• Registrarse
  • Iniciar sesión


  • Resultados 1 al 10 de 10

    Trojan.Agent.Generic Malwarebytes no elimina

    ...

    1. #1
      Usuario Avatar de sirio
      Registrado
      jul 2018
      Ubicación
      España
      Mensajes
      6

      Trojan.Agent.Generic Malwarebytes no elimina

      Buenas

      Tengo un problema en el PC, el disco duro va al 100% casi continuo, con lo que el ordenador va lentísimo.

      He tratado de seguir las indicaciones que se dan a otros compañeros, pero no sé arregla. Malwarebytes no lo elimina, y programas como IFS dan error al ejecutarlos.

      ¿Qué podría hacer?

      Un saludo y muchas gracias.

    2. #2
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.485

      Re: Trojan.Agent.Generic Malwarebytes no elimina

      Saludos y [email protected]






      Pegame el log de Malwarebytes con esa deteccion


      - Informes >> Registro de análisis >>Pulsar en >> Exportar >>Copiar al Portapapeles, y lo pegas en tu respuesta
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de sirio
      Registrado
      jul 2018
      Ubicación
      España
      Mensajes
      6

      Re: Trojan.Agent.Generic Malwarebytes no elimina

      Muchas gracias @Miguelgrado
      Ayer hice el escaneo varias veces, y vuelven a aparecer. Te dejo el informe que acabo de sacar:

      Malwarebytes
      www.malwarebytes.com

      -Detalles del registro-
      Fecha del análisis: 11/7/18
      Hora del análisis: 11:26
      Archivo de registro: 8346f6b6-84ec-11e8-b27c-f406695f5c48.json
      Administrador: Sí

      -Información del software-
      Versión: 3.5.1.2522
      Versión de los componentes: 1.0.374
      Versión del paquete de actualización: 1.0.5865
      Licencia: Gratis

      -Información del sistema-
      SO: Windows 8.1
      CPU: x64
      Sistema de archivos: NTFS
      Usuario: Lenovo-PC\Juanka

      -Resumen del análisis-
      Tipo de análisis: Análisis de amenazas
      Análisis iniciado por:: Manual
      Resultado: Completado
      Objetos analizados: 286707
      Amenazas detectadas: 7
      Amenazas en cuarentena: 7
      Tiempo transcurrido: 21 min, 47 seg

      -Opciones de análisis-
      Memoria: Activado
      Inicio: Activado
      Sistema de archivos: Activado
      Archivo: Activado
      Rootkits: Activado
      Heurística: Activado
      PUP: Detectar
      PUM: Detectar

      -Detalles del análisis-
      Proceso: 0
      (No hay elementos maliciosos detectados)

      Módulo: 0
      (No hay elementos maliciosos detectados)

      Clave del registro: 0
      (No hay elementos maliciosos detectados)

      Valor del registro: 1
      Trojan.Agent.Generic, HKU\S-1-5-21-763160427-2755469213-4145166228-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|4357a07bca3145ae01a368ad784d2742, En cuarentena, [3721], [538249],1.0.5865

      Datos del registro: 0
      (No hay elementos maliciosos detectados)

      Secuencia de datos: 0
      (No hay elementos maliciosos detectados)

      Carpeta: 1
      Trojan.Agent.Generic, C:\PROGRAMDATA\4357a07bca3145ae01a368ad784d2742, En cuarentena, [3721], [538249],1.0.5865

      Archivo: 5
      Trojan.Agent.Generic, C:\PROGRAMDATA\4357a07bca3145ae01a368ad784d2742\test.au3, En cuarentena, [3721], [538249],1.0.5865
      Trojan.Agent.Generic, C:\ProgramData\4357a07bca3145ae01a368ad784d2742\4357a07bca3145ae01a368ad784d2742.exe, En cuarentena, [3721], [538249],1.0.5865
      Trojan.Agent.Generic, C:\ProgramData\4357a07bca3145ae01a368ad784d2742\PE.bin, En cuarentena, [3721], [538249],1.0.5865
      Trojan.Agent.Generic, C:\ProgramData\4357a07bca3145ae01a368ad784d2742\PE2.bin, En cuarentena, [3721], [538249],1.0.5865
      Trojan.Agent.Generic, C:\ProgramData\4357a07bca3145ae01a368ad784d2742\shell.txt, En cuarentena, [3721], [538249],1.0.5865

      Sector físico: 0
      (No hay elementos maliciosos detectados)

      WMI: 0
      (No hay elementos maliciosos detectados)


      (end)

    4. #4
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.485

      Re: Trojan.Agent.Generic Malwarebytes no elimina

      Realiza los siguientes pasos, , sin cambiar el orden:




      1)Descarga la aplicación zhpcleaner/ a Tu escritorio, pulsando en el botón Telecharger de la página.

      • Cierra todos los navegadores
      • Doble clic para ejecutarlo y Presiona el Botón Scánner. Espera a que termine.
      • Se va a generar un reporte en el escritorio llamado ZHPcleaner.
      • Presiona el Botón Reparar.
      • Cuando termine, cierra todos los programas y reinicia el ordenador.
      • copias y pegas en Tu próxima respuesta el contenido del reporte que se había generado.


      2) Descarga >> AdwCleaner | InfoSpyware en el escritorio.

      • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
      • Cierra también todos los programas que tengas abiertos.
      • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.
      • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
      • Si no encuentra nada, pulsamos “Omitir Reparación
      • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"



      3) Descarga CCleaner

      • Instala Ccleaner
      • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador
      • clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad
      • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.




      4-Descarga Farbar Recovery Scan Tool By Farbar (Descarga el archivo dependiendo de la arquitectura de tu sistema).>> Como saber si mi sistema es de 32 o de 64 Bits

      • La guardas en el escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.

      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza los mensajes necesarios, si te dice que es muy largo.

      Pega los reportes de AdwCleaner , Zhpcleaner y Fabar
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de sirio
      Registrado
      jul 2018
      Ubicación
      España
      Mensajes
      6

      Re: Trojan.Agent.Generic Malwarebytes no elimina

      Buenas @Miguelgrado, gracias de nuevo.
      Ahi van los informes:

      AdwCleaner
      Código:
      # -------------------------------
      # Malwarebytes AdwCleaner 7.2.1.1
      # -------------------------------
      # Build:    07-04-2018
      # Database: 2018-07-04.1
      # Support:  https://www.malwarebytes.com/support
      #
      # -------------------------------
      # Mode: Scan
      # -------------------------------
      # Start:    07-12-2018
      # Duration: 00:00:19
      # OS:       Windows 8.1
      # Scanned:  41365
      # Detected: 0
      
      
      ***** [ Services ] *****
      
      No malicious services found.
      
      ***** [ Folders ] *****
      
      No malicious folders found.
      
      ***** [ Files ] *****
      
      No malicious files found.
      
      ***** [ DLL ] *****
      
      No malicious DLLs found.
      
      ***** [ WMI ] *****
      
      No malicious WMI found.
      
      ***** [ Shortcuts ] *****
      
      No malicious shortcuts found.
      
      ***** [ Tasks ] *****
      
      No malicious tasks found.
      
      ***** [ Registry ] *****
      
      No malicious registry entries found.
      
      ***** [ Chromium (and derivatives) ] *****
      
      No malicious Chromium entries found.
      
      ***** [ Chromium URLs ] *****
      
      No malicious Chromium URLs found.
      
      ***** [ Firefox (and derivatives) ] *****
      
      No malicious Firefox entries found.
      
      ***** [ Firefox URLs ] *****
      
      No malicious Firefox URLs found.
      
      
      AdwCleaner[S00].txt - [1282 octets] - [10/07/2018 12:41:23]
      AdwCleaner[C00].txt - [1448 octets] - [10/07/2018 12:42:07]
      AdwCleaner[S01].txt - [1360 octets] - [10/07/2018 13:37:56]
      AdwCleaner[C01].txt - [1546 octets] - [10/07/2018 13:38:21]
      AdwCleaner[S02].txt - [1482 octets] - [10/07/2018 15:12:40]
      AdwCleaner[S03].txt - [1543 octets] - [10/07/2018 17:29:28]
      AdwCleaner[S04].txt - [1604 octets] - [10/07/2018 18:43:55]
      AdwCleaner[C04].txt - [1790 octets] - [10/07/2018 18:44:11]
      
      ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########
      ZHPCleaner
      Código:
      ~ ZHPCleaner v2018.7.10.148 by Nicolas Coolman (2018/07/10)
      ~ Run by Juanka (Administrator)  (12/07/2018 04:23:27)
      ~ Web: https://www.nicolascoolman.com
      ~ Blog: https://nicolascoolman.eu/
      ~ Facebook : https://www.facebook.com/nicolascoolman1
      ~ State version : Version OK
      ~ Certificate ZHPCleaner: Legal
      ~ Type : Reparar
      ~ Report : C:\Users\Juanka\Desktop\ZHPCleaner.txt
      ~ Quarantine : C:\Users\Juanka\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
      ~ UAC : Activate
      ~ Boot Mode : Normal (Normal boot)
      Windows 8.1, 64-bit  (Build 9600)
      
      
      ---\\  Alternate Data Stream (ADS). (0)
      ~ No malintencionados o innecesarios artículos encontrados.
      
      
      ---\\  Servicios (0)
      ~ No malintencionados o innecesarios artículos encontrados.
      
      
      ---\\  Navegadores de Internet (0)
      ~ No malintencionados o innecesarios artículos encontrados.
      
      
      ---\\  Hosts carpeta (1)
      ~ El archivo hosts es legítimo (21)
      
      
      ---\\  Tareas automáticas programadas. (0)
      ~ No malintencionados o innecesarios artículos encontrados.
      
      
      ---\\  Explorador ( Archivos, Carpetas ) (2)
      MOVIDO carpeta: C:\Users\Juanka\Desktop\µTorrent.lnk  [Bad : C:\Users\Juanka\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
      MOVIDO archivo: C:\ProgramData\4357a07bca3145ae01a368ad784d2742  =>Adware.CrossRider
      
      
      ---\\  Registro ( Claves, Valores, Datos) (1)
      BORRADOS clave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)
      
      
      ---\\  Resumen de elementos en su estación de trabajo (2)
      https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
      https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/  =>Adware.CrossRider
      
      
      ---\\ Limpieza adicional. (2)
      ~ Clave de registro Tracing borrados (2)
      ~ Quitar los antiguos informes de ZHPCleaner. (0)
      
      
      ---\\ Resultado de la reparación.
      ~ Reparación llevada a cabo con éxito
      ~ falta este navegador! (Opera Software)
      
      
      ---\\ STATISTIQUES
      ~ Items escaneado : 927
      ~ Items encontrado : 0
      ~ artículos cancelados : 0
      ~ Items opciones : 0/7
      ~ Ahorro de espacio (bytes) : 0
      
      
      ~ End of clean in 00h00mn12s
      
      ---\\  Reporte (2)
      ZHPCleaner-[S]-12072018-04_20_37.txt
      ZHPCleaner-[R]-12072018-04_23_39.txt

    6. #6
      Usuario Avatar de sirio
      Registrado
      jul 2018
      Ubicación
      España
      Mensajes
      6

      Re: Trojan.Agent.Generic Malwarebytes no elimina

      FRST
      Código:
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
      Ran by Juanka (administrator) on LENOVO-PC (12-07-2018 04:45:04)
      Running from C:\Users\Juanka\Desktop
      Loaded Profiles: Juanka (Available Profiles: Juanka)
      Platform: Windows 8.1 (Update) (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************
      
      ==================== Processes (Whitelisted) =================
      
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      
      (AMD) C:\Windows\System32\atiesrxx.exe
      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (Microsoft Corporation) C:\Windows\System32\wlanext.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
      (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
      (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      (Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
      (Intel Corporation) C:\Windows\System32\ibtsiva.exe
      (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
      (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
      (pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
      (© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
      (Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe
      (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
      (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
      (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Intel Corporation) C:\Windows\System32\igfxEM.exe
      (Intel Corporation) C:\Windows\System32\igfxHK.exe
      (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
      (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
      () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
      (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
      (Realtek semiconductor) C:\Windows\RTFTrack.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
      (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe
      (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (SecureW2 B.V.) C:\Program Files (x86)\SecureW2\sw2_tray.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseInfo.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
      (Microsoft Corporation) C:\Windows\SysWOW64\systeminfo.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      
      ==================== Registry (Whitelisted) ===========================
      
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      
      HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation)
      HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
      HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
      HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
      HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3282248 2014-08-20] (ELAN Microelectronics Corp.)
      HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [4060376 2014-10-22] (Realtek semiconductor)
      HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [559896 2014-11-18] (Lenovo(beijing) Limited)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-22] (AVAST Software)
      HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-12-16] (Advanced Micro Devices, Inc.)
      HKLM-x32\...\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] => C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe [265608 2013-11-21] ()
      HKLM-x32\...\Run: [SecureW2 Tray] => C:\Program Files (x86)\SecureW2\sw2_tray.exe [272200 2017-04-01] (SecureW2 B.V.)
      HKLM-x32\...\Run: [Intel(R) RealSense(TM) SDK info server] => C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseInfo.exe [21144 2015-08-12] (Intel Corporation)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\Run: [4357a07bca3145ae01a368ad784d2742] => C:\ProgramData\4357a07bca3145ae01a368ad784d2742\4357a07bca3145ae01a368ad784d2742.exe [0 ] (AutoIt Team)
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\Run: [driver4357a07bca3145ae01a368ad784d2742] => C:\ProgramData\odNsKA\4357a07bca3145ae01a368ad784d2742.exe [937776 2018-07-12] (AutoIt Team)
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\MountPoints2: {441390e3-5dff-11e8-82fc-f406695f5c48} - "F:\iLinker.exe" 
      Startup: C:\Users\Juanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4357a07bca3145ae01a368ad784d2742.lnk [2018-07-11]
      ShortcutTarget: 4357a07bca3145ae01a368ad784d2742.lnk -> C:\LENOVO-PC\xllhwnjitm.exe (AutoIt Team)
      
      ==================== Internet (Whitelisted) ====================
      
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      
      Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{455212F6-EDA0-4B30-8A63-F798E6B180AC}: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{62FB9678-07CE-473F-B046-91926969D484}: [DhcpNameServer] 192.168.1.1
      
      Internet Explorer:
      ==================
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKU\S-1-5-21-763160427-2755469213-4145166228-1001 -> DefaultScope {441F9FC1-5D0A-49EE-8FEC-2CF2AFC2DE30} URL = 
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18] (Oracle Corporation)
      BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-22] (AVAST Software)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18] (Oracle Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-05-21] (Oracle Corporation)
      BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-22] (AVAST Software)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-05-21] (Oracle Corporation)
      
      FireFox:
      ========
      FF DefaultProfile: 53g4611i.default-1530617292171
      FF ProfilePath: C:\Users\Juanka\AppData\Roaming\Mozilla\Firefox\Profiles\53g4611i.default-1530617292171 [2018-07-12]
      FF Extension: (WebCompat Reporter) - C:\Program Files (x86)\Mozilla Firefox\browser\features\[email protected] [2018-07-09] [Legacy] [not signed]
      FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-18] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-18] (Oracle Corporation)
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
      FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-05-21] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-05-21] (Oracle Corporation)
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-03] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-03] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
      FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
      FF Plugin-x32: PDF Architect 5 -> C:\Program Files (x86)\PDF Architect 5\np-previewer.dll [2017-07-05] (pdfforge GmbH)
      
      Chrome: 
      =======
      CHR Profile: C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default [2018-07-12]
      CHR Extension: (Presentaciones) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-03]
      CHR Extension: (Documentos) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-03]
      CHR Extension: (Google Drive) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-03]
      CHR Extension: (YouTube) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-03]
      CHR Extension: (Adobe Acrobat) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-07-03]
      CHR Extension: (Avast SafePrice) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-03]
      CHR Extension: (Hojas de cálculo) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-03]
      CHR Extension: (Documentos de Google sin conexión) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-03]
      CHR Extension: (Avast Online Security) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-07-03]
      CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-03]
      CHR Extension: (Gmail) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-03]
      CHR Extension: (Chrome Media Router) - C:\Users\Juanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-03]
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      
      ==================== Services (Whitelisted) ====================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-22] (AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-22] (AVAST Software)
      R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] ()
      R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
      R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191512 2014-11-20] (Lenovo) [File not signed]
      U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184 2015-01-27] (Intel Corporation)
      R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183568 2016-10-05] (Intel Corporation)
      R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
      S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
      S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
      S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
      S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
      S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
      R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2544408 2014-11-18] (Lenovo(beijing) Limited)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
      S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
      R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944 2014-11-17] (Lenovo(beijing) Limited)
      S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2709176 2017-07-05] (pdfforge GmbH)
      S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1051312 2017-07-05] (pdfforge GmbH)
      R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [859312 2017-07-05] (pdfforge GmbH)
      R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (© pdfforge GmbH.)
      R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-08-12] (Intel(R) Corporation)
      S3 wampapache64; c:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe [29696 2016-07-01] (Apache Software Foundation) [File not signed]
      S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe [39885824 2016-07-12] () [File not signed]
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
      R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
      
      ===================== Drivers (Whitelisted) ======================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
      R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-06-22] (AVAST Software)
      R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-06-22] (AVAST Software)
      R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-06-22] (AVAST Software)
      R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-06-22] (AVAST Software)
      R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-06-22] (AVAST Software)
      R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-06-22] (AVAST Software)
      S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-06-22] (AVAST Software)
      R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-06-22] (AVAST Software)
      R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-06-22] (AVAST Software)
      R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-06-22] (AVAST Software)
      R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-06-22] (AVAST Software)
      R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [463080 2018-06-22] (AVAST Software)
      R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-06-22] (AVAST Software)
      R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-06-22] (AVAST Software)
      S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (www.winchiphead.com)
      R0 Fastboot; C:\WINDOWS\System32\DRIVERS\Fastboot.sys [70168 2014-11-20] (Windows (R) Win 7 DDK provider) [File not signed]
      S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [129448 2017-09-19] (Future Technology Devices International Ltd.)
      S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [89800 2017-08-24] (Future Technology Devices International Ltd.)
      R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [211728 2016-10-05] (Intel Corporation)
      R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-08-12] (Intel(R) Corporation)
      R3 KMDFVirtualKbd; C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] ()
      S3 KMDFVirtualMouse; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] ()
      R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-07-12] (Malwarebytes)
      R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3526400 2017-03-09] (Intel Corporation)
      S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
      S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (QUALCOMM Incorporated)
      S3 qcusbnet; C:\WINDOWS\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
      S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
      R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2584280 2014-10-22] (Realtek Semiconductor Corp.)
      S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed]
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
      S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
      S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
      U1 aswbdisk; no ImagePath
      
      ==================== NetSvcs (Whitelisted) ===================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      
      ==================== One Month Created files and folders ========
      
      (If an entry is included in the fixlist, the file/folder will be moved.)
      
      2018-07-12 04:48 - 2018-07-12 04:48 - 000000000 ____D C:\ProgramData\WPtIze
      2018-07-12 04:48 - 2018-07-12 04:48 - 000000000 ____D C:\ProgramData\KKlguZ
      2018-07-12 04:47 - 2018-07-12 04:48 - 000000000 ____D C:\ProgramData\vuWkbE
      2018-07-12 04:47 - 2018-07-12 04:47 - 000000000 ____D C:\ProgramData\WIznJx
      2018-07-12 04:47 - 2018-07-12 04:47 - 000000000 ____D C:\ProgramData\vnpgAn
      2018-07-12 04:46 - 2018-07-12 04:47 - 000000000 ____D C:\ProgramData\UPylnl
      2018-07-12 04:46 - 2018-07-12 04:46 - 000000000 ____D C:\ProgramData\Jcvnpe
      2018-07-12 04:46 - 2018-07-12 04:46 - 000000000 ____D C:\ProgramData\HkIUOr
      2018-07-12 04:45 - 2018-07-12 04:46 - 000000000 ____D C:\ProgramData\rNrOZm
      2018-07-12 04:45 - 2018-07-12 04:45 - 000000000 ____D C:\ProgramData\ZoUKaY
      2018-07-12 04:45 - 2018-07-12 04:45 - 000000000 ____D C:\ProgramData\ctiANT
      2018-07-12 04:44 - 2018-07-12 04:44 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
      2018-07-12 04:41 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\wsJjZu
      2018-07-12 04:41 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\odNsKA
      2018-07-12 04:41 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\LtLIPf
      2018-07-12 04:40 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\zFBwTC
      2018-07-12 04:40 - 2018-07-12 04:40 - 000000000 ____D C:\ProgramData\YuxTMG
      2018-07-12 04:40 - 2018-07-12 04:40 - 000000000 ____D C:\ProgramData\xbvbln
      2018-07-12 04:39 - 2018-07-12 04:40 - 000000000 ____D C:\ProgramData\bVOYOT
      2018-07-12 04:39 - 2018-07-12 04:39 - 000000000 ____D C:\ProgramData\kWMGnx
      2018-07-12 04:39 - 2018-07-12 04:39 - 000000000 ____D C:\ProgramData\Eskajv
      2018-07-12 04:38 - 2018-07-12 04:39 - 000000000 ____D C:\ProgramData\cKKwGN
      2018-07-12 04:38 - 2018-07-12 04:38 - 000000000 ____D C:\ProgramData\MaxSLh
      2018-07-12 04:38 - 2018-07-12 04:38 - 000000000 ____D C:\ProgramData\LCzkWX
      2018-07-12 04:37 - 2018-07-12 04:38 - 000046703 _____ C:\Users\Juanka\Desktop\Addition.txt
      2018-07-12 04:37 - 2018-07-12 04:38 - 000000000 ____D C:\ProgramData\KxzgYi
      2018-07-12 04:37 - 2018-07-12 04:37 - 000000000 ____D C:\ProgramData\LbAcga
      2018-07-12 04:37 - 2018-07-12 04:37 - 000000000 ____D C:\ProgramData\DIwkcH
      2018-07-12 04:36 - 2018-07-12 04:47 - 000021148 _____ C:\Users\Juanka\Desktop\FRST.txt
      2018-07-12 04:36 - 2018-07-12 04:45 - 000000000 ____D C:\FRST
      2018-07-12 04:36 - 2018-07-12 04:37 - 000000000 ____D C:\ProgramData\fJvzNv
      2018-07-12 04:36 - 2018-07-12 04:36 - 002412544 _____ (Farbar) C:\Users\Juanka\Desktop\FRST64.exe
      2018-07-12 04:36 - 2018-07-12 04:36 - 000000000 ____D C:\ProgramData\pQCgvv
      2018-07-12 04:34 - 2018-07-12 04:34 - 000018706 _____ C:\Users\Juanka\Documents\cc_20180712_043444.reg
      2018-07-12 04:30 - 2018-07-12 04:30 - 007402192 _____ (Malwarebytes) C:\Users\Juanka\Desktop\AdwCleaner.exe
      2018-07-12 04:24 - 2018-07-12 04:24 - 000000000 ___HD C:\ProgramData\4357a07bca3145ae01a368ad784d2742
      2018-07-12 04:20 - 2018-07-12 04:23 - 000002243 _____ C:\Users\Juanka\Desktop\ZHPCleaner.txt
      2018-07-12 04:12 - 2018-07-12 04:23 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\ZHP
      2018-07-12 04:12 - 2018-07-12 04:12 - 000000890 _____ C:\Users\Juanka\Desktop\ZHPCleaner.lnk
      2018-07-12 04:12 - 2018-07-12 04:12 - 000000000 ____D C:\Users\Juanka\AppData\Local\ZHP
      2018-07-12 04:11 - 2018-07-12 04:11 - 003260288 _____ C:\Users\Juanka\Desktop\ZHPCleaner.exe
      2018-07-11 19:47 - 2018-07-11 19:47 - 007613811 _____ C:\Users\Juanka\Desktop\Litofonia.gcode
      2018-07-11 19:45 - 2018-07-11 19:45 - 008099684 _____ C:\Users\Juanka\Desktop\Best-movie-logo-designs-3-1024x512.pngW100H50T3V4B0A0C0PS.stl
      2018-07-11 19:44 - 2018-07-11 19:44 - 008099684 _____ C:\Users\Juanka\Desktop\OPBest-movie-logo-designs-3-1024x512.pngW100H50T3V4B0A0C0PS.stl
      2018-07-11 19:39 - 2018-07-11 19:39 - 000002298 _____ C:\Users\Juanka\AppData\Local\recently-used.xbel
      2018-07-11 19:20 - 2018-07-11 19:20 - 000090384 _____ C:\Users\Juanka\Desktop\CV-Europass-20180711-VegaGalán-ES.pdf
      2018-07-10 18:05 - 2018-07-10 18:05 - 000000000 ____D C:\WINDOWS\pss
      2018-07-10 12:46 - 2018-07-10 12:46 - 000001894 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
      2018-07-10 12:46 - 2018-07-10 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
      2018-07-10 12:46 - 2018-07-10 12:46 - 000000000 ____D C:\ProgramData\Malwarebytes
      2018-07-10 12:46 - 2018-07-10 12:46 - 000000000 ____D C:\Program Files\Malwarebytes
      2018-07-10 12:46 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
      2018-07-10 12:40 - 2018-07-10 12:41 - 000000000 ____D C:\AdwCleaner
      2018-07-10 12:27 - 2018-07-10 17:26 - 000000000 ____D C:\FSTool
      2018-07-09 20:04 - 2018-07-09 20:04 - 000159572 _____ C:\Users\Juanka\Downloads\Solicitud_3137195.zip
      2018-07-09 19:18 - 2018-07-09 20:06 - 000000000 ____D C:\Users\Juanka\.afirma
      2018-07-09 19:18 - 2018-07-09 19:18 - 000000000 ____D C:\Users\Juanka\.oracle_jre_usage
      2018-07-09 19:18 - 2018-07-09 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoFirma
      2018-07-09 19:18 - 2018-07-09 19:18 - 000000000 ____D C:\Program Files (x86)\AutoFirma
      2018-07-09 19:17 - 2018-07-09 19:17 - 061948173 _____ C:\Users\Juanka\Downloads\AutoFirma1.5.0.JAv01.exe
      2018-07-05 03:48 - 2018-07-05 18:29 - 000000161 _____ C:\Users\Juanka\Desktop\Campings.txt
      2018-07-03 20:55 - 2018-07-03 20:55 - 000000000 ____D C:\Users\Juanka\AppData\LocalLow\uTorrent
      2018-07-03 13:28 - 2018-07-03 13:28 - 000000000 ____D C:\Users\Juanka\Desktop\Datos antiguos de Firefox
      2018-07-03 12:04 - 2018-07-03 12:04 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-07-03 12:04 - 2018-07-03 12:04 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-07-03 12:03 - 2018-07-11 19:21 - 000003534 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
      2018-07-03 12:03 - 2018-07-11 19:21 - 000003406 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
      2018-07-03 12:02 - 2018-07-03 12:02 - 001130840 _____ (Google Inc.) C:\Users\Juanka\Downloads\ChromeSetup.exe
      2018-07-02 20:15 - 2018-07-02 20:15 - 000000000 ____D C:\WINDOWS\SysWOW64\reaper_data
      2018-07-02 17:04 - 2018-07-02 17:04 - 000000000 ____D C:\Users\Juanka\Desktop\Navegadores
      2018-07-02 15:13 - 2018-07-09 20:25 - 000000021 _____ C:\ProgramData\settings.cfg
      2018-07-02 15:13 - 2018-07-09 20:24 - 000000018 _____ C:\WINDOWS\SysWOW64\taskSchedularLog.txt
      2018-07-02 14:40 - 2018-07-11 19:21 - 000004128 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
      2018-07-02 14:40 - 2018-07-11 19:21 - 000002794 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
      2018-07-02 14:40 - 2018-07-02 14:40 - 000000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2018-07-02 14:40 - 2018-07-02 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
      2018-07-02 14:39 - 2018-07-02 14:40 - 000000000 ____D C:\Program Files\CCleaner
      2018-07-02 14:38 - 2018-07-02 14:38 - 015989160 _____ (Piriform Ltd) C:\Users\Juanka\Downloads\ccsetup544.exe
      2018-07-02 04:57 - 2018-06-09 04:59 - 007406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
      2018-07-02 04:57 - 2018-06-09 04:47 - 002176072 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
      2018-07-02 04:57 - 2018-06-09 04:42 - 001676064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
      2018-07-02 04:57 - 2018-06-09 03:44 - 001565528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
      2018-07-02 04:57 - 2018-06-09 03:18 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
      2018-07-02 04:57 - 2018-05-15 10:42 - 000590680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
      2018-07-02 04:57 - 2018-05-04 01:02 - 000439640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
      2018-07-02 04:57 - 2018-05-04 01:02 - 000325456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
      2018-07-02 04:57 - 2018-05-04 01:02 - 000187728 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
      2018-07-02 04:57 - 2018-04-26 15:43 - 000918296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000065880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000021848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000018776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000015704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000015192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000013656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000013152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000063832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000020824 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000019288 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000017752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000017752 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000016216 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000014168 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000013656 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
      2018-07-02 04:57 - 2018-04-25 19:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
      2018-06-26 17:21 - 2018-07-11 18:05 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
      2018-06-26 17:13 - 2018-07-02 15:05 - 000000000 ____D C:\Users\Juanka\Documents\ChessBase
      2018-06-26 17:12 - 2018-07-02 15:05 - 000000000 ____D C:\Users\Juanka\AppData\Local\ChessBase
      2018-06-26 17:12 - 2018-06-26 17:15 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\ChessBase
      2018-06-26 17:10 - 2018-07-02 15:05 - 000000000 ____D C:\ProgramData\ChessBase
      2018-06-22 15:48 - 2018-06-22 15:48 - 000000000 ____D C:\Program Files\VideoLAN
      2018-06-22 15:30 - 2018-07-12 04:33 - 000000000 ____D C:\Users\Juanka\AppData\Local\CrashDumps
      2018-06-22 15:29 - 2018-06-22 15:28 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
      2018-06-21 20:21 - 2018-06-21 20:21 - 000000000 ____D C:\Users\Juanka\Downloads\Soap_holder
      2018-06-20 02:33 - 2018-06-20 02:33 - 000000916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch 2.lnk
      2018-06-20 02:33 - 2018-06-20 02:33 - 000000000 ____D C:\Program Files (x86)\Scratch 2
      2018-06-14 01:37 - 2018-06-14 01:37 - 077668920 _____ (Malwarebytes ) C:\Users\Juanka\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5464.exe
      2018-06-13 04:45 - 2018-05-25 07:10 - 025742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
      2018-06-13 04:45 - 2018-05-25 06:38 - 005779968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
      2018-06-13 04:45 - 2018-05-25 06:34 - 020286976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
      2018-06-13 04:45 - 2018-05-25 05:53 - 015283200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
      2018-06-13 04:45 - 2018-05-15 07:33 - 001308352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
      2018-06-13 04:45 - 2018-05-12 22:51 - 002014040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
      2018-06-13 04:44 - 2018-05-25 06:44 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
      2018-06-13 04:44 - 2018-05-25 06:32 - 000794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
      2018-06-13 04:44 - 2018-05-25 06:16 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
      2018-06-13 04:44 - 2018-05-25 06:06 - 000662016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
      2018-06-13 04:44 - 2018-05-25 06:03 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
      2018-06-13 04:44 - 2018-05-25 05:56 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
      2018-06-13 04:44 - 2018-05-25 05:55 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
      2018-06-13 04:44 - 2018-05-25 05:55 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
      2018-06-13 04:44 - 2018-05-25 05:53 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
      2018-06-13 04:44 - 2018-05-25 05:44 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
      2018-06-13 04:44 - 2018-05-25 05:42 - 004496896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
      2018-06-13 04:44 - 2018-05-25 05:39 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
      2018-06-13 04:44 - 2018-05-25 05:39 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
      2018-06-13 04:44 - 2018-05-25 05:38 - 013679616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
      2018-06-13 04:44 - 2018-05-25 05:38 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
      2018-06-13 04:44 - 2018-05-25 05:38 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
      2018-06-13 04:44 - 2018-05-25 05:29 - 001546240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
      2018-06-13 04:44 - 2018-05-25 05:19 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
      2018-06-13 04:44 - 2018-05-25 05:17 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
      2018-06-13 04:44 - 2018-05-25 05:15 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
      2018-06-13 04:44 - 2018-05-25 05:14 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
      2018-06-13 04:44 - 2018-05-23 07:45 - 000027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
      2018-06-13 04:44 - 2018-05-15 07:47 - 002334624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
      2018-06-13 04:44 - 2018-05-15 07:47 - 000244304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
      2018-06-13 04:44 - 2018-05-15 06:57 - 002324752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
      2018-06-13 04:44 - 2018-05-15 06:17 - 000032640 ____C (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
      2018-06-13 04:44 - 2018-05-15 06:17 - 000032640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
      2018-06-13 04:44 - 2018-05-15 06:04 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
      2018-06-13 04:44 - 2018-05-15 05:05 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
      2018-06-13 04:44 - 2018-05-15 04:57 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
      2018-06-13 04:44 - 2018-05-15 04:51 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
      2018-06-13 04:44 - 2018-05-12 23:11 - 000532664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
      2018-06-13 04:44 - 2018-05-12 23:06 - 000567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
      2018-06-13 04:44 - 2018-05-12 22:51 - 000923480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
      2018-06-13 04:44 - 2018-05-12 21:08 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
      2018-06-13 04:44 - 2018-05-11 05:04 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
      2018-06-13 04:44 - 2018-05-05 21:05 - 001543800 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
      2018-06-13 04:44 - 2018-05-05 20:15 - 001178136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
      2018-06-13 04:44 - 2018-05-05 18:38 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
      2018-06-13 04:44 - 2018-05-05 18:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
      
      ==================== One Month Modified files and folders ========
      
      (If an entry is included in the fixlist, the file/folder will be moved.)
      
      2018-07-12 04:46 - 2018-04-05 01:49 - 000000000 ____D C:\Users\Juanka\AppData\Local\AVAST Software
      2018-07-12 04:44 - 2017-07-07 11:03 - 000829440 ___SH C:\Users\Juanka\Desktop\Thumbs.db
      2018-07-12 04:44 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
      2018-07-12 04:43 - 2017-06-16 22:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2018-07-12 04:43 - 2017-06-16 22:31 - 000000000 __SHD C:\Users\Juanka\IntelGraphicsProfiles
      2018-07-12 04:43 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2018-07-12 04:39 - 2017-06-18 01:01 - 000000000 ____D C:\Users\Juanka\AppData\LocalLow\Mozilla
      2018-07-12 04:03 - 2018-05-18 15:54 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\62a43203d24f2a1f906cce224b3dbc77
      2018-07-11 19:37 - 2017-12-13 14:29 - 000000000 ____D C:\Users\Juanka\AppData\Local\gtk-2.0
      2018-07-11 19:31 - 2017-07-03 17:54 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\Telegram Desktop
      2018-07-11 19:21 - 2018-04-02 13:19 - 000004504 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2018-07-11 19:21 - 2018-04-02 13:19 - 000004332 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
      2018-07-11 19:21 - 2017-10-09 14:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
      2018-07-11 19:21 - 2017-06-25 17:18 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\WhatsApp
      2018-07-11 19:21 - 2017-06-18 01:14 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
      2018-07-11 17:20 - 2018-05-18 15:54 - 000000000 ___HD C:\LENOVO-PC
      2018-07-11 11:49 - 2017-06-16 22:37 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-763160427-2755469213-4145166228-1001
      2018-07-10 17:18 - 2017-05-25 10:18 - 000000000 ____D C:\Program Files\Lenovo
      2018-07-10 17:16 - 2017-05-25 10:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
      2018-07-10 17:16 - 2017-05-25 10:18 - 000000000 ____D C:\ProgramData\Lenovo
      2018-07-10 17:15 - 2017-05-25 10:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
      2018-07-10 15:38 - 2017-05-25 10:19 - 000000000 ____D C:\Program Files (x86)\Lenovo
      2018-07-10 15:30 - 2017-05-25 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
      2018-07-10 13:39 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
      2018-07-10 13:28 - 2017-05-25 10:35 - 000000000 ____D C:\WINDOWS\Downloaded Installations
      2018-07-10 13:26 - 2017-06-16 22:31 - 000000000 ____D C:\Users\Juanka\AppData\Local\Packages
      2018-07-10 13:26 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
      2018-07-10 13:11 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
      2018-07-10 13:11 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2018-07-10 11:57 - 2017-08-12 22:42 - 000000000 ____D C:\Users\Juanka\AppData\Local\WhatsApp
      2018-07-10 11:57 - 2017-06-25 17:18 - 000002252 _____ C:\Users\Juanka\Desktop\WhatsApp.lnk
      2018-07-10 11:57 - 2017-06-25 17:18 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
      2018-07-10 11:55 - 2017-06-25 17:18 - 000000000 ____D C:\Users\Juanka\AppData\Local\SquirrelTemp
      2018-07-10 11:35 - 2017-06-19 14:40 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\vlc
      2018-07-09 20:09 - 2017-06-18 01:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2018-07-09 20:09 - 2017-06-18 01:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2018-07-09 20:04 - 2017-08-01 20:42 - 000335872 ___SH C:\Users\Juanka\Downloads\Thumbs.db
      2018-07-09 19:43 - 2017-05-25 19:23 - 000806300 _____ C:\WINDOWS\system32\perfh00A.dat
      2018-07-09 19:43 - 2017-05-25 19:23 - 000164700 _____ C:\WINDOWS\system32\perfc00A.dat
      2018-07-09 19:43 - 2014-11-21 06:44 - 001825894 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2018-07-09 19:18 - 2017-06-16 22:30 - 000000000 ____D C:\Users\Juanka
      2018-07-09 18:58 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
      2018-07-09 13:45 - 2017-06-18 01:01 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
      2018-07-04 15:32 - 2017-07-04 17:57 - 000004168 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
      2018-07-03 21:04 - 2017-07-04 18:30 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\uTorrent
      2018-07-03 21:02 - 2017-07-04 18:33 - 000000000 ____D C:\uTorrent
      2018-07-03 19:12 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp
      2018-07-03 13:07 - 2018-06-05 22:33 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\MPC-HC
      2018-07-03 13:07 - 2017-09-07 13:43 - 000000000 ____D C:\Users\Juanka\AppData\Local\PDFCreator
      2018-07-03 13:07 - 2017-09-07 13:41 - 000000000 ____D C:\Program Files\PDFCreator
      2018-07-03 13:07 - 2017-07-04 22:04 - 000000000 ____D C:\Program Files (x86)\Steam
      2018-07-03 13:06 - 2014-12-10 03:49 - 000000000 ____D C:\WINDOWS\Panther
      2018-07-03 12:04 - 2017-06-20 02:17 - 000000000 ____D C:\Users\Juanka\AppData\Local\Google
      2018-07-03 12:04 - 2017-06-20 02:17 - 000000000 ____D C:\Program Files (x86)\Google
      2018-07-02 20:15 - 2017-05-25 10:36 - 000018944 _____ C:\WINDOWS\system32\VfService.trf
      2018-07-02 20:15 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
      2018-07-02 15:06 - 2017-05-25 10:34 - 000000000 ____D C:\ProgramData\Lenovo App Services
      2018-07-02 15:03 - 2017-07-04 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
      2018-07-02 15:03 - 2017-07-04 17:55 - 000000000 ____D C:\ProgramData\AVAST Software
      2018-07-02 15:02 - 2018-01-31 15:04 - 000000000 ____D C:\Program Files\Common Files\Apple
      2018-07-02 03:31 - 2018-05-11 10:52 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
      2018-06-26 17:42 - 2013-08-22 16:44 - 000524920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2018-06-25 23:08 - 2018-04-12 17:57 - 000000000 ____D C:\Users\Juanka\Desktop\Escaner3D
      2018-06-22 19:34 - 2017-09-06 21:33 - 000000000 ____D C:\Program Files (x86)\XYZscan Handy
      2018-06-22 19:32 - 2017-09-11 20:20 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\XYZscan Handy
      2018-06-22 15:49 - 2017-06-19 14:39 - 000000898 _____ C:\Users\Public\Desktop\VLC media player.lnk
      2018-06-22 15:28 - 2017-11-15 14:07 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
      2018-06-22 15:28 - 2017-07-04 17:57 - 000463080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
      2018-06-22 15:28 - 2017-07-04 17:57 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
      2018-06-22 15:28 - 2017-07-04 17:57 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
      2018-06-22 15:28 - 2017-07-04 17:57 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
      2018-06-22 15:28 - 2017-07-04 17:57 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
      2018-06-22 15:28 - 2017-07-04 17:57 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
      2018-06-22 15:28 - 2017-07-04 17:57 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
      2018-06-22 15:27 - 2017-12-21 15:46 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
      2018-06-22 15:27 - 2017-07-04 17:57 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
      2018-06-22 15:27 - 2017-07-04 17:57 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
      2018-06-22 15:27 - 2017-07-04 17:57 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
      2018-06-22 15:27 - 2017-07-04 17:57 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
      2018-06-22 15:27 - 2017-07-04 17:57 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
      2018-06-21 13:36 - 2017-06-16 22:39 - 000000000 ____D C:\Users\Juanka\AppData\Local\Lenovo
      2018-06-20 19:45 - 2017-10-17 18:05 - 000020838 _____ C:\Users\Juanka\Desktop\Asistencia.ods
      2018-06-20 19:15 - 2017-09-06 21:38 - 007454721 _____ (XYZprinting ) C:\Users\Juanka\AppData\Roaming\XYZHandHeldsetup.exe
      2018-06-20 02:40 - 2017-08-31 18:48 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\Stellarium
      2018-06-20 00:29 - 2017-06-19 22:27 - 000000000 ____D C:\Users\Juanka\AppData\Roaming\Autodesk
      2018-06-15 22:25 - 2017-10-15 15:42 - 000000000 ____D C:\Users\Juanka\AppData\Local\JDownloader 2.0
      2018-06-15 14:59 - 2017-09-26 20:46 - 000015242 _____ C:\Users\Juanka\Desktop\Pilas.ods
      2018-06-14 14:33 - 2017-09-27 00:56 - 000000000 ____D C:\Users\Juanka\AppData\Local\Arduino15
      2018-06-13 09:10 - 2017-06-16 23:40 - 000000000 ____D C:\WINDOWS\system32\MRT
      2018-06-13 09:05 - 2017-10-11 20:11 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
      2018-06-13 09:05 - 2017-06-16 23:40 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
      2018-06-12 19:32 - 2017-12-26 19:25 - 000000000 ____D C:\Users\Juanka\.gimp-2.8
      
      ==================== Files in the root of some directories =======
      
      2017-11-17 01:44 - 2017-12-29 21:10 - 001644320 _____ () C:\Users\Juanka\AppData\Roaming\MyTest.gcode
      2017-11-28 17:53 - 2017-12-30 16:10 - 000000044 _____ () C:\Users\Juanka\AppData\Roaming\temp.ree
      2017-09-06 21:38 - 2018-06-20 19:15 - 007454721 _____ (XYZprinting                                                 ) C:\Users\Juanka\AppData\Roaming\XYZHandHeldsetup.exe
      2018-07-11 19:39 - 2018-07-11 19:39 - 000002298 _____ () C:\Users\Juanka\AppData\Local\recently-used.xbel
      2017-09-29 01:52 - 2017-10-15 18:16 - 000007643 _____ () C:\Users\Juanka\AppData\Local\Resmon.ResmonCfg
      
      ==================== Bamital & volsnap ======================
      
      (There is no automatic fix for files that do not pass verification.)
      
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      
      LastRegBack: 2018-07-09 12:45
      
      ==================== End of FRST.txt ============================

    7. #7
      Usuario Avatar de sirio
      Registrado
      jul 2018
      Ubicación
      España
      Mensajes
      6

      Re: Trojan.Agent.Generic Malwarebytes no elimina

      Addition

      Código:
      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
      Ran by Juanka (12-07-2018 04:48:58)
      Running from C:\Users\Juanka\Desktop
      Windows 8.1 (Update) (X64) (2017-06-16 20:30:39)
      Boot Mode: Normal
      ==========================================================
      
      
      ==================== Accounts: =============================
      
      Administrador (S-1-5-21-763160427-2755469213-4145166228-500 - Administrator - Disabled)
      HomeGroupUser$ (S-1-5-21-763160427-2755469213-4145166228-1003 - Limited - Enabled)
      Invitado (S-1-5-21-763160427-2755469213-4145166228-501 - Limited - Disabled)
      Juanka (S-1-5-21-763160427-2755469213-4145166228-1001 - Administrator - Enabled) => C:\Users\Juanka
      
      ==================== Security Center ========================
      
      (If an entry is included in the fixlist, it will be removed.)
      
      AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
      
      ==================== Installed Programs ======================
      
      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
      
      123D Design R2.2 (HKLM\...\123D Design) (Version: 2.2.14 - Autodesk, Inc.)
      4K Video Downloader 4.3 (HKLM-x32\...\{D0CA3944-0FD5-40FF-97A1-FEDFFB5EE31F}) (Version: 4.3.2.2215 - Open Media LLC)
      Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
      Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
      Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
      AMD Catalyst Install Manager (HKLM\...\{E13CC139-F76A-FD1B-7348-7FF200715B65}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
      Apple Application Support (64 bits) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
      Arduino (HKLM-x32\...\Arduino) (Version: 1.8.3 - Arduino LLC)
      Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
      AutoFirma (HKLM-x32\...\AutoFirma ) (Version: 1.5.0.JAv01 - Junta de Andalucía)
      Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
      BQ 3D Printers Firmware Updater (HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\{5162ef2e-cb2b-407d-b2af-655ab9611e41}) (Version: 1.0.1 - BQ)
      CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
      CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.1.0.7 - Lenovo)
      Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.52 - Conexant)
      Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
      Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
      Dependency Package Update (HKLM-x32\...\{4ABFEC28-1554-493D-A84D-BEA21D8E6D6F}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
      Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
      Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
      Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
      Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
      Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
      Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
      Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
      Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
      Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
      dupeGuru 4.0.3 (HKLM\...\dupeGuru) (Version: 4.0.3 - Hardcoded Software)
      FreeCAD 0.16 - A free open source CAD system (HKLM\...\FreeCAD 0.16) (Version: 0.16.6700 - Juergen Riegel)
      Gestor de cámara con sensor de profundidad Intel® RealSense™ F200 (HKLM-x32\...\ARP_for_prd_dcm_runtime_1.4.27.41944) (Version: 1.4.27.41944 - Intel Corporation)
      GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
      GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version:  - )
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
      Gtk# for .Net 2.12.22 (HKLM-x32\...\{06AF6533-F201-47C0-8675-AAAE5CB81B41}) (Version: 2.12.22 - Xamarin, Inc.)
      Inkscape 0.92.2 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.92.2.0 - Inkscape project)
      Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
      Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.2.1001 - Intel Corporation)
      Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
      Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{667DD389-1751-45C8-B864-1E5F83D6C588}) (Version: 17.1.1433.02 - Intel Corporation)
      Intel® RealSense™ Depth Camera Manager Beta (x86): dptf_com (HKLM-x32\...\{8C25884F-412A-11E5-9996-2C44FD873B55}) (Version: 2.2.0.41944 - Intel Corporation) Hidden
      Intel® RealSense™ Depth Camera Manager Beta (x86): Intel® RealSense™ SDK info server (HKLM-x32\...\{8C25D670-412A-11E5-A7E0-2C44FD873B55}) (Version: 2.2.0.41944 - Intel Corporation) Hidden
      Intel® RealSense™ Depth Camera Manager F200 Gold (x86): Intel® RealSense™ 3D camera IO module (HKLM-x32\...\{38157E40-412B-11E5-9377-2C44FD873B55}) (Version: 1.4.27.41944 - Intel Corporation) Hidden
      Intel® RealSense™ Depth Camera Manager F200 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{38157E40-412B-11E5-AC99-2C44FD873B55}) (Version: 1.4.27.41944 - Intel Corporation) Hidden
      Intel® RealSense™ SDK Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v6_6.0.21.6598) (Version: 6.0.21.6598 - Intel Corporation)
      Intel® RealSense™ SDK Runtime Gold (x86): 3D Capture (HKLM-x32\...\{D75C60EE-358B-11E5-98C9-2C44FD873B55}) (Version: 6.0.21.6598 - Intel Corporation) Hidden
      Intel® RealSense™ SDK Runtime Gold (x86): Core (HKLM-x32\...\{EC8ABDF0-358B-11E5-82EB-2C44FD873B55}) (Version: 6.0.21.6598 - Intel Corporation) Hidden
      Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
      Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
      Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
      Java SE Development Kit 8 Update 131 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation)
      Jaxx 1.3.9 (only current user) (HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\c8bd836d-41d7-5f55-90da-0bae2db13a07) (Version: 1.3.9 - decentral.ca)
      JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
      LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
      LEGO MINDSTORMS EV3 (HKLM-x32\...\LEGO_SW.{5B0CB826-E499-4E6B-94F0-75B6327ED934}) (Version: 1.0.0 - The LEGO Group)
      LEGO MINDSTORMS EV3 Home Content (HKLM-x32\...\{142D9B8C-E72A-4970-A703-B8AF9904E6F1}) (Version: 1.2.30 - The LEGO Group) Hidden
      LEGO MINDSTORMS EV3 Home Edition (HKLM-x32\...\{ACC62EC7-E615-473F-83A5-F95DF9A20E49}) (Version: 1.2.30 - The LEGO Group) Hidden
      LEGO MINDSTORMS EV3 Home Soporte en Español (HKLM-x32\...\{470F3852-CC0A-4F34-8636-4141997F0BEE}) (Version: 1.2.30 - The LEGO Group) Hidden
      LEGO MINDSTORMS EV3 Uninstaller (HKLM-x32\...\{5F3092B9-4240-4037-A287-BF6F9A2996BC}) (Version: 1.0.11 - The LEGO Group) Hidden
      LEGO MINDSTORMS NXT x64 Driver (HKLM\...\{A0831C28-A6FA-49A3-86AE-B5AE3C9EE19C}) (Version: 1.20.115.0 - LEGO)
      Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10292 - Realtek Semiconductor Corp.)
      Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
      Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
      Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
      Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
      Lenovo Patch Utility 64 bit (HKLM\...\{49A09C2C-FFF4-478E-B397-5E0979F67F5D}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
      Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.49.1 - ELAN Microelectronic Corp.)
      Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
      LibreOffice 6.0.4.2 (HKLM\...\{CBC4E8DF-CCBD-4260-A6A5-B682BA706DC4}) (Version: 6.0.4.2 - The Document Foundation)
      LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
      LyX 2.2.3 (HKLM-x32\...\LyX223) (Version: 2.2.3 - LyX Team)
      Malwarebytes versión 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
      Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
      Manuales de usuario (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
      Meshmixer (HKLM\...\Meshmixer_x64) (Version: 3.4 - Autodesk, Inc.)
      Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
      Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
      Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
      MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
      Mozilla Firefox 61.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 61.0.1 (x64 es-ES)) (Version: 61.0.1 - Mozilla)
      Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
      MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
      NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201610071157) (Version: 8.2 - NetBeans.org)
      NI .NET Framework 4.0 (HKLM-x32\...\{0C43BB65-C604-4D94-A83A-54DCB42780B8}) (Version: 4.01.49154 - National Instruments) Hidden
      NI EulaDepot (HKLM-x32\...\{87F60C46-07E2-46B4-B872-680DE4184C0A}) (Version: 3.20.363 - National Instruments) Hidden
      NI MDF Support (HKLM-x32\...\{FA35D849-889D-4454-9532-6BE2008D2CDF}) (Version: 3.20.363 - National Instruments) Hidden
      NI Security Update (KB 67L8LCQW) (64-bit) (HKLM\...\{4A78D9E6-D349-4CCA-9295-45B12BE5BC6C}) (Version: 1.0.29.0 - National Instruments) Hidden
      NI Security Update (KB 67L8LCQW) (HKLM-x32\...\{20124E21-206B-485F-838F-14BB88161045}) (Version: 1.0.29.0 - National Instruments) Hidden
      NI Uninstaller (HKLM-x32\...\{C7743231-5899-418D-8CA5-22B0F654D894}) (Version: 3.20.363 - National Instruments) Hidden
      NI VC2008MSMs x64 (HKLM\...\{07E00E94-7A78-40FA-9BEF-71C190E98041}) (Version: 9.0.401 - National Instruments) Hidden
      NI VC2008MSMs x86 (HKLM-x32\...\{E84997A1-4D6F-4C0B-B60D-F85B360D2666}) (Version: 9.0.401 - National Instruments) Hidden
      OEM Application Profile (HKLM-x32\...\{B7A04A71-5DDD-9FA5-66ED-C3CC33152388}) (Version: 1.00.0000 - Nombre de su organización)
      OneKey Optimizer (HKLM-x32\...\{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.1.20.16 - Lenovo) Hidden
      OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.1.20.16 - Lenovo)
      OpenSCAD (remove only) (HKLM\...\OpenSCAD) (Version: 2015.03-2 - The OpenSCAD Developers)
      Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
      Paquete de controladores de Windows - XYZ Printing, Inc. (MS3dPrintUSB) Ports  (04/22/2016 14.25.39.518) (HKLM\...\13B77A3E51154944BF02DF4247B5EE178D4A148B) (Version: 04/22/2016 14.25.39.518 - XYZ Printing, Inc.)
      Paquete de controladores de Windows - XYZ Printing, Inc. (MS3dPrintUSB) Ports  (11/18/2016 11.40.6.730) (HKLM\...\252F7A16FB89B058EFC7241C2C30BEB04C29C58E) (Version: 11/18/2016 11.40.6.730 - XYZ Printing, Inc.)
      PDF Architect 5 Create Module (HKLM\...\{0E25DE98-E56E-4259-B554-F1360BB2DC22}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
      PDF Architect 5 Edit Module (HKLM\...\{EE01D8D7-2DD0-4C43-BF42-D9C8FC8DAE99}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
      PDF Architect 5 View Module (HKLM\...\{4DC94B75-B036-474D-8AC8-E2D055C95FBD}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
      PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.3 - pdfforge GmbH)
      PDFsam Basic (HKLM-x32\...\{0F7F1493-D16D-4C7B-A271-17A12168CCC4}) (Version: 3.30.2.0 - Andrea Vacondio)
      Pinta 1.6 (HKLM-x32\...\{833CBF68-0FE7-44A4-86E6-71DE50A30465}) (Version: 1.6.0.0 - Pinta Community) Hidden
      Pinta 1.6 (HKLM-x32\...\{aaa32734-ca38-494d-836c-f41822d11ed5}) (Version: 1.6.0.0 - Pinta Community)
      PX Profile Update (HKLM-x32\...\{3A2701F7-94DE-9860-0E15-610209576542}) (Version: 1.00.1. - AMD) Hidden
      R+ Design (HKLM-x32\...\{4C149F08-5495-484F-BD22-CB3AE920324C}) (Version: 1.1.0 - ROBOTIS)
      Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
      Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
      Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
      Scratch 2 Offline Editor (HKLM-x32\...\{6E988774-5309-E02E-7EA8-F19CB65C2063}) (Version: 255 - Massachusetts Institute of Technology) Hidden
      Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 461 - Massachusetts Institute of Technology)
      SecureW2 Enterprise Client 3.5.17 (HKLM-x32\...\SecureW2 Enterprise Client) (Version:  - )
      Skype versión 8.22 (HKLM-x32\...\Skype_is1) (Version: 8.22 - Skype Technologies S.A.)
      Software Intel® PROSet/Wireless (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation)
      Software Logitech Unifying 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
      Software para dispositivos de chipset Intel® (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      Stellarium 0.16.0 (HKLM\...\Stellarium_is1) (Version: 0.16.0 - Stellarium team)
      Telegram Desktop version 1.3.9 (HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.3.9 - Telegram Messenger LLP)
      UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.3.6 - Lenovo)
      Ultimaker Cura 3.3 (HKLM-x32\...\Ultimaker Cura 3.3) (Version: 3.3.1 - Ultimaker)
      User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
      Virtual Moon Atlas V6.0 (HKLM-x32\...\{3EB7A19B-690F-49BA-B494-CADA547D0DB9}_is1) (Version:  - )
      VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version:  - Ozone)
      VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
      VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
      Wampserver64 3.0.6 (HKLM\...\{wampserver64}_is1) (Version: 3.0.6 - Dominique Ottello aka Otomatic)
      WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
      WhatsApp (HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\WhatsApp) (Version: 0.2.9998 - WhatsApp)
      Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
      XYZscan Handy 3.3.4 (HKLM-x32\...\XYZscan Handy_is1) (Version: 3.3.4 - XYZprinting)
      XYZware 2.1.26.1 (HKLM-x32\...\XYZware_is1) (Version: 2.1.26.1 - XYZprinting)
      
      ==================== Custom CLSID (Whitelisted): ==========================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-22] (AVAST Software)
      ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-22] (AVAST Software)
      ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-07-05] (pdfforge GmbH)
      ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
      ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-23] (Lenovo)
      ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-22] (AVAST Software)
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
      ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-23] (Lenovo)
      ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-12-16] (Advanced Micro Devices, Inc.)
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
      ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
      ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-22] (AVAST Software)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
      
      ==================== Scheduled Tasks (Whitelisted) =============
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      Task: {124F76E6-17D3-4FDB-AF09-ABE0DEC00343} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-10] (Adobe Systems Incorporated)
      Task: {175224DF-82C1-4923-B325-AFE96B98F43B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-06-22] (AVAST Software)
      Task: {18AF036E-D66D-4292-88B8-031894E1E5D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-03] (Google Inc.)
      Task: {27D5FD45-0A8C-4BB4-A5CE-91F1BD8430F4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-07] (AVAST Software)
      Task: {2AEA3CEE-7AD3-40F9-8A7F-67FDB2BBBD56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-03] (Google Inc.)
      Task: {32CE129D-47A4-4F77-B04E-FE2F8240B2A7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
      Task: {33F85604-3D3C-4149-BDE0-829C08E63F7A} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
      Task: {43AB8C12-F317-4DE3-B0CB-4DF22AEB2C44} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
      Task: {6270B563-7556-405F-B8F8-42A8D3C85C8C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-02] (Lenovo)
      Task: {87FB7E6F-B53E-4A23-9EC0-FE9CD57CCC74} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
      Task: {A00203A7-0DC6-448D-A542-3C91E40031C0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
      Task: {AD64D74F-A7B3-4DD2-9A6F-E9F3B2287FF2} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
      Task: {B8AB1EBD-9250-4FFB-BB47-E7179F4DF3EB} - System32\Tasks\SecureW2 Task => C:\Program Files (x86)\SecureW2\sw2_tray.exe [2017-04-01] (SecureW2 B.V.)
      Task: {CBE429C5-D47B-46F8-B6AE-72111641CD08} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [2018-07-10] (Adobe Systems Incorporated)
      Task: {D1B0F26C-00EA-47A5-9367-FD0E42300232} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
      Task: {DAF8876F-6590-44A7-8744-E81BC8DA3253} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
      Task: {FBDE06FC-8178-46A3-8523-01F8FB867B5D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
      
      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
      
      
      ==================== Shortcuts & WMI ========================
      
      (The entries could be listed to be restored or removed.)
      
      
      ==================== Loaded Modules (Whitelisted) ==============
      
      2017-05-25 10:47 - 2014-11-17 15:35 - 000036632 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Metric.dll
      2017-05-25 10:47 - 2014-11-17 15:35 - 000166680 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Lenovo.MetricCollectionMFCx64.dll
      2018-07-10 12:46 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-05-25 10:05 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
      2018-06-24 13:27 - 2018-06-24 13:27 - 000095168 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
      2018-03-09 02:20 - 2018-03-09 02:20 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2018-06-22 15:28 - 2018-06-22 15:28 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
      2018-06-22 15:27 - 2018-06-22 15:27 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
      2017-05-25 10:35 - 2014-10-22 10:15 - 000644080 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
      2017-05-25 10:35 - 2014-10-22 10:15 - 000410096 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
      2014-09-03 11:03 - 2014-09-03 11:03 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
      
      ==================== Alternate Data Streams (Whitelisted) =========
      
      (If an entry is included in the fixlist, only the ADS will be removed.)
      
      
      ==================== Safe Mode (Whitelisted) ===================
      
      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
      
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
      
      ==================== Association (Whitelisted) ===============
      
      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
      
      
      ==================== Internet Explorer trusted/restricted ===============
      
      (If an entry is included in the fixlist, it will be removed from the registry.)
      
      
      ==================== Hosts content: ===============================
      
      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
      
      2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
      
      
      ==================== Other Areas ============================
      
      (Currently there is no automatic fix for this section.)
      
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\Control Panel\Desktop\\Wallpaper -> C:\COPIA SEGURIDAD\Ordenador jk\Escritorio\Mis fotos\sol.JPG
      DNS Servers: 192.168.1.1
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
      Windows Firewall is enabled.
      
      ==================== MSCONFIG/TASK MANAGER disabled items ==
      
      HKLM\...\StartupApproved\Run: => "IAStorIcon"
      HKLM\...\StartupApproved\Run: => "iTunesHelper"
      HKLM\...\StartupApproved\Run: => "LenovoUtility"
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\StartupApproved\Run: => "Skype"
      
      ==================== FirewallRules (Whitelisted) ===============
      
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      
      FirewallRules: [{C130DD11-4115-4C7C-8AC6-B780DA611713}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
      FirewallRules: [{B2D5E37A-4B44-454F-986E-DC43F3CC9742}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
      FirewallRules: [{C01A3D30-613E-41D8-8A43-C495886845B2}] => (Allow) LPort=55100
      FirewallRules: [{CDB617DF-D2B4-4CB5-A4CA-58C92A79C276}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
      FirewallRules: [{CD2724F5-AF07-4A31-8933-4AAF8502A74F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{172DB001-8075-420A-B623-553507A29671}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [UDP Query User{68E46633-8DC3-499C-A590-8A85F5FE92AD}C:\Program Files (x86)\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe] => (Allow) C:\Program Files (x86)\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe
      FirewallRules: [TCP Query User{F468232A-782C-4386-AF14-03CFA72EB0FB}C:\Program Files (x86)\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe] => (Allow) C:\Program Files (x86)\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe
      FirewallRules: [{9BAAB86C-6F95-4690-AA24-2DFBEC66F6BC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{B6D725AF-F2F0-4127-92DE-D459BAB00AD8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{10FD439D-D2BD-4BB9-9555-60FED58E9326}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{628CCBD8-791F-49BE-82E4-8E6900C06F08}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{9830ECE9-F3F1-4B1B-A044-33CB6853F7D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
      FirewallRules: [{E185B8CD-31BF-43AE-9CFD-925ADD26487A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
      FirewallRules: [TCP Query User{9D110F97-1662-409A-BD1A-535B2FC90242}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
      FirewallRules: [UDP Query User{4B792AC6-C5A5-4871-8928-8346F68A781A}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
      FirewallRules: [TCP Query User{42B9BC3D-0F67-4247-A2B5-0D87753AB06C}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
      FirewallRules: [UDP Query User{17ACC586-9099-4D7E-B830-897489868374}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
      FirewallRules: [{24FDBAB9-AF2A-4049-822C-34A02E33EE31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos Behind Enemy Lines\Comandos.exe
      FirewallRules: [{83892A88-31C0-4E86-9B31-AEB0B9EBBB6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos Behind Enemy Lines\Comandos.exe
      FirewallRules: [{D60CF694-94C3-412D-A2D9-AD42B0BC47C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
      FirewallRules: [{92B5B626-0FCB-471E-B5F5-F212636DF911}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
      FirewallRules: [TCP Query User{51274C66-A026-4299-88C4-1D7585322437}C:\program files (x86)\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe
      FirewallRules: [UDP Query User{9B86EFE7-AFD2-44E1-A867-CF46CAE55A6C}C:\program files (x86)\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe
      FirewallRules: [TCP Query User{428E9834-2BCE-479C-A26E-D4CCFB4DAF98}C:\program files (x86)\steam\steamapps\common\commandos behind enemy lines\legacy\mpserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\commandos behind enemy lines\legacy\mpserver.exe
      FirewallRules: [UDP Query User{FB56E317-0580-476B-9EC6-2E2D9D311236}C:\program files (x86)\steam\steamapps\common\commandos behind enemy lines\legacy\mpserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\commandos behind enemy lines\legacy\mpserver.exe
      FirewallRules: [{1DE37353-FED5-479A-946F-2392159776F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 Tiberium Wars\CNC3.exe
      FirewallRules: [{4D97E0C9-428D-48E8-B169-CA75782D1394}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 Tiberium Wars\CNC3.exe
      FirewallRules: [{2CB989DE-F436-4A4B-A9C1-0C4378E59074}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 Tiberium Wars\RetailExe\1.9\cnc3game.dat
      FirewallRules: [{5D305D8D-988E-4C02-A2D1-FDFDCAA4E1C3}] => (Allow) C:\Users\Juanka\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{4AE7F002-5D0A-4C4D-8095-AE8127422BCA}] => (Allow) C:\Users\Juanka\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{6848ED65-9F28-498A-BB20-6F45733B7C4C}] => (Allow) C:\Users\Juanka\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{47AB67B5-4D19-4EF1-83A4-A7765B2A5B36}] => (Allow) C:\Users\Juanka\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{74FFD170-394A-45FE-869C-F3EB395392F8}] => (Allow) C:\Users\Juanka\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{B4B8086D-8BC5-4911-9ED5-D95EBDB5AC87}] => (Allow) C:\Users\Juanka\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [TCP Query User{E3552DA9-866E-4292-9567-3FB4AB31185F}C:\program files (x86)\steam\steamapps\common\command and conquer 3 tiberium wars\retailexe\1.9\cnc3game.dat] => (Block) C:\program files (x86)\steam\steamapps\common\command and conquer 3 tiberium wars\retailexe\1.9\cnc3game.dat
      FirewallRules: [UDP Query User{304994F8-CEEE-473C-A6F0-BAB0B64DB2C7}C:\program files (x86)\steam\steamapps\common\command and conquer 3 tiberium wars\retailexe\1.9\cnc3game.dat] => (Block) C:\program files (x86)\steam\steamapps\common\command and conquer 3 tiberium wars\retailexe\1.9\cnc3game.dat
      FirewallRules: [{B85C8434-1BAE-4C7F-B0A8-C0E055709645}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
      FirewallRules: [{7DF89FBE-60AF-4970-A6C4-B3ECECA8C33B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
      FirewallRules: [TCP Query User{85335A1A-F8AF-4B1A-A452-540465E156DD}C:\program files\ultimaker cura 3.3\cura.exe] => (Block) C:\program files\ultimaker cura 3.3\cura.exe
      FirewallRules: [UDP Query User{4F4D76D6-7D06-4AE4-A5A0-5270FB30840E}C:\program files\ultimaker cura 3.3\cura.exe] => (Block) C:\program files\ultimaker cura 3.3\cura.exe
      FirewallRules: [TCP Query User{F140C78B-5B45-4E6F-887A-0B4E1F477CF4}C:\program files\ultimaker cura 3.3\cura.exe] => (Block) C:\program files\ultimaker cura 3.3\cura.exe
      FirewallRules: [UDP Query User{D9F30688-946D-4D17-8930-85EAA3EE7781}C:\program files\ultimaker cura 3.3\cura.exe] => (Block) C:\program files\ultimaker cura 3.3\cura.exe
      FirewallRules: [{BA90F80F-70E9-430B-B7EE-753ED171FF0C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
      FirewallRules: [{BCB13F54-25CB-47C5-A3E1-67A0666677C8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
      FirewallRules: [TCP Query User{25A2EAE3-31A9-4FF1-803D-00768847DF75}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
      FirewallRules: [UDP Query User{9727FF31-5A18-4F6C-9FD6-7135416723F3}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
      FirewallRules: [{DB7142DD-19AE-4704-8FD0-1BA37EFE0F51}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
      FirewallRules: [{C070E5B4-A63C-4762-A006-CED2ECBA243E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
      FirewallRules: [{BF30D44D-B756-4E35-9E88-7AA802B0629F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [TCP Query User{144CF151-0124-4664-BF74-15D283C975FE}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
      FirewallRules: [UDP Query User{B0129A5B-04B1-491D-AF36-1BFFB76BEC97}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
      
      ==================== Restore Points =========================
      
      09-07-2018 13:53:47 Punto de control programado
      10-07-2018 13:07:38 JRT Pre-Junkware Removal
      
      ==================== Faulty Device Manager Devices =============
      
      
      ==================== Event log errors: =========================
      
      Application errors:
      ==================
      Error: (07/11/2018 07:21:54 PM) (Source: ATIeRecord) (EventID: 16393) (User: )
      Description: ATI EEU failed to create a QNode
      
      Error: (07/11/2018 07:21:54 PM) (Source: ATIeRecord) (EventID: 16393) (User: )
      Description: ATI EEU failed to create a QNode
      
      Error: (07/11/2018 12:05:50 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: CCSDK.exe, versión: 1.1.0.7, marca de tiempo: 0x544746d0
      Nombre del módulo con errores: fastprox.dll, versión: 6.3.9600.18946, marca de tiempo: 0x5a9a2566
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x000a1f34
      Identificador del proceso con errores: 0x1714
      Hora de inicio de la aplicación con errores: 0x01d418febbdca59a
      Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
      Ruta de acceso del módulo con errores: C:\WINDOWS\system32\wbem\fastprox.dll
      Identificador del informe: fca585da-84f1-11e8-8330-f406695f5c48
      Nombre completo del paquete con errores: 
      Identificador de aplicación relativa del paquete con errores:
      
      Error: (07/10/2018 07:29:34 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 6.3.9600.18460, marca de tiempo: 0x57c1b8c1
      Nombre del módulo con errores: creator-context-menu.dll, versión: 5.0.28.34044, marca de tiempo: 0x595cfe1f
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x0000000000015f10
      Identificador del proceso con errores: 0xce4
      Hora de inicio de la aplicación con errores: 0x01d4187343b1d3da
      Ruta de acceso de la aplicación con errores: C:\WINDOWS\Explorer.EXE
      Ruta de acceso del módulo con errores: C:\Program Files\PDF Architect 5\creator-context-menu.dll
      Identificador del informe: cf6d11f1-8466-11e8-832f-f406695f5c48
      Nombre completo del paquete con errores: 
      Identificador de aplicación relativa del paquete con errores:
      
      Error: (07/10/2018 07:29:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
      Description: Aplicación: Explorer.EXE
      Versión de Framework: v4.0.30319
      Descripción: el proceso terminó debido a una excepción no controlada.
      Información de la excepción: código de la excepción c0000005, dirección de la excepción 00007FFE30685F10
      Pila:
      
      Error: (07/10/2018 07:05:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
      Description: Los Servicios de cifrado no pudieron inicializar el objeto "System Writer" de la copia de seguridad de VSS.
      
      Details:
      Could not query the status of the EventSystem service.
      
      System Error:
      Se está cerrando el sistema.
      .
      
      Error: (07/10/2018 06:32:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
      Description: Los Servicios de cifrado no pudieron inicializar el objeto "System Writer" de la copia de seguridad de VSS.
      
      Details:
      Could not query the status of the EventSystem service.
      
      System Error:
      Se está cerrando el sistema.
      .
      
      Error: (07/10/2018 04:43:32 PM) (Source: ATIeRecord) (EventID: 16393) (User: )
      Description: ATI EEU failed to create a QNode
      
      
      System errors:
      =============
      Error: (07/12/2018 04:25:04 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio FontCache3.0.0.0.
      
      Error: (07/12/2018 04:25:03 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
      Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio MBAMService.
      
      Error: (07/11/2018 12:06:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio CCSDK se terminó de manera inesperada. Esto ha sucedido 1 veces.
      
      Error: (07/11/2018 11:50:56 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
      Description: El servidor {1B1F472E-3221-4826-97DB-2C2324D389AE} no se registró con DCOM dentro del tiempo de espera requerido.
      
      Error: (07/11/2018 11:50:26 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
      Description: El servidor {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} no se registró con DCOM dentro del tiempo de espera requerido.
      
      Error: (07/10/2018 07:15:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Proveedor de Grupo Hogar depende del servicio Publicación de recurso de detección de función, el cual no pudo iniciarse debido al siguiente error: 
      %%2147952449 = La dirección solicitada no es válida en este contexto.
      
      Error: (07/10/2018 07:15:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: El servicio Publicación de recurso de detección de función se cerró con el siguiente error: 
      %%2147952449 = La dirección solicitada no es válida en este contexto.
      
      Error: (07/10/2018 07:15:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
      Description: El servicio Proveedor de Grupo Hogar depende del servicio Publicación de recurso de detección de función, el cual no pudo iniciarse debido al siguiente error: 
      %%2147952449 = La dirección solicitada no es válida en este contexto.
      
      
      Windows Defender:
      ===================================
      Date: 2017-07-04 18:07:57.574
      Description: 
      Windows Defender encontró un error al intentar actualizar las firmas.
      Nueva versión de firma: 
      Versión de firma anterior: 1.193.418.0
      Origen de actualización: Servidor de Microsoft Update
      Tipo de firma: AntiVirus
      Tipo de actualización: Completa
      Usuario: NT AUTHORITY\SYSTEM
      Versión de motor actual: 
      Versión de motor anterior: 1.1.11400.0
      Código de error: 0x8024001e
      Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 
      
      CodeIntegrity:
      ===================================
      
      Date: 2018-05-22 19:07:06.582
      Description: 
      Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
      
      Date: 2018-05-22 19:07:06.396
      Description: 
      Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
      
      Date: 2018-05-22 19:07:06.219
      Description: 
      Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
      
      Date: 2018-05-22 19:07:06.035
      Description: 
      Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
      
      Date: 2018-05-22 19:07:05.852
      Description: 
      Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
      
      Date: 2018-05-22 19:07:05.675
      Description: 
      Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
      
      Date: 2018-05-22 19:07:05.497
      Description: 
      Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
      
      Date: 2018-05-22 19:07:05.317
      Description: 
      Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
      
      ==================== Memory info =========================== 
      
      Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
      Percentage of memory in use: 43%
      Total physical RAM: 4010.45 MB
      Available physical RAM: 2260.98 MB
      Total Virtual: 7850.45 MB
      Available Virtual: 6162.37 MB
      
      ==================== Drives ================================
      
      Drive c: (Windows8_OS) (Fixed) (Total:425.64 GB) (Free:32.56 GB) NTFS ==>[system with boot components (obtained from drive)]
      Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.85 GB) NTFS
      
      \\?\Volume{ad8ebeb5-f175-4b91-b62f-d63bdc83f9ef}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
      \\?\Volume{2bbd6860-7474-4986-b194-48042d42c9e6}\ (PBR_DRV) (Fixed) (Total:12.79 GB) (Free:3.5 GB) NTFS
      
      ==================== MBR & Partition Table ==================
      
      ========================================================
      Disk: 0 (Size: 465.8 GB) (Disk ID: 9BA030DA)
      
      Partition: GPT.
      
      ==================== End of Addition.txt ============================

    8. #8
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.485

      Re: Trojan.Agent.Generic Malwarebytes no elimina

      No pongas los logs con etiquetas, gracias






      Bien...... y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :


      • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

      • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

      • Pulsar en Run.

      Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

      Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

      En el equipo con los demas programas cerrados:
      Inicio >>> Ejecutar >>>Escribes notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\Run: [4357a07bca3145ae01a368ad784d2742] => C:\ProgramData\4357a07bca3145ae01a368ad784d2742\4357a07bca3145ae01a368ad784d2742.exe [0 ] (AutoIt Team)
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\Run: [driver4357a07bca3145ae01a368ad784d2742] => C:\ProgramData\odNsKA\4357a07bca3145ae01a368ad784d2742.exe [937776 2018-07-12] (AutoIt Team)
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\MountPoints2: {441390e3-5dff-11e8-82fc-f406695f5c48} - "F:\iLinker.exe" 
      Startup: C:\Users\Juanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4357a07bca3145ae01a368ad784d2742.lnk [2018-07-11]
      ShortcutTarget: 4357a07bca3145ae01a368ad784d2742.lnk -> C:\LENOVO-PC\xllhwnjitm.exe (AutoIt Team)
      C:\ProgramData\odNsKA\4357a07bca3145ae01a368ad784d2742.exe
      C:\ProgramData\odNsKA
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKU\S-1-5-21-763160427-2755469213-4145166228-1001 -> DefaultScope {441F9FC1-5D0A-49EE-8FEC-2CF2AFC2DE30} URL = 
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      2018-07-12 04:48 - 2018-07-12 04:48 - 000000000 ____D C:\ProgramData\WPtIze
      2018-07-12 04:48 - 2018-07-12 04:48 - 000000000 ____D C:\ProgramData\KKlguZ
      2018-07-12 04:47 - 2018-07-12 04:48 - 000000000 ____D C:\ProgramData\vuWkbE
      2018-07-12 04:47 - 2018-07-12 04:47 - 000000000 ____D C:\ProgramData\WIznJx
      2018-07-12 04:47 - 2018-07-12 04:47 - 000000000 ____D C:\ProgramData\vnpgAn
      2018-07-12 04:46 - 2018-07-12 04:47 - 000000000 ____D C:\ProgramData\UPylnl
      2018-07-12 04:46 - 2018-07-12 04:46 - 000000000 ____D C:\ProgramData\Jcvnpe
      2018-07-12 04:46 - 2018-07-12 04:46 - 000000000 ____D C:\ProgramData\HkIUOr
      2018-07-12 04:45 - 2018-07-12 04:46 - 000000000 ____D C:\ProgramData\rNrOZm
      2018-07-12 04:45 - 2018-07-12 04:45 - 000000000 ____D C:\ProgramData\ZoUKaY
      2018-07-12 04:45 - 2018-07-12 04:45 - 000000000 ____D C:\ProgramData\ctiANT
      2018-07-12 04:41 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\wsJjZu
      2018-07-12 04:41 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\odNsKA
      2018-07-12 04:41 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\LtLIPf
      2018-07-12 04:40 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\zFBwTC
      2018-07-12 04:40 - 2018-07-12 04:40 - 000000000 ____D C:\ProgramData\YuxTMG
      2018-07-12 04:40 - 2018-07-12 04:40 - 000000000 ____D C:\ProgramData\xbvbln
      2018-07-12 04:39 - 2018-07-12 04:40 - 000000000 ____D C:\ProgramData\bVOYOT
      2018-07-12 04:39 - 2018-07-12 04:39 - 000000000 ____D C:\ProgramData\kWMGnx
      2018-07-12 04:39 - 2018-07-12 04:39 - 000000000 ____D C:\ProgramData\Eskajv
      2018-07-12 04:38 - 2018-07-12 04:39 - 000000000 ____D C:\ProgramData\cKKwGN
      2018-07-12 04:38 - 2018-07-12 04:38 - 000000000 ____D C:\ProgramData\MaxSLh
      2018-07-12 04:38 - 2018-07-12 04:38 - 000000000 ____D C:\ProgramData\LCzkWX
      2018-07-12 04:37 - 2018-07-12 04:38 - 000000000 ____D C:\ProgramData\KxzgYi
      2018-07-12 04:37 - 2018-07-12 04:37 - 000000000 ____D C:\ProgramData\LbAcga
      2018-07-12 04:37 - 2018-07-12 04:37 - 000000000 ____D C:\ProgramData\DIwkcH
      2018-07-12 04:36 - 2018-07-12 04:37 - 000000000 ____D C:\ProgramData\fJvzNv
      2018-07-12 04:36 - 2018-07-12 04:36 - 000000000 ____D C:\ProgramData\pQCgvv
      
      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      END
      Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

      Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
      Ejecutas Frst.exe.

      Presionas el botón Fix y aguardas a que termine.
      La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo
      Lo pegas en tu próxima respuesta,junto a estos



      Descarga Hitman Pro >> HitmanPro 3.7.9 | InfoSpyware
      Manual Hitman Pro >> http://www.forospyware.com/t492725.html#post2353812
      -Eliges según tu Windows sea de 32 bits o de 64 bits >> Como determinar si su sistema es de 32 o 64 bits

      • Ejecuta HitmanPRO, (en Windows 7 u 8 ejecutar como "Administrador")
      • Presiona el botón: "Siguiente".
      • Dejamos marcada la opción recomendada >> Instalar una copia en el equipo<< y desmarcamos las casillas adicionales
      • En "Configuración", desmarcamos análisis de Cookies y “aceptar” Pulsamos Siguiente
      • Una vez finalizado el escaneo HitmanPRO incluye 30 días gratuitos para la eliminación de los posibles malwares detectados.

      - Cuando la búsqueda haya finalizado, se mostrará la ventana Resultados del análisis.
      -Recuerde OMITIR los marcados como Sospechosos
      - Pulsamos en Siguiente, para que Hitman realice lo necesario con las amenazas encontradas

      El informe también lo puede encontrar en Configuración>> Historial >> Registros






      Descarga y ejecutas Eset Online V2 >> https://www.infospyware.com/eset-online-scanner/

      1. Dejamos marcada la casilla de Detección de aplicaciones potencialmente indeseables
      2. Haces click en Configuración adicional o Avanzada y marcamos las casillas:


      • Analizar amenazas sospechosas
      • Analizar Archivos Comprimidos
      • Analizar en busca de aplicaciones potencialmente no seguras
      • Activar la tecnología Anti-Stealth.
      • Desinfectar amenazas automaticamente

      Objetos de análisis actual >> Cambiar >> Seleccionar todas las unidades del Pc
      • Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.
      • Cuando acabe haz clic en Finalizar


      Localiza y pega el reporte :

      ESET Online Scanner almacena un archivo de registro de luego de ser ejecutado, el cual puede ser examinado o enviado a ESET para ser analizado. Para ver tal archivo será necesario que la opción Ver archivos y carpetas ocultos se encuentre habilitada. Nuevos registros son agregados a los existentes cuando se ejecutan múltiples exploraciones.

      La ruta del archivo de registro es: C:\users\ TU NOMBRE DE USUARIO\appdata\local\temp\log.txt
      [/QUOTE]
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de sirio
      Registrado
      jul 2018
      Ubicación
      España
      Mensajes
      6

      Re: Trojan.Agent.Generic Malwarebytes no elimina

      Buenas

      Aquí dejo los reportes, muchas gracias!

      Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
      Ran by Juanka (12-07-2018 11:46:38) Run:1
      Running from C:\Users\Juanka\Desktop
      Loaded Profiles: Juanka (Available Profiles: Juanka)
      Boot Mode: Safe Mode (with Networking)
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\Run: [4357a07bca3145ae01a368ad784d2742] => C:\ProgramData\4357a07bca3145ae01a368ad784d2742\4357a07bca3145ae01a368ad784d2742.exe [0 ] (AutoIt Team)
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\Run: [driver4357a07bca3145ae01a368ad784d2742] => C:\ProgramData\odNsKA\4357a07bca3145ae01a368ad784d2742.exe [937776 2018-07-12] (AutoIt Team)
      HKU\S-1-5-21-763160427-2755469213-4145166228-1001\...\MountPoints2: {441390e3-5dff-11e8-82fc-f406695f5c48} - "F:\iLinker.exe"
      Startup: C:\Users\Juanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4357a07bca3145ae01a368ad784d2742.lnk [2018-07-11]
      ShortcutTarget: 4357a07bca3145ae01a368ad784d2742.lnk -> C:\LENOVO-PC\xllhwnjitm.exe (AutoIt Team)
      C:\ProgramData\odNsKA\4357a07bca3145ae01a368ad784d2742.exe
      C:\ProgramData\odNsKA
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-21-763160427-2755469213-4145166228-1001 -> DefaultScope {441F9FC1-5D0A-49EE-8FEC-2CF2AFC2DE30} URL =
      CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      2018-07-12 04:48 - 2018-07-12 04:48 - 000000000 ____D C:\ProgramData\WPtIze
      2018-07-12 04:48 - 2018-07-12 04:48 - 000000000 ____D C:\ProgramData\KKlguZ
      2018-07-12 04:47 - 2018-07-12 04:48 - 000000000 ____D C:\ProgramData\vuWkbE
      2018-07-12 04:47 - 2018-07-12 04:47 - 000000000 ____D C:\ProgramData\WIznJx
      2018-07-12 04:47 - 2018-07-12 04:47 - 000000000 ____D C:\ProgramData\vnpgAn
      2018-07-12 04:46 - 2018-07-12 04:47 - 000000000 ____D C:\ProgramData\UPylnl
      2018-07-12 04:46 - 2018-07-12 04:46 - 000000000 ____D C:\ProgramData\Jcvnpe
      2018-07-12 04:46 - 2018-07-12 04:46 - 000000000 ____D C:\ProgramData\HkIUOr
      2018-07-12 04:45 - 2018-07-12 04:46 - 000000000 ____D C:\ProgramData\rNrOZm
      2018-07-12 04:45 - 2018-07-12 04:45 - 000000000 ____D C:\ProgramData\ZoUKaY
      2018-07-12 04:45 - 2018-07-12 04:45 - 000000000 ____D C:\ProgramData\ctiANT
      2018-07-12 04:41 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\wsJjZu
      2018-07-12 04:41 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\odNsKA
      2018-07-12 04:41 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\LtLIPf
      2018-07-12 04:40 - 2018-07-12 04:41 - 000000000 ____D C:\ProgramData\zFBwTC
      2018-07-12 04:40 - 2018-07-12 04:40 - 000000000 ____D C:\ProgramData\YuxTMG
      2018-07-12 04:40 - 2018-07-12 04:40 - 000000000 ____D C:\ProgramData\xbvbln
      2018-07-12 04:39 - 2018-07-12 04:40 - 000000000 ____D C:\ProgramData\bVOYOT
      2018-07-12 04:39 - 2018-07-12 04:39 - 000000000 ____D C:\ProgramData\kWMGnx
      2018-07-12 04:39 - 2018-07-12 04:39 - 000000000 ____D C:\ProgramData\Eskajv
      2018-07-12 04:38 - 2018-07-12 04:39 - 000000000 ____D C:\ProgramData\cKKwGN
      2018-07-12 04:38 - 2018-07-12 04:38 - 000000000 ____D C:\ProgramData\MaxSLh
      2018-07-12 04:38 - 2018-07-12 04:38 - 000000000 ____D C:\ProgramData\LCzkWX
      2018-07-12 04:37 - 2018-07-12 04:38 - 000000000 ____D C:\ProgramData\KxzgYi
      2018-07-12 04:37 - 2018-07-12 04:37 - 000000000 ____D C:\ProgramData\LbAcga
      2018-07-12 04:37 - 2018-07-12 04:37 - 000000000 ____D C:\ProgramData\DIwkcH
      2018-07-12 04:36 - 2018-07-12 04:37 - 000000000 ____D C:\ProgramData\fJvzNv
      2018-07-12 04:36 - 2018-07-12 04:36 - 000000000 ____D C:\ProgramData\pQCgvv

      HOSTS:
      REMOVEPROXY:
      EMPTYTEMP:
      CMD: netsh winsock reset
      CMD: ipconfig /renew
      CMD: ipconfig /flushdns
      CMD: bitsadmin /reset /allusers
      END
      *****************

      Error: Restore point can only be created in normal mode.
      Processes closed successfully.
      "HKU\S-1-5-21-763160427-2755469213-4145166228-1001\Software\Microsoft\Windows\CurrentVersion\Run\\4357a07bca3145ae01a368ad784d2742" => removed successfully
      "HKU\S-1-5-21-763160427-2755469213-4145166228-1001\Software\Microsoft\Windows\CurrentVersion\Run\\driver4357a07bca3145ae01a368ad784d2742" => removed successfully
      "HKU\S-1-5-21-763160427-2755469213-4145166228-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{441390e3-5dff-11e8-82fc-f406695f5c48}" => removed successfully
      HKLM\Software\Classes\CLSID\{441390e3-5dff-11e8-82fc-f406695f5c48} => not found
      C:\Users\Juanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4357a07bca3145ae01a368ad784d2742.lnk => moved successfully
      C:\LENOVO-PC\xllhwnjitm.exe => moved successfully
      C:\ProgramData\odNsKA\4357a07bca3145ae01a368ad784d2742.exe => moved successfully
      C:\ProgramData\odNsKA => moved successfully
      "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
      HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
      "HKU\S-1-5-21-763160427-2755469213-4145166228-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
      "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj" => removed successfully
      "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => removed successfully
      "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
      C:\ProgramData\WPtIze => moved successfully
      C:\ProgramData\KKlguZ => moved successfully
      C:\ProgramData\vuWkbE => moved successfully
      C:\ProgramData\WIznJx => moved successfully
      C:\ProgramData\vnpgAn => moved successfully
      C:\ProgramData\UPylnl => moved successfully
      C:\ProgramData\Jcvnpe => moved successfully
      C:\ProgramData\HkIUOr => moved successfully
      C:\ProgramData\rNrOZm => moved successfully
      C:\ProgramData\ZoUKaY => moved successfully
      C:\ProgramData\ctiANT => moved successfully
      C:\ProgramData\wsJjZu => moved successfully
      "C:\ProgramData\odNsKA" => not found
      C:\ProgramData\LtLIPf => moved successfully
      C:\ProgramData\zFBwTC => moved successfully
      C:\ProgramData\YuxTMG => moved successfully
      C:\ProgramData\xbvbln => moved successfully
      C:\ProgramData\bVOYOT => moved successfully
      C:\ProgramData\kWMGnx => moved successfully
      C:\ProgramData\Eskajv => moved successfully
      C:\ProgramData\cKKwGN => moved successfully
      C:\ProgramData\MaxSLh => moved successfully
      C:\ProgramData\LCzkWX => moved successfully
      C:\ProgramData\KxzgYi => moved successfully
      C:\ProgramData\LbAcga => moved successfully
      C:\ProgramData\DIwkcH => moved successfully
      C:\ProgramData\fJvzNv => moved successfully
      C:\ProgramData\pQCgvv => moved successfully
      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      ========= RemoveProxy: =========

      "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
      "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
      "HKU\S-1-5-21-763160427-2755469213-4145166228-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
      "HKU\S-1-5-21-763160427-2755469213-4145166228-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


      ========= End of RemoveProxy: =========


      ========= netsh winsock reset =========


      El cat*logo Winsock se restableci¢ correctamente.
      Debe reiniciar el equipo para completar el restablecimiento.


      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows

      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local* 3 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Conexi¢n de *rea local* 2 mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
      est‚n desconectados.

      ========= End of CMD: =========


      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0 [ 7.7.9600 ]
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007042c
      No se puede iniciar el servicio o grupo de dependencia.



      ========= End of CMD: =========


      =========== EmptyTemp: ==========

      BITS transfer queue => 0 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 56035170 B
      Java, Flash, Steam htmlcache => 122576841 B
      Windows/system/drivers => 13071 B
      Edge => 0 B
      Chrome => 237084 B
      Firefox => 17467645 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Default => 0 B
      Users => 0 B
      ProgramData => 0 B
      Public => 0 B
      systemprofile => 94543 B
      systemprofile32 => 25469200 B
      LocalService => 5426 B
      NetworkService => 94117888 B
      Juanka => 32527704 B

      RecycleBin => 0 B
      EmptyTemp: => 332.4 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 11:47:25 ====


      *********************************************************************************************************************************************

      Código:
      HitmanPro 3.8.0.295
      www.hitmanpro.com
      
         Computer name . . . . : LENOVO-PC
         Windows . . . . . . . : 6.3.0.9600.X64/4
         User name . . . . . . : Lenovo-PC\Juanka
         UAC . . . . . . . . . : Enabled
         License . . . . . . . : Free
      
         Scan date . . . . . . : 2018-07-12 11:57:13
         Scan mode . . . . . . : Normal
         Scan duration . . . . : 11m 31s
         Disk access mode  . . : Direct disk access (SRB)
         Cloud . . . . . . . . : Internet
         Reboot  . . . . . . . : No
      
         Threats . . . . . . . : 0
         Traces  . . . . . . . : 1
      
         Objects scanned . . . : 2.740.506
         Files scanned . . . . : 56.219
         Remnants scanned  . . : 671.296 files / 2.012.991 keys
      
      Suspicious files ____________________________________________________________
      
         C:\Users\Juanka\Desktop\FRST64.exe
            Size . . . . . . . : 2.412.544 bytes
            Age  . . . . . . . : 0.3 days (2018-07-12 04:36:08)
            Entropy  . . . . . : 7.6
            SHA-256  . . . . . : 2BFC0BC43245CB7A74F0E02097519DDFE5F1A2C41C6211803CC8EB215D3DB462
            Needs elevation  . : Yes
            Fuzzy  . . . . . . : 24.0
               Program has no publisher information but prompts the user for permission elevation.
               Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
               Authors name is missing in version info. This is not common to most programs.
               Version control is missing. This file is probably created by an individual. This is not typical for most programs.
               Time indicates that the file appeared recently on this computer.

      ***********************************************************************************************

      12:42:11 # product=EOS
      # version=8
      # flags=0
      # ESETOnlineScanner_ESL.exe=2.0.22.0
      # EOSSerial=
      # end=init
      # utc_time=2018-07-12 10:42:11
      # local_time=2018-07-12 12:42:11 (+0100, Hora de verano centroeuropea)
      # country="Spain"
      # osver=6.3.9600 NT
      12:42:23 # product=EOS
      # version=8
      # flags=0
      # ESETOnlineScanner_ESL.exe=2.0.22.0
      # EOSSerial=98cab2c0f3591a4d99f099d7a971fa5d
      # end=init
      # utc_time=2018-07-12 10:42:23
      # local_time=2018-07-12 12:42:23 (+0100, Hora de verano centroeuropea)
      # country="Spain"
      # osver=6.3.9600 NT
      12:44:31 Updating
      12:44:32 Update Init
      12:44:33 Update Download
      12:46:15 esets_scanner_reload returned 0
      12:46:15 g_uiModuleBuild: 38018
      12:46:15 Update Finalize
      12:46:15 Call m_esets_charon_send
      12:46:15 Call m_esets_charon_destroy
      12:46:16 Updated modules version: 38018
      12:46:25 Call m_esets_charon_setup_create
      12:46:25 Call m_esets_charon_create
      12:46:25 m_esets_charon_create OK
      12:46:25 Call m_esets_charon_start_send_thread
      12:46:25 Call m_esets_charon_setup_set
      12:46:25 m_esets_charon_setup_set OK
      12:46:25 Scanner engine: 38018
      16:53:01 # product=EOS
      # version=8
      # flags=0
      # ESETOnlineScanner_ESL.exe=2.0.22.0
      # EOSSerial=98cab2c0f3591a4d99f099d7a971fa5d
      # engine=38018
      # end=finished
      # bannerClicked=0
      # remove_checked=true
      # archives_checked=true
      # unwanted_checked=true
      # unsafe_checked=true
      # antistealth_checked=true
      # sfx_checked=true
      # utc_time=2018-07-12 14:53:00
      # local_time=2018-07-12 16:53:00 (+0100, Hora de verano centroeuropea)
      # country="Spain"
      # lang=13322
      # osver=6.3.9600 NT
      # compatibility_mode_1='Avast Antivirus'
      # compatibility_mode=803 16777213 83 98 247395 10855923 0 0
      # compatibility_mode_1=''
      # compatibility_mode=5893 16776574 100 94 32222498 47170903 0 0
      # scanned=417226
      # found=4
      # cleaned=4
      # scan_time=12978
      sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="una variante de Win32/LuluSoftware.A aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\ProgramData\PDF Architect 5\Installation\PDFArchitect5Installer.exe"
      sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/OpenCandy.J aplicación potencialmente no segura,está correcto (eliminado)" ac=C fn="C:\Users\Juanka\AppData\Roaming\uTorrent\updates\3.5.0_43916.exe"
      sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Users\Juanka\Downloads\ccsetup544.exe"
      sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="una variante de Win32/LuluSoftware.A aplicación potencialmente no deseada (desinfectado por eliminación)" ac=C fn="C:\Users\Juanka\Downloads\PDFCreator-2_5_3-Setup.exe"
      16:53:12 Call m_esets_charon_send
      16:53:12 Call m_esets_charon_destroy

    10. #10
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      19.485

      Re: Trojan.Agent.Generic Malwarebytes no elimina

      Ok, y ahora haces un nuevo analisis con Malwarebytes y me pegas el log, y vemos si ahora sale limpio
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.