____ () \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\v8-profiler\build\profiler\v5.6.5\node-v48-win32-x64\profiler.node
      2017-10-29 13:27 - 2017-10-29 13:27 - 000163328 _____ () \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ref\build\Release\binding.node
      2017-10-29 13:27 - 2017-10-29 13:27 - 000174592 _____ () \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ffi\build\Release\ffi_bindings.node
      2015-05-15 16:00 - 2009-03-29 10:30 - 002058240 _____ () C:\Program Files (x86)\FeedReader30\feedreader.exe
      2017-12-13 16:37 - 2013-12-19 09:36 - 000039192 _____ () C:\Program Files\CCleaner\branding.dll
      2018-01-09 15:21 - 2018-01-09 15:21 - 000088448 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
      2014-05-07 18:42 - 2018-01-23 16:01 - 000027136 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
      2014-05-07 18:42 - 2013-05-07 08:45 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
      2017-07-20 15:33 - 2016-09-13 13:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
      2017-07-20 15:33 - 2016-09-13 13:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
      2017-07-20 15:33 - 2016-09-13 13:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
      2017-07-20 15:33 - 2017-05-12 10:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
      2017-09-08 17:36 - 2018-01-10 15:33 - 001041208 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
      2017-12-21 17:07 - 2017-12-21 17:07 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
      2017-12-21 17:07 - 2017-12-21 17:07 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
      2017-12-21 17:07 - 2017-12-21 17:07 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
      2017-06-26 15:09 - 2017-06-26 15:09 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2017-12-21 17:07 - 2017-12-21 17:07 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
      2017-12-21 17:06 - 2017-12-21 17:06 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
      2016-04-08 23:35 - 2016-04-08 23:35 - 003481600 _____ () C:\Users\Guillermo\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
      2017-09-10 21:51 - 2017-09-10 21:51 - 000798208 _____ () C:\Users\Guillermo\AppData\Local\MEGAsync\libsodium.dll
      2017-09-18 14:12 - 2017-09-18 14:12 - 000090936 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\APLZOD.resources\es.lproj\APLZODLocalized.dll
      2018-01-06 01:47 - 2018-01-06 01:47 - 000005120 _____ () C:\Program Files (x86)\Nitro\Pro 11\Nitro.OfficeAddin.Net.Aggregator.11.dll
      2018-01-06 01:47 - 2018-01-06 01:47 - 000033280 _____ () C:\Program Files (x86)\Nitro\Pro 11\Nitro.OfficeAddin.Net.Common.11.dll
      2018-01-06 01:47 - 2018-01-06 01:47 - 000957952 _____ () C:\Program Files (x86)\Nitro\Pro 11\Nitro.OfficeAddin.Net.UI.11.dll
      2018-01-06 01:47 - 2018-01-06 01:47 - 000005632 _____ () C:\Program Files (x86)\Nitro\Pro 11\Nitro.PdfCommon.Net.11.dll
      2018-01-06 01:47 - 2018-01-06 01:47 - 000071680 _____ () C:\Program Files (x86)\Nitro\Pro 11\Nitro.Swig.Net.dll
      2011-05-26 19:18 - 2011-05-26 19:18 - 000136536 _____ () C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
      2015-11-11 03:41 - 2015-11-11 03:41 - 000756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
      2014-05-07 18:50 - 2013-09-16 11:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
      AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)

      IE trusted site: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\gob.es -> hxxps://agenciatributaria.gob.es
      IE trusted site: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\movistarplus.es -> hxxp://ver.movistarplus.es
      IE trusted site: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\xtec.cat -> hxxp://www.xtec.cat

      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2013-08-22 14:25 - 2017-01-31 17:43 - 000004141 _____ C:\Windows\system32\Drivers\etc\hosts

      127.0.0.1 activate.adobe.com
      127.0.0.1 practivate.adobe.com
      127.0.0.1 209.34.83.73:443
      127.0.0.1 209.34.83.73:43
      127.0.0.1 209.34.83.67:443
      127.0.0.1 209.34.83.67:43
      127.0.0.1 ood.opsource.net
      127.0.0.1 199.7.52.190:80
      127.0.0.1 OCSP.SPO1.VERISIGN.COM
      127.0.0.1 199.7.54.72:80
      127.0.0.1 192.150.14.69
      127.0.0.1 192.150.18.101
      127.0.0.1 192.150.18.108
      127.0.0.1 192.150.22.40
      127.0.0.1 192.150.8.100
      127.0.0.1 192.150.8.118
      127.0.0.1 209-34-83-73.ood.opsource.net
      127.0.0.1 3dns-1.adobe.com
      127.0.0.1 3dns-2.adobe.com
      127.0.0.1 3dns-3.adobe.com
      127.0.0.1 3dns-4.adobe.com
      127.0.0.1 3dns.adobe.com
      127.0.0.1 activate-sea.adobe.com
      127.0.0.1 activate-sjc0.adobe.com
      127.0.0.1 activate.wip.adobe.com
      127.0.0.1 activate.wip1.adobe.com
      127.0.0.1 activate.wip2.adobe.com
      127.0.0.1 activate.wip3.adobe.com
      127.0.0.1 activate.wip4.adobe.com
      127.0.0.1 adobe-dns-1.adobe.com

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Guillermo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
      DNS Servers: 209.244.0.3 - 209.244.0.4
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      HKLM\...\StartupApproved\StartupFolder: => "Google Calendar Sync.lnk"
      HKLM\...\StartupApproved\StartupFolder: => "ImageBrowser EX Agent.lnk"
      HKLM\...\StartupApproved\StartupFolder: => "Who Is On My Wifi.lnk"
      HKLM\...\StartupApproved\Run: => "NvBackend"
      HKLM\...\StartupApproved\Run: => "ShadowPlay"
      HKLM\...\StartupApproved\Run: => "AdAwareTray"
      HKLM\...\StartupApproved\Run: => "iTunesHelper"
      HKLM\...\StartupApproved\Run32: => "APSDaemon"
      HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
      HKLM\...\StartupApproved\Run32: => "QuickTime Task"
      HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR11"
      HKLM\...\StartupApproved\Run32: => "LWS"
      HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
      HKLM\...\StartupApproved\Run32: => "iTunesHelper"
      HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"
      HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
      HKLM\...\StartupApproved\Run32: => "NBKeyScan"
      HKLM\...\StartupApproved\Run32: => "SilentCleanService"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\StartupFolder: => "Recorte de pantalla e Inicio rápido de OneNote 2007.lnk"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\StartupFolder: => "Logitech . Registro de productos.lnk"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "SandboxieControl"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "ApplePhotoStreams"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "iCloudServices"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "AdobeBridge"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "iCloudDrive"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "GUDelayStartup"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "Xvid"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "iCloudPhotos"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "AppleIEDAV"
      HKU\S-1-5-21-1594238518-2351825753-3521044555-1003\...\StartupApproved\Run: => "iCloud"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [TCP Query User{31D18DF9-920C-423D-BD6B-9FFD9F7051F1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
      FirewallRules: [UDP Query User{F640B838-669C-4106-97E1-0F4C0BBC5935}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
      FirewallRules: [TCP Query User{561B06E3-FCF6-4105-9E40-9E24E0DA7AF8}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
      FirewallRules: [UDP Query User{983FEFC5-AB68-4CD1-9CD0-DB094A1407BB}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
      FirewallRules: [{CD42FF58-967D-490C-BA78-B0C9A501E65B}] => (Allow) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
      FirewallRules: [{6E96E7F0-881D-4887-8C6C-6D8FDDD70A56}] => (Allow) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
      FirewallRules: [{77AEFF87-1773-44D3-BA68-223E13CC85FE}] => (Allow) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
      FirewallRules: [{B8BBE33A-C668-4D22-A001-63699CFE6572}] => (Allow) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
      FirewallRules: [{9C25CBF6-D759-4EE7-892D-738B2F4F7683}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
      FirewallRules: [{A1E7E188-04B5-43A8-8948-86D6F231FE06}] => (Allow) LPort=2869
      FirewallRules: [{60F2BE4D-B36D-4D92-91BB-73FEAC91F9BB}] => (Allow) LPort=1900
      FirewallRules: [{C781D321-7836-4493-A290-211304AF9F38}] => (Allow) C:\Program Files (x86)\CrystalMaker Software\CrystalMaker Demo\WinCM.exe
      FirewallRules: [{03CD47D5-D376-4E1F-9A53-AAED3898C26B}] => (Allow) C:\Program Files (x86)\CrystalMaker Software\CrystalMaker Demo\WinCM.exe
      FirewallRules: [{806EB1F2-4554-4680-B8CC-806A911AA3C9}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
      FirewallRules: [{6242E6DB-CB9F-458D-8F8C-598BDDE88683}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
      FirewallRules: [TCP Query User{814DEA37-312C-40B7-A813-CC5F3033F575}C:\program files (x86)\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) C:\program files (x86)\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
      FirewallRules: [UDP Query User{37B497EA-F406-4831-97AD-5F034366B7A9}C:\program files (x86)\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) C:\program files (x86)\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
      FirewallRules: [{AFDF64DF-AB75-4A6D-8DCD-F331D9E4CEAE}] => (Block) C:\program files (x86)\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
      FirewallRules: [{8B19526D-F1E0-47AE-A452-8276E0317CAC}] => (Block) C:\program files (x86)\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
      FirewallRules: [TCP Query User{9C65EEA1-14D8-442F-BF0A-A19C094A0961}C:\moodle\server\apache\bin\httpd.exe] => (Allow) C:\moodle\server\apache\bin\httpd.exe
      FirewallRules: [UDP Query User{9E68D4BE-3B21-478E-B1B0-C60CD830C85A}C:\moodle\server\apache\bin\httpd.exe] => (Allow) C:\moodle\server\apache\bin\httpd.exe
      FirewallRules: [TCP Query User{0E1CBACA-FCD8-475F-AC9A-2C394BF35B0D}C:\moodle\server\mysql\bin\mysqld.exe] => (Allow) C:\moodle\server\mysql\bin\mysqld.exe
      FirewallRules: [UDP Query User{36FB4206-D79A-40CE-B780-AE403130A1C2}C:\moodle\server\mysql\bin\mysqld.exe] => (Allow) C:\moodle\server\mysql\bin\mysqld.exe
      FirewallRules: [{3A659DB9-BD79-4575-8214-10DF3E5AC89A}] => (Block) C:\moodle\server\mysql\bin\mysqld.exe
      FirewallRules: [{D1B0F06C-1F22-4242-84A7-3BE544B2DAB9}] => (Block) C:\moodle\server\mysql\bin\mysqld.exe
      FirewallRules: [{33E01593-85FF-4649-86EC-04FA1A9CF9BA}] => (Block) C:\moodle\server\apache\bin\httpd.exe
      FirewallRules: [{EF1BC87E-79E5-4D8B-9AC1-8A04D14C3425}] => (Block) C:\moodle\server\apache\bin\httpd.exe
      FirewallRules: [TCP Query User{4BF8ACC0-3124-449A-B59C-C2CBAB6FFBB2}I:\cruïlla llibres digitals\jre6\bin\javaw.exe] => (Allow) I:\cruïlla llibres digitals\jre6\bin\javaw.exe
      FirewallRules: [UDP Query User{BA6A0FDB-B439-44E3-A425-485BCD10AE66}I:\cruïlla llibres digitals\jre6\bin\javaw.exe] => (Allow) I:\cruïlla llibres digitals\jre6\bin\javaw.exe
      FirewallRules: [{00D98D1D-0C65-44A1-90D3-A2BD18B3BEA9}] => (Block) I:\cruïlla llibres digitals\jre6\bin\javaw.exe
      FirewallRules: [{DE5AB82D-B1B8-4AF4-A88E-C534948DDD14}] => (Block) I:\cruïlla llibres digitals\jre6\bin\javaw.exe
      FirewallRules: [TCP Query User{EDE79165-0EFD-480F-8FEE-EBB695190B49}J:\cruïlla llibres digitals\jre6\bin\javaw.exe] => (Block) J:\cruïlla llibres digitals\jre6\bin\javaw.exe
      FirewallRules: [UDP Query User{56DCF456-C48E-4F4A-9ABD-7B4FDA0F842D}J:\cruïlla llibres digitals\jre6\bin\javaw.exe] => (Block) J:\cruïlla llibres digitals\jre6\bin\javaw.exe
      FirewallRules: [{C79936F3-C07B-4205-B1AC-DBA1672B4701}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      FirewallRules: [{8C75A966-4626-4639-B713-9E9F1FCBED9C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
      FirewallRules: [{11B7AB7F-F416-466A-9D54-B4C5AD9D6BF5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
      FirewallRules: [{64A808B3-58FC-47CD-A204-9699B76392A3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
      FirewallRules: [{62560CC8-FB0B-44F2-8CDC-60C7A6970D1B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
      FirewallRules: [{CB7DB080-6805-4268-937E-77A9C8322313}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
      FirewallRules: [{785FEA06-6A06-4119-A45A-69A1108F3545}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
      FirewallRules: [{B2462867-857C-4B56-AF5A-14A5BA2BD019}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
      FirewallRules: [{C5C7EAC5-FF69-4E27-82A3-0DF5BE61CC6F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
      FirewallRules: [{8E3BA238-5D74-4E3E-B81D-D401D6B05FB9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
      FirewallRules: [{886DF51F-9A2E-4FA6-9993-D929474AD20A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
      FirewallRules: [{F0468E3C-9855-4C38-9F5F-3822D2128A63}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
      FirewallRules: [{2F797D08-2E7B-4220-934D-D9EEF1278938}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{63122321-1899-48E8-8A03-5DBF36A00BA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [TCP Query User{0F1AA64D-818C-4F20-9F47-5D167D0DAEFE}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
      FirewallRules: [UDP Query User{DF3FF226-2588-4576-8047-13A5821A8F21}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
      FirewallRules: [TCP Query User{15E80F0C-42DE-4149-B852-87578141B7BC}C:\program files\winhttrack\winhttrack.exe] => (Allow) C:\program files\winhttrack\winhttrack.exe
      FirewallRules: [UDP Query User{3727A3FD-A281-49A9-BF05-06E65203928D}C:\program files\winhttrack\winhttrack.exe] => (Allow) C:\program files\winhttrack\winhttrack.exe
      FirewallRules: [{CECDA870-1603-4FE7-80A0-E66B01EF8C94}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{D5041E67-7712-443B-B89B-698241B7AA80}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{B09C0C14-F93F-4EB7-9219-F2899E7D5E46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{4258CDD5-AE86-405E-A8BB-F1F38E2F8EDD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{F083474A-9B35-4EF9-92B5-C1BD45C41939}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{C3BA6639-DABF-4FD1-B418-AF89D26F27AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [TCP Query User{E5544F0C-7386-4EF6-8AE8-97C7A46C706A}C:\users\guillermo\cruïlla llibres digitals\jre6\bin\javaw.exe] => (Allow) C:\users\guillermo\cruïlla llibres digitals\jre6\bin\javaw.exe
      FirewallRules: [UDP Query User{68E27171-1F98-495E-A5E9-FA89D0FCEB74}C:\users\guillermo\cruïlla llibres digitals\jre6\bin\javaw.exe] => (Allow) C:\users\guillermo\cruïlla llibres digitals\jre6\bin\javaw.exe
      FirewallRules: [{276A9A7F-1440-4166-A42F-8A89490CA948}] => (Block) C:\users\guillermo\cruïlla llibres digitals\jre6\bin\javaw.exe
      FirewallRules: [{C94ACCF0-61CF-4BD3-BE72-A62A4FB41CEE}] => (Block) C:\users\guillermo\cruïlla llibres digitals\jre6\bin\javaw.exe
      FirewallRules: [TCP Query User{D05EF415-9180-47C1-AE3F-48FD64293269}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
      FirewallRules: [UDP Query User{A11C7A8B-E34C-4FFF-B2CA-53E778E9E5B7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
      FirewallRules: [{3B7E2DCD-659E-4987-92AB-94B7F86C8507}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
      FirewallRules: [{3F71F7C0-7788-408E-BAE3-11152A472A9A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
      FirewallRules: [{E59AD5AC-6DBF-4FB7-8E85-E145A733A95B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\24\stats.exe
      FirewallRules: [{850B8484-6451-4274-8A60-4711506492F1}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\24\stats.com
      FirewallRules: [{7F677C45-D834-43DD-96E0-5B4AB884617E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\24\stats.exe
      FirewallRules: [{0C599972-96BF-423B-9D8C-063EBB6A140E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\24\stats.com
      FirewallRules: [{DBF49272-1331-4E73-991A-B5E0CFBD40B3}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\24\WinWrapIDE.exe
      FirewallRules: [{4000CD59-A85A-4066-9C34-E421CE0F44F5}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\24\WinWrapIDE.exe
      FirewallRules: [{815DB811-A359-4431-8D35-1EFBA2A370F4}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
      FirewallRules: [{7D079D6D-94C3-45C9-A005-5280700065AD}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
      FirewallRules: [TCP Query User{6EE3420D-88F2-4206-8867-0A1C3020C311}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
      FirewallRules: [UDP Query User{9E62C6ED-0897-4CD6-9FB6-A71AD4E24BE8}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
      FirewallRules: [{245CA982-52F2-414F-96B1-4349473702F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{588EE364-15EB-42E7-93EB-71804D33BB46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{A5E08CF6-FA80-4DFA-90E0-A63A03349A06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{11D0337E-5424-45A1-9BC9-4860C223CA62}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{C76C9EED-AF9E-466A-952C-EFD323E2F818}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{9C7D99BD-D2F0-4F52-B107-8688FD48901A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
      FirewallRules: [{944BD4C0-FB6F-49C2-A224-C7742DD3A64F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{A361AA1A-4B48-45AF-A40C-D7E47FD57819}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      FirewallRules: [{AA0B694D-794B-4801-A9AC-A20D4436B94A}] => (Allow) LPort=8318
      FirewallRules: [{E93B2458-88B7-46AA-9A6A-A5F2B541E757}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
      FirewallRules: [{8C2463C5-1B23-41CE-8906-8775093AD8F1}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
      FirewallRules: [{BA173D55-5E45-4040-B713-02F1386DF59E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{E9DEBB8C-3984-4126-BE2E-654C40B2C421}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{932DFD20-012B-420B-A826-0141FDCC9770}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
      FirewallRules: [{EC258D5A-E2FD-4A5A-8BE9-BA6868B21A37}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
      FirewallRules: [{44E2B53F-9610-4F61-8F59-8B847C82A575}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
      FirewallRules: [{58CEC12A-1423-453B-B360-66E708513D00}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
      FirewallRules: [{4AE96542-FC11-40D0-9727-00E5ED7F7358}] => (Allow) LPort=20208
      FirewallRules: [{12EC1AFF-424C-4B81-9F15-59B8FD22C83A}] => (Allow) LPort=20208
      FirewallRules: [{C2B16E33-B130-4D5C-B052-3F7960265B20}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
      FirewallRules: [{C08721EA-06E8-48EC-9308-DCFEEA2C15AE}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
      FirewallRules: [TCP Query User{8A285C8B-CC30-4A9E-BCD6-AF91ED7276FF}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe
      FirewallRules: [UDP Query User{4CC48E04-EFE2-43CA-B5D8-9A026E4C9460}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe
      FirewallRules: [{90F06F4F-2E99-4E4F-92C7-5481C5FBA145}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
      FirewallRules: [{69EA3552-3103-4CA7-8443-4F98405219E9}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe
      FirewallRules: [{9BCFE71F-7EFF-440D-AC95-8B159FB938BF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe
      FirewallRules: [{EE209E32-B6B5-4490-9605-089361AED459}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe
      FirewallRules: [{892D4483-3644-470B-8945-19522F4C6BFA}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe
      FirewallRules: [{AA024034-D6FA-4F42-A6FE-3683BFFC345A}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe
      FirewallRules: [{1A780798-5215-4C1F-A0B0-E313C84880CF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe
      FirewallRules: [{1E002639-25A5-4D09-BF5D-3B0962B24320}] => (Allow) C:\Program Files\iTunes\iTunes.exe
      FirewallRules: [TCP Query User{78E2410A-C0B4-4A33-B249-4887A42904E4}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
      FirewallRules: [UDP Query User{ED1AA29C-F65E-46CC-80C7-DB754D0777EC}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
      FirewallRules: [{361ED3DC-40B3-468E-B882-51AFC9900503}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{F0B8A5A6-6ED0-4E32-A5C2-0836610236A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{43F83666-B1C6-482E-A746-4F993A182282}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{3E04C097-E700-4B5F-BCCA-66F8CA1D9932}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
      StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

      ==================== Restore Points =========================

      07-01-2018 19:12:07 Todo OK antes de instalar KODI
      09-01-2018 16:56:59 Tras insalar Actualización de Windows de enero 2018
      10-01-2018 17:03:50 ras instalar nuevas actualizaciones de Windows enero 2018
      18-01-2018 16:02:04 Punto de control programado
      20-01-2018 17:04:36 Instalado Nitro Pro

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (01/23/2018 06:20:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
      Description: El programa FRST64.exe, versión 21.1.2018.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

      Identificador de proceso: 1f58

      Hora de inicio: 01d3946e4ffed7a0

      Hora de finalización: 4294967295

      Ruta de acceso de la aplicación: C:\Users\Guillermo\Desktop\FRST64.exe

      Identificador de informe: c41e6fbb-0061-11e8-898a-e03f4913ea93

      Nombre completo de paquete con errores:

      Identificador de aplicación relativa del paquete con errores:

      Error: (01/23/2018 04:21:25 PM) (Source: SideBySide) (EventID: 78) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
      Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
      Los componentes en conflicto son:.
      Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
      Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

      Error: (01/23/2018 04:02:35 PM) (Source: SideBySide) (EventID: 78) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
      Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
      Los componentes en conflicto son:.
      Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
      Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

      Error: (01/23/2018 04:02:35 PM) (Source: SideBySide) (EventID: 78) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
      Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
      Los componentes en conflicto son:.
      Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
      Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

      Error: (01/23/2018 04:02:35 PM) (Source: SideBySide) (EventID: 78) (User: )
      Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
      Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
      Los componentes en conflicto son:.
      Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
      Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

      Error: (01/22/2018 04:33:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
      Description: Task Scheduling Error: m->NextScheduledSPRetry 3266

      Error: (01/22/2018 04:33:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
      Description: Task Scheduling Error: m->NextScheduledEvent 3266

      Error: (01/22/2018 04:33:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
      Description: Task Scheduling Error: Continuously busy for more than a second

      Error: (01/22/2018 04:33:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
      Description: Task Scheduling Error: m->NextScheduledSPRetry 2187

      Error: (01/22/2018 04:33:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
      Description: Task Scheduling Error: m->NextScheduledEvent 2187


      System errors:
      =============
      Error: (01/23/2018 04:01:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio ews-dbserver no pudo iniciarse debido al siguiente error:
      El sistema no puede encontrar el archivo especificado.

      Error: (01/22/2018 08:08:22 PM) (Source: DCOM) (EventID: 10010) (User: PC-GUILLERMO)
      Description: El servidor {1B1F472E-3221-4826-97DB-2C2324D389AE} no se registró con DCOM dentro del tiempo de espera requerido.

      Error: (01/22/2018 08:07:43 PM) (Source: DCOM) (EventID: 10010) (User: PC-GUILLERMO)
      Description: El servidor {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} no se registró con DCOM dentro del tiempo de espera requerido.

      Error: (01/22/2018 03:57:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio Spybot-S&D 2 Scanner Service no pudo iniciarse debido al siguiente error:
      El servicio no respondió a tiempo a la solicitud de inicio o de control.

      Error: (01/22/2018 03:57:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Spybot-S&D 2 Scanner Service.

      Error: (01/22/2018 03:56:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio ews-dbserver no pudo iniciarse debido al siguiente error:
      El sistema no puede encontrar el archivo especificado.

      Error: (01/21/2018 12:24:53 PM) (Source: DCOM) (EventID: 10010) (User: PC-GUILLERMO)
      Description: El servidor {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} no se registró con DCOM dentro del tiempo de espera requerido.

      Error: (01/21/2018 11:33:11 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio ShellHWDetection.

      Error: (01/21/2018 11:28:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
      Description: El servicio ews-dbserver no pudo iniciarse debido al siguiente error:
      El sistema no puede encontrar el archivo especificado.

      Error: (01/20/2018 09:33:13 PM) (Source: DCOM) (EventID: 10010) (User: PC-GUILLERMO)
      Description: El servidor {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} no se registró con DCOM dentro del tiempo de espera requerido.


      CodeIntegrity:
      ===================================
      Date: 2018-01-23 1621.463
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2018-01-23 1621.239
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2018-01-23 1621.005
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2018-01-23 1620.780
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2018-01-23 1620.556
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2018-01-23 1620.331
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2018-01-23 1620.100
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2018-01-23 1619.874
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2018-01-23 1619.646
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2018-01-23 1619.419
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
      Percentage of memory in use: 47%
      Total physical RAM: 8130.19 MB
      Available physical RAM: 4293.95 MB
      Total Virtual: 9410.19 MB
      Available Virtual: 5645.6 MB

      ==================== Drives ================================

      Drive c: (SISTEMA) (Fixed) (Total:466.13 GB) (Free:341.14 GB) NTFS
      Drive e: (DATOS) (Fixed) (Total:465.03 GB) (Free:280.43 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 949FCFD9)
      Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=466.1 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

      ==================== End of Addition.txt ============================

    8. #8
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.263

      re: Resultado HijackThis (Terminado)

      Ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro:

      • Para hacerlo descarga >> DelFix.exe en tu escritorio.

        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

        • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación, ve a:

      Inicio >>> Ejecutar >>>Escribes notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKLM-x32\...\Run: [] => [X]
      GroupPolicy: Restriction <==== ATTENTION
      SearchScopes: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003 -> DefaultScope {414B3BFF-61FE-4CB2-9C1D-F709095BB4FD} URL = hxxps://www.qwant.com/?q={searchTerms}&client=opensearch
      SearchScopes: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKU\S-1-5-21-1594238518-2351825753-3521044555-1003 -> {414B3BFF-61FE-4CB2-9C1D-F709095BB4FD} URL = hxxps://www.qwant.com/?q={searchTerms}&client=opensearch
      FF ProfilePath: C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\44rz5yp8.default [not found] <==== ATTENTION
      FF Extension: (Botón de Google Académico) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-11-16]
      FF Extension: (I don't care about cookies) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-12-29]
      FF Extension: (Open in IE™) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-12-18]
      FF Extension: (S3.Translator) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-12-22]
      FF Extension: (Avast SafePrice) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2018-01-02]
      FF Extension: (Avast Online Security) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\[email protected] [2017-10-06]
      FF Extension: (ColorfulTabs) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}.xpi [2017-12-26]
      FF Extension: (WX Download Status Bar) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\{a1c84bb7-d5fc-4906-90b4-965e520b29bf}.xpi [2018-01-22]
      FF Extension: (Video DownloadHelper) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-19]
      FF Extension: (Unpaywall) - C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\Extensions\{f209234a-76f0-4735-9920-eb62507a54cd}.xpi [2018-01-15]
      FF SearchPlugin: C:\Users\Guillermo\AppData\Roaming\Mozilla\Firefox\Profiles\4qnmzlro.default\searchplugins\google-lavasoft.xml [2016-07-29]
      S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
      ContextMenuHandlers6-x32: [IconLayout] -> {19F500E0-9964-11cf-B63D-08002B317C03} => Layout.dll -> No File
      ContextMenuHandlers6-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
      AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
      AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
      
      CMD:  ipconfig /release 
      CMD:  ipconfig /renew 
      CMD:  ipconfig /flushdns 
      CMD:  ipconfig /registerdns
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.
      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.


      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Reinicias el equipo y comentas cómo sigue funcionando todo.
      Saludos.
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de gl2101
      Registrado
      dic 2009
      Ubicación
      Barcelona
      Mensajes
      56

      re: Resultado HijackThis (Terminado)

      Exactamente, ¿qué es lo que pasará al ejecutar Frst.exe con el archivo fixlist.txt? Veo que algunas lineas corresponden a extensiones de Firefox que tengo instaladas, pero no sé que pasará con ellas, y tampoco acabo de entender cual será el efecto de las demás lineas.

    10. #10
      Moderador
      Avatar de @MiguelRiaguel
      Registrado
      dic 2008
      Ubicación
      España
      Mensajes
      12.263

      re: Resultado HijackThis (Terminado)

      Exactamente te estoy enviando un script de reparación con todas las entradas que son necesarias eliminar en tu equipo, así como la limpieza de otras que quedan en el sistema pero que ya no son utilizadas, para nada más que para ocupar espacio o recursos.

      Eres libre de ejecutar el script o no... esa sería nuestra recomendación después de analizar el reporte de FRST. No obstante, eres tú quién ha abierto el tema de ayuda y quién valora si quiere realizar los pasos que recomendamos.
      Ya me comentas si prefieres cerrar el tema o en su defecto me dejas el reporte Fixlog.txt después de aplicar el script.

      Saludos
      El problema de los virus es pasajero y durará un par de años / John McAfee - fundador de McAfee

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 1 de 2 12 ÚltimoÚltimo