• Registrarse
  • Iniciar sesión


  • Página 2 de 3 PrimeroPrimero 123 ÚltimoÚltimo
    Resultados 11 al 20 de 29

    Avast ~ Escudo de comportamiento no se activa (Solucionado)

    ...

          
    1. #11
      Usuario Avatar de fototravesias
      Registrado
      nov 2007
      Ubicación
      argentina
      Mensajes
      93

      re: Avast ~ Escudo de comportamiento no se activa (Solucionado)

      Bueno hice la consulta en el foro de Avast como me sugirieron y solo me dice que desinstale con la herramientas de ellos y vuelva a instalar.

      No es que no confié en ellos pero prefiero la solución de acá. Miguel en cuanto puedo hago los pasos que me indicas.

      Saludos y gracias, deja el tema abierto por favor.
      Eduardo

    2. #12
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.401

      re: Avast ~ Escudo de comportamiento no se activa (Solucionado)

      En el foro de Avast la primera solucion siempre es esa, que es lo sencillo, pero no necesariamente lo correcto
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de fototravesias
      Registrado
      nov 2007
      Ubicación
      argentina
      Mensajes
      93

      re: Avast ~ Escudo de comportamiento no se activa (Solucionado)

      Hola Miguel buenas noches.

      Disculpas antes que nada por la demora pero anduve con algunos problemas, bueno des-instale el antivirus tal cual como indicas y corrí el mbam, aqui el reporte:

      Malwarebytes Anti-Rootkit BETA 1.10.3.1001
      www.malwarebytes.org

      Database version:
      main: v2018.03.17.04
      rootkit: v2018.03.08.03

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 11.0.9600.18837
      Eduardo :: EDUARDO-PC [administrator]

      17/03/2018 20:00:35
      mbar-log-2018-03-17 (20-00-35).txt

      Scan type: Quick scan
      Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
      Scan options disabled:
      Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
      Objects scanned: 435848
      Time elapsed: 49 minute(s), 41 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      Physical Sectors Detected: 0
      (No malicious items detected)

      (end)

      Saludos
      Eduardo

    4. #14
      Usuario Avatar de fototravesias
      Registrado
      nov 2007
      Ubicación
      argentina
      Mensajes
      93

      re: Avast ~ Escudo de comportamiento no se activa (Solucionado)

      ya que no dio infección seguí con el siguiente paso, aquí el resumen:

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 17/3/18
      Hora del análisis: 20:58
      Archivo de registro: 1ad3fdc0-2a3f-11e8-8e52-00306702e7a6.json
      Administrador: Sí

      -Información del software-
      Versión: 3.4.4.2398
      Versión de los componentes: 1.0.322
      Versión del paquete de actualización: 1.0.4396
      Licencia: Prueba

      -Información del sistema-
      SO: Windows 7 Service Pack 1
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: Eduardo-PC\Eduardo

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Resultado: Completado
      Objetos analizados: 494469
      Amenazas detectadas: 0
      (No hay elementos maliciosos detectados)
      Amenazas en cuarentena: 0
      (No hay elementos maliciosos detectados)
      Tiempo transcurrido: 18 min, 42 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Desactivado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 0
      (No hay elementos maliciosos detectados)

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 0
      (No hay elementos maliciosos detectados)

      Archivo: 0
      (No hay elementos maliciosos detectados)

      Sector físico: 0
      (No hay elementos maliciosos detectados)


      (end)

    5. #15
      Usuario Avatar de fototravesias
      Registrado
      nov 2007
      Ubicación
      argentina
      Mensajes
      93

      re: Avast ~ Escudo de comportamiento no se activa (Solucionado)

      el reporte del 3er paso:

      ~ ZHPCleaner v2018.3.16.51 by Nicolas Coolman (2018/03/16)
      ~ Run by Eduardo (Administrator) (17/03/2018 22:21:15)
      ~ Web: https://www.nicolascoolman.com
      ~ Blog: https://nicolascoolman.eu/
      ~ Facebook : https://www.facebook.com/nicolascoolman1
      ~ State version : Version OK
      ~ Certificate ZHPCleaner: Legal
      ~ Type : Scanner
      ~ Report : C:\Users\Eduardo\Desktop\ZHPCleaner.txt
      ~ Quarantine : C:\Users\Eduardo\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
      ~ UAC : Activate
      ~ Boot Mode : Normal (Normal boot)
      Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)

      ---\ Alternate Data Stream (ADS). (0)
      ~ No malintencionados o innecesarios artículos encontrados. (ADS)

      ---\ Servicios (0)
      ~ No malintencionados o innecesarios artículos encontrados. (Servicio)

      ---\ Navegadores de Internet (4)
      ENCONTRADOS: [4b59whlu.default] - user_pref('extensions.dealply.channel', '_iron2'); =>PUP.Optional.Dealply
      ENCONTRADOS: [4b59whlu.default] - user_pref('extensions.dealply.installId', '_3191102416088087022469515050419423104694045'); =>PUP.Optional.Dealply
      ENCONTRADOS: [4b59whlu.default] - user_pref('extensions.dealply.installIdSource', '_inst'); =>PUP.Optional.Dealply
      ENCONTRADOS: [4b59whlu.default] - user_pref('extensions.dealply.partner', '_iron'); =>PUP.Optional.Dealply

      ---\ Hosts carpeta (1)
      ~ El archivo hosts es legítimo (1)

      ---\ Tareas automáticas programadas. (0)
      ~ No malintencionados o innecesarios artículos encontrados. (Tarea)

      ---\ Explorador ( Archivos, Carpetas ) (47)
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Roaming\PDAppFlex =>Trojan.Elpman
      ENCONTRADOS carpeta: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS
      ENCONTRADOS carpeta: C:\Program Files (x86)\FoxTabPDFConverter\cc2.db3 =>.SUP.FoxtabPDFConverter
      ENCONTRADOS carpeta: C:\Program Files (x86)\FoxTabPDFConverter\ftpdf_inst.exe =>.SUP.FoxtabPDFConverter
      ENCONTRADOS carpeta: C:\Program Files (x86)\FoxTabPDFConverter\gsdll32.dll =>.SUP.FoxtabPDFConverter
      ENCONTRADOS archivo: C:\Program Files (x86)\FoxTabPDFConverter\DriverFiles =>.SUP.FoxtabPDFConverter
      ENCONTRADOS archivo: C:\Program Files (x86)\FoxTabPDFConverter\fonts =>.SUP.FoxtabPDFConverter
      ENCONTRADOS archivo: C:\Program Files (x86)\FoxTabPDFConverter\Images =>.SUP.FoxtabPDFConverter
      ENCONTRADOS archivo: C:\Program Files (x86)\FoxTabPDFConverter\lib =>.SUP.FoxtabPDFConverter
      ENCONTRADOS archivo: C:\Program Files (x86)\FoxTabPDFConverter\Uninstall =>.SUP.FoxtabPDFConverter
      ENCONTRADOS archivo: C:\Program Files (x86)\Webteh\BSPlayer =>.SUP.ABTeam
      ENCONTRADOS archivo: C:\Program Files (x86)\FoxTabPDFConverter =>.SUP.FoxtabPDFConverter
      ENCONTRADOS archivo: C:\Program Files (x86)\Webteh =>.SUP.ABTeam
      ENCONTRADOS archivo: C:\Program Files (x86)\Common Files\Akamai =>.SUP.AkamaiHD
      ENCONTRADOS carpeta: C:\ProgramData\Microsoft Toolkit\Settings.xml =>HackTool.AutoKMS
      ENCONTRADOS archivo: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
      ENCONTRADOS archivo: C:\Windows\AutoKMS =>HackTool.AutoKMS
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Akamai =>.SUP.AkamaiHD
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign0b543faed5e6fa1e =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign1bc5dd1d24f2634f =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign3049eed622b81f58 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign3098b3b718acb98c =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign474c2fe610d9cf06 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign56029b329fdd478f =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign5a2d942f29d1d43d =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign5c121284e4caab30 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign5fd5bb2b97f32e99 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign6452badd4f222f48 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign6a2c7c4537c18e3f =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign7c5cac6c3092279c =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign8957b9e7d57014f8 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsign8c906ec66b74892a =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsigna55df1361cc21659 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsigna778af96d2b8c45b =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsigna95bd0231240b57f =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsignb0dd1f169f36e108 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsignbcf6fe7c32804d48 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsigncb162b10b13fa19c =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsigncd4e4bf2a99ec896 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsignce0b9ca10fe0b7c8 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsigncfa4ff0bdb3908fd =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsignee33311e5a7b8f7c =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsignf9cada535e1b08dd =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Tempzxpsignfeb2bfbb07105f65 =>.SUP.Temporary
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Temp\tmpy2gop3\gen_py =>PUP.Optional.Y2Go
      ENCONTRADOS archivo: C:\Users\Eduardo\AppData\Local\Temp\tmpy2gop3 =>PUP.Optional.Y2Go
      ENCONTRADOS archivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime

      ---\ Registro ( Claves, Valores, Datos) (1)
      ENCONTRADOS clave: HKCU\Software\undefined [] =>.SUP.Downloader

      ---\ Resumen de elementos en su estación de trabajo (10)
      https://www.nicolascoolman.com/fr/pup-dealply/ =>PUP.Optional.Dealply
      https://nicolascoolman.eu/2017/09/23/trojan-elpman/ =>Trojan.Elpman
      https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
      https://nicolascoolman.eu/2017/12/02...bpdfconverter/ =>.SUP.FoxtabPDFConverter
      https://nicolascoolman.eu/2017/01/20...els-superflus/ =>.SUP.ABTeam
      https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD
      https://nicolascoolman.eu/2017/01/20...els-superflus/ =>.SUP.Temporary
      https://nicolascoolman.eu/2017/04/08/pup-optional-y2go/ =>PUP.Optional.Y2Go
      https://nicolascoolman.eu/2017/01/15...are-quicktime/ =>Riskware.QuickTime
      https://nicolascoolman.eu/2017/12/22/sup-downloader/ =>.SUP.Downloader

      ---\ Resultado de la reparación.
      ~ ninguna reparación hecha
      ~ falta este navegador! (Opera Software)

      ---\ STATISTIQUES
      ~ Items escaneado : 75383
      ~ Items encontrado : 56
      ~ artículos cancelados : 0
      ~ Items opciones : 0/7
      ~ Ahorro de espacio (bytes) : 0
      ~ End of search in 00h07mn11s
      ZHPCleaner-[S]-17032018-22_28_26.txt

    6. #16
      Usuario Avatar de fototravesias
      Registrado
      nov 2007
      Ubicación
      argentina
      Mensajes
      93

      re: Avast ~ Escudo de comportamiento no se activa (Solucionado)

      4to paso:

      # AdwCleaner 7.0.8.0 - Logfile created on Sun Mar 18 01:51:18 2018
      # Updated on 2018/08/02 by Malwarebytes
      # Database: 2018-03-14.3
      # Running on Windows 7 Ultimate (X64)
      # Mode: scan
      # Support: https://www.malwarebytes.com/support

      ***** [ Services ] *****

      No malicious services found.

      ***** [ Folders ] *****

      No malicious folders found.

      ***** [ Files ] *****

      No malicious files found.

      ***** [ DLL ] *****

      No malicious DLLs found.

      ***** [ WMI ] *****

      No malicious WMI found.

      ***** [ Shortcuts ] *****

      No malicious shortcuts found.

      ***** [ Tasks ] *****

      No malicious tasks found.

      ***** [ Registry ] *****

      No malicious registry entries found.

      ***** [ Firefox (and derivatives) ] *****

      No malicious Firefox entries.

      ***** [ Chromium (and derivatives) ] *****

      No malicious Chromium entries.

      *************************



      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

    7. #17
      Usuario Avatar de fototravesias
      Registrado
      nov 2007
      Ubicación
      argentina
      Mensajes
      93

      re: Avast ~ Escudo de comportamiento no se activa (Solucionado)

      5to paso: ccleaner OK pase varias veces hasta que no dio nada mas.

      6to paso: 1er reporte:

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
      Ran by Eduardo (administrator) on EDUARDO-PC (17-03-2018 23:05:34)
      Running from C:\Users\Eduardo\Desktop
      Loaded Profiles: Eduardo (Available Profiles: Eduardo)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AMD) C:\Windows\System32\atiesrxx.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
      (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
      (Advanced Micro Devices, Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
      () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
      (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
      () C:\Windows\runSW.exe
      () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
      (Realtek) C:\Windows\SwUSB.exe
      () C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
      (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      (Malwarebytes) D:\Program Files\Anti-Malware\MBAMService.exe
      (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
      (Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
      () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
      () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
      (TODO: <Company name>) C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\ESP64Proxy.exe
      (InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
      (Thermaltake) C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS Level 10 M\L10mMonitor.exe
      (Advanced Micro Devices Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
      (ATI Technologies Inc.) D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      (Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
      (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
      (Malwarebytes) D:\Program Files\Anti-Malware\mbamtray.exe
      (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
      (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
      (Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
      (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
      (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
      (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
      (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
      (Piriform Ltd) D:\Program Files\CCleaner\CCleaner64.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe

      ==================== Registry (Whitelisted) ===========================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
      HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
      HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
      HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
      HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation)
      HKLM-x32\...\Run: [StartCCC] => D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
      HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
      HKLM-x32\...\Run: [Tt eSPORTS Level 10 M Gaming Mouse] => C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS Level 10 M\L10mMonitor.exe [123360 2012-12-28] (Thermaltake)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
      HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated)
      HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
      HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()
      HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
      HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
      HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [886768 2018-02-11] (Adobe Systems Incorporated)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EasySetPackage.lnk [2012-03-08]
      ShortcutTarget: EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe ()
      BootExecute: autocheck autochk * ??

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{0CCF7EFE-63CA-45E1-9F6C-FFEF5D56B113}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{A6D2A904-6D88-462F-8420-A40C6E55B347}: [DhcpNameServer] 192.168.1.1

      Internet Explorer:
      ==================
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.localstrike.net/
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
      HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
      SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
      BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
      Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
      DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
      DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
      DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
      DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

      FireFox:
      ========
      FF DefaultProfile: 4b59whlu.default
      FF ProfilePath: C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\4b59whlu.default [2018-03-17]
      FF Homepage: Mozilla\Firefox\Profiles\4b59whlu.default -> Google
      FF Extension: (Diccionario de Español/España) - C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\4b59whlu.default\Extensions\[email protected] [2017-01-11] [Legacy]
      FF Extension: (IE Tab 2 (FF 3.6+)) - C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\4b59whlu.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2017-01-11] [Legacy]
      FF Extension: (No Name) - C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\4b59whlu.default\extensions\[email protected] [not found]
      FF Extension: (No Name) - C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\4b59whlu.default\extensions\{71bfcce7-421d-4042-95d4-a585a821cbca}.xpi [not found]
      FF Extension: (No Name) - C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\4b59whlu.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [not found]
      FF ProfilePath: C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\vewtpeaf.dev-edition-default [2018-03-17]
      FF Extension: (AntiGameOrigin) - C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\vewtpeaf.dev-edition-default\Extensions\[email protected] [2014-12-06] [Legacy] [not signed]
      FF Extension: (No Name) - C:\Users\Eduardo\AppData\Roaming\Mozilla\Firefox\Profiles\vewtpeaf.dev-edition-default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [not found]
      FF ProfilePath: C:\Users\Eduardo\AppData\Roaming\KompoZer\Profiles\o54zckj6.default [2010-02-05]
      FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
      FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-03-03] ()
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems)
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-03-03] ()
      FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225196.dll [2017-02-10] (Adobe Systems, Inc.)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2010-03-07] (Nexon)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
      FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems)

      Chrome:
      =======
      CHR DefaultProfile: Default
      CHR Profile: C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default [2018-03-17]
      CHR Extension: (Presentaciones) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
      CHR Extension: (Documentos) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
      CHR Extension: (Avast Passwords) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-03-03]
      CHR Extension: (Hojas de cálculo) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-20]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
      CHR Extension: (ImTranslator: Traductor, Diccionario, Voz) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2018-03-16]
      CHR Extension: (Chrome Media Router) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-10]
      CHR HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Eduardo\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-05-21]
      CHR HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated)
      R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
      R2 AMD FUEL Service; D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
      S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
      R2 MBAMService; D:\Program Files\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
      R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
      R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
      R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
      R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] () [File not signed]
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R2 AODDriver4.1; D:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
      R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2014-02-10] (AVG Technologies)
      R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-06-02] (Glarysoft Ltd)
      R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2013-06-13] (BIOSTAR Group)
      R1 BSMEM; C:\Windows\SysWOW64\drivers\BSMEM.sys [17024 2013-06-13] (BIOSTAR Group) [File not signed]
      S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-12-20] (Devguru Co., Ltd)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [76200 2018-01-18] ()
      S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed]
      R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-10-15] (Glarysoft Ltd)
      U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
      R1 ISODrive; D:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2009-02-10] (EZB Systems, Inc.)
      S3 LGDDCDevice; C:\Windows\SysWOW64\LGI2CDriver.sys [16384 2009-12-22] (LG Soft India) [File not signed]
      S3 LGII2CDevice; C:\Windows\SysWOW64\LGPII2CDriver.sys [19456 2009-12-22] (LG Soft India) [File not signed]
      R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193248 2018-03-17] (Malwarebytes)
      R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [109800 2018-03-17] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-03-17] (Malwarebytes)
      R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [92280 2018-03-17] (Malwarebytes)
      S3 qcusbser-forge; C:\Windows\System32\DRIVERS\qcusbser.sys [247872 2015-06-17] (FORGE Incorporated)
      S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
      S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
      R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [5617680 2016-12-05] (Realtek Semiconductor Corporation )
      R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-02-17] ()
      S3 Spyder2; C:\Windows\System32\DRIVERS\Spyder2.sys [15360 2007-01-17] ()
      S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
      R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] ()
      S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X]
      S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
      S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
      S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
      S3 catchme; \??\C:\ComboFix\catchme.sys [X]
      S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
      S3 RkPavproc1; \??\C:\Windows\system32\drivers\RkPavproc1.sys [X]
      S0 roesocw; System32\drivers\vuudqkn.sys [X]
      S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
      S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-03-17 23:05 - 2018-03-17 23:05 - 000020500 _____ C:\Users\Eduardo\Desktop\FRST.txt
      2018-03-17 23:05 - 2018-03-17 23:05 - 000000000 ____D C:\FRST
      2018-03-17 23:04 - 2018-03-17 23:04 - 000001236 _____ C:\Users\Eduardo\Documents\cc_20180317_230401.reg
      2018-03-17 23:03 - 2018-03-17 23:03 - 000009704 _____ C:\Users\Eduardo\Documents\cc_20180317_230314.reg
      2018-03-17 22:53 - 2018-03-17 22:53 - 002403328 _____ (Farbar) C:\Users\Eduardo\Desktop\FRST64.exe
      2018-03-17 22:49 - 2018-03-17 22:51 - 000000000 ____D C:\AdwCleaner
      2018-03-17 22:28 - 2018-03-17 22:47 - 000016567 _____ C:\Users\Eduardo\Desktop\ZHPCleaner.html
      2018-03-17 22:28 - 2018-03-17 22:47 - 000001695 _____ C:\Users\Eduardo\Desktop\ZHPCleaner.txt
      2018-03-17 22:20 - 2018-03-17 22:47 - 000000000 ____D C:\Users\Eduardo\AppData\Roaming\ZHP
      2018-03-17 22:20 - 2018-03-17 22:20 - 000000846 _____ C:\Users\Eduardo\Desktop\ZHPCleaner.lnk
      2018-03-17 22:20 - 2018-03-17 22:20 - 000000000 ____D C:\Users\Eduardo\AppData\Local\ZHP
      2018-03-17 20:57 - 2018-03-17 22:38 - 000109800 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2018-03-17 20:57 - 2018-03-17 22:36 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2018-03-17 20:57 - 2018-03-17 22:36 - 000092280 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2018-03-17 20:57 - 2018-03-17 20:57 - 000193248 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2018-03-17 20:57 - 2018-03-17 20:57 - 000000777 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2018-03-17 20:57 - 2018-03-17 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2018-03-17 20:57 - 2018-01-18 09:03 - 000076200 _____ C:\Windows\system32\Drivers\mbae64.sys
      2018-03-17 20:00 - 2018-03-17 20:57 - 000000000 ____D C:\ProgramData\Malwarebytes
      2018-03-17 20:00 - 2018-03-17 20:00 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\5F839429.sys
      2018-03-17 19:59 - 2018-03-17 20:51 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
      2018-03-17 19:58 - 2018-03-17 20:51 - 000000000 ____D C:\Users\Eduardo\Desktop\mbar
      2018-02-27 08:21 - 2018-03-17 22:56 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
      2018-02-19 10:17 - 2018-02-19 10:17 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
      2018-02-19 10:17 - 2018-02-19 10:17 - 000001224 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2018-03-17 23:00 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
      2018-03-17 22:58 - 2009-07-14 01:45 - 000042144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-03-17 22:58 - 2009-07-14 01:45 - 000042144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-03-17 22:55 - 2017-09-23 22:24 - 000000701 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2018-03-17 22:39 - 2009-11-07 00:03 - 000000000 ____D C:\Users\Eduardo\AppData\Local\Adobe
      2018-03-17 22:38 - 2014-06-15 10:30 - 000000000 ___RD C:\Users\Eduardo\Google Drive
      2018-03-17 22:35 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-03-17 19:55 - 2017-02-13 23:01 - 000000000 ____D C:\ProgramData\AVAST Software
      2018-03-10 07:01 - 2011-03-05 08:28 - 000000000 ___HD C:\AdobeTemp
      2018-03-03 19:11 - 2012-04-01 09:45 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2018-03-03 19:11 - 2011-11-17 21:22 - 000000000 ____D C:\Windows\system32\Macromed
      2018-03-03 19:11 - 2011-05-14 13:25 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2018-03-03 19:11 - 2009-11-04 23:12 - 000000000 ____D C:\Users\Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
      2018-03-03 19:11 - 2009-11-04 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
      2018-03-03 19:11 - 2009-03-26 13:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2018-03-01 09:27 - 2009-07-14 02:08 - 000032522 _____ C:\Windows\Tasks\SCHEDLGU.TXT
      2018-02-27 07:49 - 2017-09-19 12:57 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
      2018-02-27 07:49 - 2015-11-07 08:18 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
      2018-02-27 07:48 - 2017-05-20 10:52 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-02-27 07:48 - 2017-05-20 10:52 - 000002192 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-02-19 10:17 - 2009-11-07 00:05 - 000000000 ____D C:\Program Files (x86)\Adobe
      2018-02-19 09:51 - 2009-11-07 13:57 - 000000000 ____D C:\Program Files\Common Files\Adobe
      2018-02-19 09:49 - 2017-11-07 03:55 - 000000759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2018.lnk

      ==================== Files in the root of some directories =======

      2012-03-22 23:01 - 2012-03-22 23:01 - 000021368 _____ (Schneider Electric) C:\Users\Eduardo\en_res.dll
      2012-03-22 23:01 - 2012-03-22 23:01 - 000021368 _____ (Schneider Electric) C:\Users\Eduardo\es_res.dll
      2012-03-22 23:01 - 2012-03-22 23:01 - 000021880 _____ (Schneider Electric) C:\Users\Eduardo\fr_res.dll
      2012-03-22 23:01 - 2012-03-22 23:01 - 000021880 _____ (Schneider Electric) C:\Users\Eduardo\grm_res.dll
      2012-03-22 23:01 - 2012-03-22 23:01 - 000021368 _____ (Schneider Electric) C:\Users\Eduardo\it_res.dll
      2012-03-22 23:01 - 2012-03-22 23:01 - 000020344 _____ (Schneider Electric) C:\Users\Eduardo\jp_res.dll
      2012-03-22 23:01 - 2012-03-22 23:01 - 001079808 _____ (Microsoft Corporation) C:\Users\Eduardo\mfc80u.dll
      2012-03-22 23:01 - 2012-03-22 23:01 - 000626688 _____ (Microsoft Corporation) C:\Users\Eduardo\msvcr80.dll
      2012-03-22 23:01 - 2012-03-22 23:01 - 013923704 _____ (Schneider Electric) C:\Users\Eduardo\PCPE Setup.exe
      2012-03-22 23:01 - 2012-03-22 23:01 - 000021368 _____ (Schneider Electric) C:\Users\Eduardo\pt_res.dll
      2012-03-22 23:01 - 2012-03-22 23:01 - 000020856 _____ (Schneider Electric) C:\Users\Eduardo\ru_res.dll
      2012-03-22 23:01 - 2012-03-22 23:01 - 000019832 _____ (Schneider Electric) C:\Users\Eduardo\zh_res.dll
      2011-06-20 22:00 - 2011-06-20 22:00 - 000000132 _____ () C:\Users\Eduardo\AppData\Roaming\Adobe BMP Format CS5 Prefs
      2017-09-01 22:43 - 2017-11-06 21:47 - 000000033 _____ () C:\Users\Eduardo\AppData\Roaming\AdobeWLCMCache.dat
      2013-03-23 15:59 - 2013-03-23 16:20 - 000007859 _____ () C:\Users\Eduardo\AppData\Roaming\pcouffin.cat
      2013-03-23 15:59 - 2013-03-23 16:20 - 000001167 _____ () C:\Users\Eduardo\AppData\Roaming\pcouffin.inf
      2013-03-23 15:59 - 2013-03-23 16:20 - 000000055 _____ () C:\Users\Eduardo\AppData\Roaming\pcouffin.log
      2013-03-23 15:59 - 2013-03-23 16:20 - 000082816 _____ (VSO Software) C:\Users\Eduardo\AppData\Roaming\pcouffin.sys
      2011-05-24 21:14 - 2011-12-31 09:44 - 000000693 _____ () C:\Users\Eduardo\AppData\Roaming\Rim.Desktop.Exception.log
      2011-05-24 21:14 - 2012-01-03 22:14 - 000003125 _____ () C:\Users\Eduardo\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
      2011-07-08 12:02 - 2011-12-31 09:44 - 000000385 _____ () C:\Users\Eduardo\AppData\Roaming\Rim.DesktopHelper.Exception.log
      2013-08-25 10:36 - 2013-08-25 10:36 - 000000055 _____ () C:\Users\Eduardo\AppData\Roaming\WB.CFG
      2013-06-20 10:36 - 2013-06-20 10:36 - 000000005 _____ () C:\Users\Eduardo\AppData\Roaming\WBPU-TTL.DAT
      2013-07-10 08:00 - 2013-07-10 08:01 - 145388814 _____ () C:\Users\Eduardo\AppData\Local\ACCCx183.zip.aamdownload
      2013-07-10 08:00 - 2013-07-10 08:01 - 000001811 _____ () C:\Users\Eduardo\AppData\Local\ACCCx183.zip.aamdownload.aamd
      2011-05-15 20:15 - 2013-06-28 22:35 - 000001456 _____ () C:\Users\Eduardo\AppData\Local\Adobe Guardar para Web 12.0 Prefs
      2013-08-28 13:47 - 2015-01-17 20:58 - 000001456 _____ () C:\Users\Eduardo\AppData\Local\Adobe Guardar para Web 13.0 Prefs
      2013-09-10 22:25 - 2013-09-10 22:25 - 000134789 _____ () C:\Users\Eduardo\AppData\Local\ars.cache
      2013-09-10 22:25 - 2013-09-10 22:25 - 000271936 _____ () C:\Users\Eduardo\AppData\Local\census.cache
      2010-06-24 19:36 - 2012-09-02 19:30 - 000006656 _____ () C:\Users\Eduardo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2013-09-10 21:56 - 2013-09-10 21:56 - 000000036 _____ () C:\Users\Eduardo\AppData\Local\housecall.guid.cache
      2017-05-21 12:07 - 2017-05-21 12:07 - 000001467 _____ () C:\Users\Eduardo\AppData\Local\recently-used.xbel
      2009-11-12 18:46 - 2009-11-12 18:46 - 000000017 _____ () C:\Users\Eduardo\AppData\Local\resmon.resmoncfg
      2017-05-22 18:46 - 2017-05-22 18:46 - 000000000 _____ () C:\Users\Eduardo\AppData\Local\{31839430-7A4C-49EB-B3B0-72184A50CC12}
      2017-05-19 22:01 - 2017-05-19 22:01 - 000000000 _____ () C:\Users\Eduardo\AppData\Local\{58B99BEA-0F6E-4BA7-A2C7-926CE480AF2C}
      2017-05-28 17:24 - 2017-05-28 17:24 - 000000000 _____ () C:\Users\Eduardo\AppData\Local\{659F5833-FD20-449E-A62E-6C77EF70A846}
      2016-08-24 21:43 - 2016-08-24 21:43 - 000000000 _____ () C:\Users\Eduardo\AppData\Local\{6B97143A-9C04-4067-917C-37775A38C55C}
      2017-05-18 21:52 - 2017-05-18 21:52 - 000000000 _____ () C:\Users\Eduardo\AppData\Local\{6EAA7252-B290-4162-85FE-7185579535B4}
      2017-05-14 16:30 - 2017-05-14 16:30 - 000000000 _____ () C:\Users\Eduardo\AppData\Local\{70F60EEC-50D9-4198-B0A2-5BEB69E0654D}
      2017-05-25 20:19 - 2017-05-25 20:19 - 000000000 _____ () C:\Users\Eduardo\AppData\Local\{935FEF8B-3996-48CA-8FA3-7CD4E3462DD1}
      2017-05-16 19:28 - 2017-05-16 19:28 - 000000000 _____ () C:\Users\Eduardo\AppData\Local\{9714A92B-50CD-4EF0-9CD6-D4148EFBCED8}
      2017-05-26 22:34 - 2017-05-26 22:34 - 000000000 _____ () C:\Users\Eduardo\AppData\Local\{FCDA4050-54A2-4AD2-BAFD-D53AE1F3C526}

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2018-03-17 21:52

      ==================== End of FRST.txt ============================

    8. #18
      Usuario Avatar de fototravesias
      Registrado
      nov 2007
      Ubicación
      argentina
      Mensajes
      93

      re: Avast ~ Escudo de comportamiento no se activa (Solucionado)

      6to paso: 2do reporte (parte 1)

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
      Ran by Eduardo (17-03-2018 23:06:09)
      Running from C:\Users\Eduardo\Desktop
      Windows 7 Ultimate Service Pack 1 (X64) (2009-03-26 15:22:41)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-3706722725-1827043171-3028750297-500 - Administrator - Disabled)
      Eduardo (S-1-5-21-3706722725-1827043171-3028750297-1000 - Administrator - Enabled) => C:\Users\Eduardo
      HomeGroupUser$ (S-1-5-21-3706722725-1827043171-3028750297-1003 - Limited - Enabled)
      Invitado (S-1-5-21-3706722725-1827043171-3028750297-501 - Limited - Enabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
      Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
      Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_1) (Version: 15.0.1 - Adobe Systems Incorporated)
      Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
      Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
      Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.1.298 - Adobe Systems Incorporated)
      Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
      Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
      Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_0_1) (Version: 12.0.1 - Adobe Systems Incorporated)
      Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
      Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_1) (Version: 19.1.1 - Adobe Systems Incorporated)
      Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_1) (Version: 12.0.1 - Adobe Systems Incorporated)
      Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.196 - Adobe Systems, Inc.)
      ADSLNet Navigation Tools (HKLM-x32\...\{4A037D51-E073-490E-97BC-AE61B7A4B554}) (Version: 3.1.0.3399 - ADSLNet)
      Algebrator 4.0 (HKLM-x32\...\Algebrator_is1) (Version: - SoftMath Inc)
      AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
      Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
      ASUS USB-AC68 WLAN Card Driver (HKLM-x32\...\{56A6C59A-E783-41CB-A5F9-9240CA3C6B87}) (Version: 2.1.3.9 - ASUS)
      ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.8.0 - ASUS)
      AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
      AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
      AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
      Backup and Sync from Google (HKLM-x32\...\{AC62F3F2-61A2-4357-93EC-C308E3FEDF4E}) (Version: 3.39.8370.7843 - Google, Inc.)
      CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
      Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.53.0 - OEM) Hidden
      ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
      CoreAVC Professional Edition (remove only) (HKLM-x32\...\CoreAVC Professional Edition) (Version: - )
      D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
      Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
      DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
      EasySetPackage (HKLM-x32\...\{266725C1-716F-43AC-BBFB-4201131ED656}) (Version: 2.4 - LG Soft India)
      FastPictureViewer WIC Codec Pack 1.40 (HKLM-x32\...\{FBF66A8C-39A9-4079-911F-1AA8845AD907}) (Version: 1.40.0.0 - Axel Rietschin Software Developments)
      foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski)
      Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
      Garmin POI Loader (HKLM-x32\...\{D181A318-28DF-4B83-8F13-24C2D0BDA12D}) (Version: 2.6.1.0 - Garmin Ltd or its subsidiaries)
      Garmin Training Center (HKLM-x32\...\{7D542452-84EB-47C0-97BA-735C523AB555}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries)
      Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
      Garmin WebUpdater (HKLM-x32\...\{F4DA4C73-026F-4D38-8C6B-85F0193E4B56}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
      Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
      Hewlett-Packard ACLM.NET v1.1.0.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
      HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
      HWiNFO64 Version 5.02 (HKLM\...\HWiNFO64_is1) (Version: 5.02 - Martin Malík - REALiX)
      Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
      Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
      LCDTester (HKLM-x32\...\LCDTester_is1) (Version: - Spacejock Software)
      Magic Berry (HKLM-x32\...\ST6UNST #1) (Version: - )
      Malwarebytes versión 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
      Mapear V12.4 versión 12.4 (HKLM-x32\...\{07D9EFFE-79DC-4ACA-8417-16E42B821BD6}_is1) (Version: 12.4 - Proyectomapear)
      Microsoft .NET Framework 4.7 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02053 - Microsoft Corporation)
      Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
      Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
      Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
      Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
      Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
      Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
      Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
      Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
      Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
      Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
      Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
      Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
      MKVToolNix 9.2.0 (64bit) [20160504-01204] (HKLM-x32\...\MKVToolNix) (Version: 9.2.0 - Moritz Bunkus)
      MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
      MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
      Nero - Burning Rom (HKLM-x32\...\{A4D7B764-4140-11D4-88EB-0050DA3579C0}) (Version: 5.5.9.9 - ahead software gmbh)
      PC Connectivity Solution 64-bit components (HKLM\...\{DDC742CC-2382-4E49-8B59-A6EC368F94D4}) (Version: 6.43.14.0 - Nokia) Hidden
      POISelector (HKLM-x32\...\{CEEAA2C6-011D-4ECA-B83D-21D829E68E8D}) (Version: 1.6.0 - EAA)
      PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
      qBittorrent 3.3.4 (HKLM-x32\...\qBittorrent) (Version: 3.3.4 - The qBittorrent project)
      QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7164 - Realtek Semiconductor Corp.)
      Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
      Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
      Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.06.07 - Samsung Electronics Co., Ltd.)
      Samsung ML-2160 Series (HKLM-x32\...\Samsung ML-2160 Series) (Version: 1.08 (24/08/2012) - Samsung Electronics Co., Ltd.)
      Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
      Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
      Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
      Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
      SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
      Tt eSPORTS Level 10 M (HKLM-x32\...\{F1D9C0F0-EA26-46E3-8FFB-9644462E8615}) (Version: 1.0.0 - Tt eSPORTS)
      Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.32 - Tweaking.com)
      UltraISO Premium V9.35 (HKLM-x32\...\UltraISO_is1) (Version: - )
      Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
      Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
      Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
      WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
      XMedia Recode version 3.1.4.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.4.9 - XMedia Recode)
      Zonas Peligrosas (HKLM-x32\...\ZonasPeligrosas) (Version: - )

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      CustomCLSID: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
      ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
      ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
      ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
      ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
      ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
      ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
      ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
      ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
      ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
      ContextMenuHandlers1: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => -> No File
      ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2012-03-23] (Online Media Technologies Ltd.)
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
      ContextMenuHandlers2: [InCDShellExt] -> {09bffb91-ecda-4149-bcfd-d87a345c219e} => -> No File
      ContextMenuHandlers2: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => -> No File
      ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => D:\Program Files (x86)\UltraISO\isoshl64.dll [2009-04-02] (EZB Systems, Inc.)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
      ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
      ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
      ContextMenuHandlers4: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => -> No File
      ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
      ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => D:\Program Files (x86)\UltraISO\isoshl64.dll [2009-04-02] (EZB Systems, Inc.)
      ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.)
      ContextMenuHandlers5-x32: [ESPDesktopMenu] -> {D2F1CE69-EA7F-4E8D-A0FB-D3DC3039A444} => C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\ESPContextMenu.dll [2009-12-16] ()
      ContextMenuHandlers5-x32: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => -> No File
      ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
      ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
      ContextMenuHandlers6: [NBHShellExt] -> {8D2223A2-B3C6-4e32-B096-CDD11F628C60} => -> No File
      ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
      ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => D:\Program Files (x86)\UltraISO\isoshl64.dll [2009-04-02] (EZB Systems, Inc.)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {3869604E-EC32-4036-9D09-8979B1B0857E} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
      Task: {38E3515A-FF32-4D03-9031-5C5CBE49B6A2} - System32\Tasks\AdobeAAMUpdater-1.0-Eduardo-PC-Eduardo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
      Task: {3D780733-6F57-4955-BD1B-711DECAF1121} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
      Task: {4D5B426D-F378-4499-80E0-010371606D7F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
      Task: {6321D5F0-7A6F-46CF-8416-558B41C13A86} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
      Task: {70A3CE7C-9D31-493E-A564-B6BFC1367FD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
      Task: {773A38A0-41DA-4615-A484-37901C48EA5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-03] (Adobe Systems Incorporated)
      Task: {7B4C83F0-89A1-45B3-BFA9-1EDBD42B89AA} - System32\Tasks\CCleaner Update => D:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
      Task: {87A211B6-ED67-4FAF-984B-058501F51B29} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe
      Task: {9461DC48-2FAE-4E48-96B0-788B8D42190B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
      Task: {963854D4-FF64-42BD-9B45-EF23BB45DA1B} - System32\Tasks\AdobeGCInvoker-1.0-Eduardo-PC-Eduardo => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
      Task: {BA17B42A-D7DD-4768-AE0B-D4F9D3BFD5D4} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
      Task: {C8AB00EB-B0D2-414C-BC60-86A0FE3404E4} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
      Task: {E05C4363-89B8-4D90-B05D-7C2EF1B90261} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      Task: C:\Windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)Tweaking.com - Windows Repair)Created By Tweaking.com

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ==================== Loaded Modules (Whitelisted) ==============

      2011-04-25 11:24 - 2011-04-25 11:24 - 000034304 _____ () C:\Windows\System32\ssj1mlm.dll
      2012-03-08 23:00 - 2009-12-04 17:15 - 000062976 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK64.dll
      2018-02-10 01:12 - 2018-02-10 01:12 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
      2013-04-29 23:25 - 2013-04-29 23:25 - 000073728 _____ () D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
      2010-12-17 18:13 - 2010-12-17 18:13 - 000438784 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
      2010-12-17 18:13 - 2010-12-17 18:13 - 000050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
      2017-12-01 12:31 - 2014-12-12 17:24 - 000044760 _____ () C:\Windows\runSW.exe
      2018-01-29 12:42 - 2018-01-29 12:42 - 041100328 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
      2017-04-29 14:32 - 2010-08-10 21:37 - 000334848 _____ () C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
      2018-03-17 20:57 - 2018-03-01 11:31 - 002488608 _____ () D:\PROGRAM FILES\ANTI-MALWARE\MwacLib.dll
      2018-03-17 20:57 - 2018-02-05 15:44 - 002299168 _____ () D:\PROGRAM FILES\ANTI-MALWARE\SelfProtectionSdk.dll
      2012-03-08 23:00 - 2009-12-22 12:30 - 000159744 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
      2012-03-08 23:00 - 2009-12-22 12:31 - 000024576 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
      2013-04-29 23:25 - 2013-04-29 23:25 - 000103424 _____ () D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
      2013-06-18 15:49 - 2013-06-18 15:49 - 000016384 _____ () D:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
      2013-04-29 23:08 - 2013-04-29 23:08 - 000369152 _____ () D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
      2018-02-27 20:08 - 2018-02-27 20:08 - 034523072 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
      2012-03-08 23:00 - 2009-12-22 12:30 - 000057344 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK.dll
      2015-02-15 09:57 - 2017-11-29 02:09 - 000781088 _____ () D:\Program Files (x86)\Steam\SDL2.dll
      2015-02-15 09:57 - 2016-08-31 22:02 - 004969248 _____ () D:\Program Files (x86)\Steam\v8.dll
      2015-02-15 09:57 - 2016-08-31 22:02 - 001563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
      2015-02-15 09:57 - 2016-08-31 22:02 - 001195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
      2015-02-15 09:57 - 2017-12-15 16:59 - 002558752 _____ () D:\Program Files (x86)\Steam\video.dll
      2017-12-31 11:33 - 2017-11-03 22:54 - 005137696 _____ () D:\Program Files (x86)\Steam\libavcodec-57.dll
      2017-12-31 11:33 - 2017-11-03 22:54 - 000847136 _____ () D:\Program Files (x86)\Steam\libavutil-55.dll
      2017-12-31 11:33 - 2017-11-03 22:54 - 000695584 _____ () D:\Program Files (x86)\Steam\libavformat-57.dll
      2017-12-31 11:33 - 2017-11-03 22:54 - 000351520 _____ () D:\Program Files (x86)\Steam\libavresample-3.dll
      2017-12-31 11:33 - 2017-11-03 22:54 - 000783648 _____ () D:\Program Files (x86)\Steam\libswscale-4.dll
      2015-02-15 09:57 - 2017-12-15 16:59 - 000904992 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
      2016-03-11 22:05 - 2016-07-04 19:17 - 000266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
      2012-03-08 23:00 - 2009-12-22 12:30 - 000012288 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\SpaRes.dll
      2017-06-20 11:55 - 2012-12-27 17:36 - 001343488 _____ () C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS Level 10 M\L10MOsd.dll
      2018-02-14 05:03 - 2018-02-14 05:03 - 067115984 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
      2017-06-08 21:30 - 2017-09-06 23:04 - 000678400 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
      2016-12-12 22:15 - 2017-10-31 01:44 - 071471904 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
      2015-02-15 09:57 - 2015-09-24 20:52 - 000119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
      2018-03-17 22:36 - 2018-03-17 22:36 - 000088064 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\_ctypes.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000069120 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\bz2.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000920064 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\_hashlib.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000098816 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32api.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000110080 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\pywintypes27.dll
      2018-03-17 22:36 - 2018-03-17 22:36 - 000364544 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\pythoncom27.dll
      2018-03-17 22:36 - 2018-03-17 22:36 - 000686080 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\unicodedata.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000320512 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32com.shell.shell.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 001177088 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\wx._core_.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000806912 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\wx._gdi_.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000816640 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\wx._windows_.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 001067520 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\wx._controls_.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000733696 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\wx._misc_.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000736256 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\pysqlite2._sqlite.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000119808 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32file.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000108544 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32security.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000007168 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\hashobjs_ext.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000017920 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\thumbnails_ext.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000082432 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\usb_ext.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000013824 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\common.time34.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000018432 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32event.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000027648 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\windows.conditional.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000017408 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\windows.winwrap.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000089088 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\windows.volumes.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000167936 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32gui.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000046080 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\_socket.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 001311232 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\_ssl.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000135680 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\_elementtree.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000133632 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\pyexpat.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000038912 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32inet.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000077824 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\wx._html2.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000036864 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\_psutil_windows.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000524248 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\windows._lib_cacheinvalidation.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000010240 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\select.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000011264 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32crypt.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000218624 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\PIL._imaging.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000027648 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\_multiprocessing.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000020480 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\_yappi.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000035840 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32process.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000024064 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32pipe.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000025600 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32pdh.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000059392 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\windows.device_monitor.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000017408 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32profile.pyd
      2018-03-17 22:36 - 2018-03-17 22:36 - 000022528 _____ () C:\Users\Eduardo\AppData\Local\Temp\_MEI23442\win32ts.pyd
      2018-01-30 08:38 - 2018-01-30 08:38 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
      2018-01-30 08:39 - 2018-01-30 08:39 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
      2018-01-30 08:38 - 2018-01-30 08:38 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
      2018-01-30 08:38 - 2018-01-30 08:38 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
      2018-02-14 05:26 - 2018-02-14 05:26 - 000111056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
      2018-01-30 08:38 - 2018-01-30 08:38 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
      2018-02-14 05:20 - 2018-02-14 05:20 - 000125904 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
      2018-02-14 05:20 - 2018-02-14 05:20 - 000125392 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
      2018-02-14 05:20 - 2018-02-14 05:20 - 000133072 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
      2018-02-14 05:20 - 2018-02-14 05:20 - 000222160 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
      2018-02-14 05:20 - 2018-02-14 05:20 - 000111064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
      2018-02-14 05:20 - 2018-02-14 05:20 - 000106456 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
      2018-02-14 05:20 - 2018-02-14 05:20 - 000094168 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 [322]
      AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A [236]
      AlternateDataStreams: C:\ProgramData\TEMP:A5A1816B [320]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)

      IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
      IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
      IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
      IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
      IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
      IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
      IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
      IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> 1-2005-search.com
      IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
      IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> 1000gratisproben.com
      IE restricted site: HKU\.DEFAULT\...\1001namen.com -> 1001 Namen
      IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
      IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
      IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
      IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
      IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
      IE restricted site: HKU\.DEFAULT\...\123fporn.info -> Dangers related to **** sites | **** related viruses
      IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
      IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> 123Movies Best Movies
      IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

      There are 7901 more sites.

      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\007guard.com -> install.007guard.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\008i.com -> 008i.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\008k.com -> 008k.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\00hq.com -> www.00hq.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\010402.com -> 010402.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\0scan.com -> www.0scan.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\1-2005-search.com -> 1-2005-search.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\1000gratisproben.com -> 1000gratisproben.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\1001namen.com -> 1001 Namen
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\100888290cs.com -> mir.100888290cs.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\100sexlinks.com -> 100sexlinks.com*-*This website is for sale!*-*Sexlinks Resources and Information.
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\10sek.com -> www.10sek.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\12-26.net -> user1.12-26.net
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\12-27.net -> user1.12-27.net
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\123fporn.info -> Dangers related to **** sites | **** related viruses
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\123moviedownload.com -> 123Movies Best Movies
      IE restricted site: HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\...\123simsen.com -> www.123simsen.com

      There are 7899 more sites.


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2011-09-16 14:32 - 2017-05-27 16:47 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

      127.0.0.1 localhost

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-3706722725-1827043171-3028750297-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Eduardo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
      DNS Servers: 192.168.1.1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\Services: APC Data Service => 2
      MSCONFIG\Services: APC UPS Service => 2
      MSCONFIG\Services: RealPlayerUpdateSvc => 2
      MSCONFIG\Services: RealTimes Desktop Service => 2
      MSCONFIG\Services: SamsungAllShare => 2
      MSCONFIG\Services: vToolbarUpdater17.3.0 => 2
      MSCONFIG\startupreg: Spotify => "C:\Users\Eduardo\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
      MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Eduardo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [TCP Query User{D308ED22-5EC9-4066-894B-7F05070813F1}C:\program files (x86)\asus\wireless router\device discovery\discovery.exe] => (Allow) C:\program files (x86)\asus\wireless router\device discovery\discovery.exe
      FirewallRules: [UDP Query User{BA84A5A4-6657-412F-91B9-D6E0A916DA44}C:\program files (x86)\asus\wireless router\device discovery\discovery.exe] => (Allow) C:\program files (x86)\asus\wireless router\device discovery\discovery.exe
      FirewallRules: [{D5299A59-307E-4220-89F4-5164D314167F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{B39A2AC1-B5DF-4E19-86D0-45D330AA90A8}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{7FA20EA4-306D-4B50-AA1A-3682B2D26892}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{2399F99D-514D-4EE2-8AE1-2C21F1EED573}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{6A93CAD2-A017-4DAF-9C4B-23D19C0BD290}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
      FirewallRules: [{AB6565F4-4B7C-4AD7-91CC-6865EBCE6DFF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
      FirewallRules: [{A78D96CE-0352-45CC-A91B-B416D0FB36F6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
      FirewallRules: [{31A18201-18B8-435A-9C67-76392E95934F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
      FirewallRules: [{FD9DCAAB-AE31-432D-988F-8A07642AECAA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
      FirewallRules: [{32050BB9-0795-4E7A-B997-CC94714CE1AB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
      FirewallRules: [{6BA53948-B879-4A59-A303-91B8F1B13AF9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

      ==================== Restore Points =========================

      01-03-2018 10:25:13 Punto de control programado
      17-03-2018 21:59:20 Punto de control programado

      ==================== Faulty Device Manager Devices =============

    9. #19
      Usuario Avatar de fototravesias
      Registrado
      nov 2007
      Ubicación
      argentina
      Mensajes
      93

      re: Avast ~ Escudo de comportamiento no se activa (Solucionado)

      2da parte

      ==================== Event log errors: =========================


      Application errors:
      ==================
      Error: (03/17/2018 07:22:50 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: isuspm.exe, versión: 3.0.100.1131, marca de tiempo: 0x40816c48
      Nombre del módulo con errores: OLEAUT32.dll, versión: 6.1.7601.23775, marca de tiempo: 0x58f4db68
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x0004dc3a
      Id. del proceso con errores: 0x654
      Hora de inicio de la aplicación con errores: 0x01d3be3e60704bce
      Ruta de acceso de la aplicación con errores: c:\program files (x86)\common files\installshield\updateservice\isuspm.exe
      Ruta de acceso del módulo con errores: C:\Windows\syswow64\OLEAUT32.dll
      Id. del informe: b9b2977c-2a31-11e8-98d1-00306702e7a6


      Error: (03/16/2018 09:27:16 PM) (Source: Windows Backup) (EventID: 4103) (User: )
      Description: La copia de seguridad no se completó debido a un error al escribir en la ubicación de copia de seguridad K:\. Error: La ubicación de copia de seguridad especificada no es válida o no se encuentra. Revise la configuración de copia de seguridad y compruebe la ubicación de copia de seguridad. (0x81000006).


      Error: (03/10/2018 07:04:03 AM) (Source: Windows Backup) (EventID: 4103) (User: )
      Description: La copia de seguridad no se completó debido a un error al escribir en la ubicación de copia de seguridad K:\. Error: La ubicación de copia de seguridad especificada no es válida o no se encuentra. Revise la configuración de copia de seguridad y compruebe la ubicación de copia de seguridad. (0x81000006).


      Error: (03/10/2018 06:55:43 AM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: isuspm.exe, versión: 3.0.100.1131, marca de tiempo: 0x40816c48
      Nombre del módulo con errores: OLEAUT32.dll, versión: 6.1.7601.23775, marca de tiempo: 0x58f4db68
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x0004dc3a
      Id. del proceso con errores: 0x1358
      Hora de inicio de la aplicación con errores: 0x01d3b855d7a2a5af
      Ruta de acceso de la aplicación con errores: c:\program files (x86)\common files\installshield\updateservice\isuspm.exe
      Ruta de acceso del módulo con errores: C:\Windows\syswow64\OLEAUT32.dll
      Id. del informe: 31db1a59-2449-11e8-895d-00306702e7a6


      Error: (02/27/2018 07:51:31 AM) (Source: Windows Backup) (EventID: 4103) (User: )
      Description: La copia de seguridad no se completó debido a un error al escribir en la ubicación de copia de seguridad K:\. Error: La ubicación de copia de seguridad especificada no es válida o no se encuentra. Revise la configuración de copia de seguridad y compruebe la ubicación de copia de seguridad. (0x81000006).


      Error: (02/27/2018 07:39:04 AM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: isuspm.exe, versión: 3.0.100.1131, marca de tiempo: 0x40816c48
      Nombre del módulo con errores: OLEAUT32.dll, versión: 6.1.7601.23775, marca de tiempo: 0x58f4db68
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x0004dc3a
      Id. del proceso con errores: 0x15c8
      Hora de inicio de la aplicación con errores: 0x01d3afb70ffe150f
      Ruta de acceso de la aplicación con errores: c:\program files (x86)\common files\installshield\updateservice\isuspm.exe
      Ruta de acceso del módulo con errores: C:\Windows\syswow64\OLEAUT32.dll
      Id. del informe: 6d8abf18-1baa-11e8-9e66-00306702e7a6


      Error: (02/19/2018 09:21:26 AM) (Source: Windows Backup) (EventID: 4103) (User: )
      Description: La copia de seguridad no se completó debido a un error al escribir en la ubicación de copia de seguridad K:\. Error: La ubicación de copia de seguridad especificada no es válida o no se encuentra. Revise la configuración de copia de seguridad y compruebe la ubicación de copia de seguridad. (0x81000006).


      Error: (02/19/2018 09:07:06 AM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: isuspm.exe, versión: 3.0.100.1131, marca de tiempo: 0x40816c48
      Nombre del módulo con errores: OLEAUT32.dll, versión: 6.1.7601.23775, marca de tiempo: 0x58f4db68
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x0004dc3a
      Id. del proceso con errores: 0xe38
      Hora de inicio de la aplicación con errores: 0x01d3a979fd23ba3e
      Ruta de acceso de la aplicación con errores: c:\program files (x86)\common files\installshield\updateservice\isuspm.exe
      Ruta de acceso del módulo con errores: C:\Windows\syswow64\OLEAUT32.dll
      Id. del informe: 66e7b133-156d-11e8-9a00-00306702e7a6




      System errors:
      =============
      Error: (03/17/2018 10:51:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.


      Error: (03/17/2018 10:51:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
      Description: Se recibió la siguiente alerta irrecuperable: 70.


      Error: (03/17/2018 10:36:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error:
      %%-2140993535


      Error: (03/17/2018 10:36:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Agrupación de red del mismo nivel depende del servicio Protocolo de resolución de nombres de mismo nivel, el cual no pudo iniciarse debido al siguiente error:
      %%-2140993535


      Error: (03/17/2018 10:36:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error:
      %%-2140993535


      Error: (03/17/2018 10:36:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Agrupación de red del mismo nivel depende del servicio Protocolo de resolución de nombres de mismo nivel, el cual no pudo iniciarse debido al siguiente error:
      %%-2140993535


      Error: (03/17/2018 10:36:06 PM) (Source: PNRPSvc) (EventID: 102) (User: )
      Description: El Protocolo de resolución de nombres de mismo nivel no se inició debido a un error de creación de la identidad predeterminada con código de error: 0x80630801.


      Error: (03/17/2018 10:36:06 PM) (Source: PNRPSvc) (EventID: 102) (User: )
      Description: El Protocolo de resolución de nombres de mismo nivel no se inició debido a un error de creación de la identidad predeterminada con código de error: 0x80630801.




      Windows Defender:
      ===================================
      Date: 2017-04-17 2200.504
      Description:
      El examen de Windows Defender se detuvo antes de completarse.
      Id. de examen:{1EE831A8-0A78-4C3A-99FE-CE4898B91B06}
      Tipo de examen:AntiSpyware
      Parámetros de examen:Examen rápido
      Usuario:Eduardo-PC\Eduardo


      Date: 2016-07-02 12:54:08.589
      Description:
      El examen de Windows Defender se detuvo antes de completarse.
      Id. de examen:{325E0EA0-BF22-4C59-8895-A2F5CC995478}
      Tipo de examen:AntiSpyware
      Parámetros de examen:Examen rápido
      Usuario:Eduardo-PC\Eduardo


      Date: 2010-11-13 11:01:59.513
      Description:
      El examen de Windows Defender se detuvo antes de completarse.
      Id. de examen:{89038C66-CA10-4FF2-BF11-D61CA85C94F6}
      Tipo de examen:AntiSpyware
      Parámetros de examen:Examen rápido
      Usuario:Eduardo-PC\Eduardo


      Date: 2016-06-20 10:09:45.181
      Description:
      Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
      Firmas intentadas:Actual
      Código de error:0x8050800d
      Descripción de error:No se pudieron mostrar algunos elementos del historial. Espere unos minutos e inténtelo de nuevo Si esto no funcionara, borre el historial e inténtelo de nuevo.
      Versión de firma:1.223.1800.0
      Versión de motor:1.1.12805.0


      Date: 2015-10-18 00:31:03.009
      Description:
      Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
      Firmas intentadas:Actual
      Código de error:0x8050800d
      Descripción de error:No se pudieron mostrar algunos elementos del historial. Espere unos minutos e inténtelo de nuevo Si esto no funcionara, borre el historial e inténtelo de nuevo.
      Versión de firma:1.207.3299.0
      Versión de motor:1.1.12101.0


      Date: 2015-10-17 21:21:23.179
      Description:
      El motor de %1 se detuvo debido a un error inesperado.
      Tipo de error:%5
      Código de excepción:%6
      Recurso:%3


      Date: 2010-11-21 23:20:32.982
      Description:
      Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
      Firmas intentadas:Actual
      Código de error:0x80070002
      Descripción de error:El sistema no puede encontrar el archivo especificado.
      Versión de firma:0.0.0.0
      Versión de motor:0.0.0.0


      Date: 2010-08-01 10:21:49.953
      Description:
      Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
      Firmas intentadas:Actual
      Código de error:0x80070002
      Descripción de error:El sistema no puede encontrar el archivo especificado.
      Versión de firma:0.0.0.0
      Versión de motor:0.0.0.0


      CodeIntegrity:
      ===================================


      Date: 2017-05-27 16:46:40.545
      Description:
      Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.


      Date: 2017-05-27 16:46:40.451
      Description:
      Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.


      Date: 2017-05-27 16:46:40.358
      Description:
      Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.


      Date: 2017-05-27 16:46:40.264
      Description:
      Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.


      Date: 2016-09-08 21:39:34.114
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      Date: 2016-09-08 21:39:33.786
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      Date: 2016-09-06 21:34:12.566
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      Date: 2016-09-06 21:34:12.379
      Description:
      Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.


      ==================== Memory info ===========================


      Processor: AMD Phenom(tm) II X4 945 Processor
      Percentage of memory in use: 40%
      Total physical RAM: 5887.3 MB
      Available physical RAM: 3475.76 MB
      Total Virtual: 11772.79 MB
      Available Virtual: 9172.68 MB


      ==================== Drives ================================


      Drive c: (Edu Windows) (Fixed) (Total:99.9 GB) (Free:31.31 GB) NTFS
      Drive d: (Edu Programas) (Fixed) (Total:396.96 GB) (Free:109.19 GB) NTFS
      Drive e: (Programas ) (Fixed) (Total:434.55 GB) (Free:417.97 GB) NTFS
      Drive h: (Facu) (Fixed) (Total:186.31 GB) (Free:16.74 GB) NTFS


      \\?\Volume{8bd1eeb5-e3f1-11e1-9a47-00306702e7a6}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS


      ==================== MBR & Partition Table ==================


      ========================================================
      Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 815A33D7)
      Partition 1: (Not Active) - (Size=1020 KB) - (Type=42)
      Partition 2: (Active) - (Size=100 MB) - (Type=42)
      Partition 3: (Not Active) - (Size=99.9 GB) - (Type=42)
      Partition 4: (Not Active) - (Size=831.5 GB) - (Type=42)


      ========================================================
      Disk: 1 (Size: 186.3 GB) (Disk ID: 2B58F870)
      Partition 1: (Not Active) - (Size=186.3 GB) - (Type=07 NTFS)


      ==================== End of Addition.txt ============================

    10. #20
      Usuario Avatar de fototravesias
      Registrado
      nov 2007
      Ubicación
      argentina
      Mensajes
      93

      re: Avast ~ Escudo de comportamiento no se activa (Solucionado)

      Bueno Miguel, he puesto todos los reportes, espero de tu ayuda.

      Saludos y gracias.
      Eduardo