Solved Slow computer and high CPU usage

Khasmir

TS Rookie
Hello, I was wondering if someone could help me. My computer is going very slow and the CPU usage of notepad.exe is 70-80%. My antivirus (ESET NOD32) has detected a threat (coinminer) but does not delete it. I have scanned with MalwareBytes, but these problems persist. I would greatly appreciate any help you could provide me.
 

Khasmir

TS Rookie
I tried to attach my logs below, but an error occurred:

"Your content can not be submitted. This is likely because your content is spam-like or contains inappropriate elements. Please change your content or try again later. If you still have problems, please contact an administrator"
 
  • Like
Reactions: TrojanedPC18

Khasmir

TS Rookie
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Usuario (administrator) on USUARIO-PC (21-10-2018 10:47:10)
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario & Administrador (Available Profiles: Usuario & Administrador)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files\Gramblr\gramblr.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(CYPE Ingenieros S.A.) C:\CYPE Ingenieros\Versión 2015\servipas\servcpas.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Usuario\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Usuario\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 

Khasmir

TS Rookie
==================== Registry (Whitelisted) ===========================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [177928 2018-09-14] (ESET)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)

HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation)

HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)

HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [716224 2016-03-23] (Autodesk, Inc.)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-02-17] (Adobe Systems Inc.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)

HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Usuario\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)

HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2017-02-17] (Adobe Systems Incorporated)

HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [12423110b01798004b20b717b311253c] => C:\ProgramData\12423110b01798004b20b717b311253c\12423110b01798004b20b717b311253c.exe C:\ProgramData\12423110b01798004b20b717b311253c\test.au3

HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-07-03] (Piriform Ltd)

HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Policies\Explorer: []

HKU\S-1-5-21-195718489-560072280-3497813212-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-07-03] (Piriform Ltd)

HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)

SSODL: EldosMountNotificator-cbfs6 - {30321E38-D140-438C-8F3D-67A7D8ED6C02} - C:\Windows\system32\cbfsMntNtf6.dll (/n software, Inc.)

SSODL-x32: EldosMountNotificator-cbfs6 - {30321E38-D140-438C-8F3D-67A7D8ED6C02} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)

Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\12423110b01798004b20b717b311253c.lnk [2018-10-21]

ShortcutTarget: 12423110b01798004b20b717b311253c.lnk -> C:\USUARIO-PC\igchlsmnig.exe (AutoIt Team)

Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\28b00a2b0bf43e470d82a32996af0997.lnk [2018-07-02]

ShortcutTarget: 28b00a2b0bf43e470d82a32996af0997.lnk -> C:\USUARIO-PC\igchlsmnig.exe (AutoIt Team)
 

Broni

Malware Annihilator
Welcome aboard


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==========================================

As an exception please attach FRST logs.
 

Broni

Malware Annihilator
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Usuario (administrator) on USUARIO-PC (21-10-2018 10:47:10)
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario & Administrador (Available Profiles: Usuario & Administrador)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files\Gramblr\gramblr.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(CYPE Ingenieros S.A.) C:\CYPE Ingenieros\Versión 2015\servipas\servcpas.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Usuario\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Usuario\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [177928 2018-09-14] (ESET)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [716224 2016-03-23] (Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-02-17] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Usuario\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2017-02-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [12423110b01798004b20b717b311253c] => C:\ProgramData\12423110b01798004b20b717b311253c\12423110b01798004b20b717b311253c.exe C:\ProgramData\12423110b01798004b20b717b311253c\test.au3
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-07-03] (Piriform Ltd)
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Policies\Explorer: []
HKU\S-1-5-21-195718489-560072280-3497813212-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-07-03] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
SSODL: EldosMountNotificator-cbfs6 - {30321E38-D140-438C-8F3D-67A7D8ED6C02} - C:\Windows\system32\cbfsMntNtf6.dll (/n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {30321E38-D140-438C-8F3D-67A7D8ED6C02} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\12423110b01798004b20b717b311253c.lnk [2018-10-21]
ShortcutTarget: 12423110b01798004b20b717b311253c.lnk -> C:\USUARIO-PC\igchlsmnig.exe (AutoIt Team)
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\28b00a2b0bf43e470d82a32996af0997.lnk [2018-07-02]
ShortcutTarget: 28b00a2b0bf43e470d82a32996af0997.lnk -> C:\USUARIO-PC\igchlsmnig.exe (AutoIt Team)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{933B5029-AFBF-41E2-B902-34D099B52750}: [DhcpNameServer] 80.58.61.254 80.58.61.250

Internet Explorer:
==================
HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.es/
HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
SearchScopes: HKU\S-1-5-21-195718489-560072280-3497813212-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-195718489-560072280-3497813212-500 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-195718489-560072280-3497813212-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO: DIALux Browser Helper Object -> {F586CB96-7091-42ec-9829-F5D5CE65AFC1} -> C:\Program Files\DIAL GmbH\DIALux\Dialux.BHO_x64.dll [2016-01-12] (DIAL GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-08] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-08] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO-x32: DIALux Browser Helper Object -> {F586CB96-7091-42ec-9829-F5D5CE65AFC1} -> C:\Program Files\DIAL GmbH\DIALux\Dialux.BHO_x86.dll [2016-01-12] (DIAL GmbH)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-195718489-560072280-3497813212-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-195718489-560072280-3497813212-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)

FireFox:
========
FF ProfilePath: [core]
defaultProfile=default
[not found] <==== ATTENTION
FF DefaultProfile: krtp18zv.default
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\krtp18zv.default [2018-10-21]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\krtp18zv.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-18] [Legacy]
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Greyfirst\Celtx\Profiles\vum5kru5.default [2018-06-24]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2016-01-25] [Legacy] [not signed]
FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2016-01-25] [Legacy] [not signed]
FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2016-01-25] [Legacy] [not signed]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2016-01-25] [Legacy] [not signed]
FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2016-01-25] [Legacy] [not signed]
FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2016-01-25] [Legacy] [not signed]
FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2016-01-25] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2018-10-20] [Legacy]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-08] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-02-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2018-10-21]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Player para ver Movistar+) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-07-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [njpedbdniajflhgfoipnjkednnlkngbj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 Avid DMF Service; C:\Program Files\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe [661768 2015-12-03] (Avid Technology, Inc.)
R2 Avid Editor Broker; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe [662280 2015-12-03] (Avid Technology, Inc.)
R2 Avid Editor Db Engine; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe [661768 2015-12-03] (Avid Technology, Inc.)
S3 Avid Editor Transcode Service; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe [662280 2015-12-03] (Avid Technology, Inc.)
R2 Avid Editor Transcode Status; C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe [297736 2015-12-03] (Avid Technology, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-03] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-10-09] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2260144 2018-09-14] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2260144 2018-09-14] (ESET)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [14535760 2018-10-10] () [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [65904 2018-07-19] (Robert McNeel & Associates)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
R2 Servidor de pastillas de red; C:\CYPE Ingenieros\Versión 2015\servipas\servcpas.exe [102400 2015-11-30] (CYPE Ingenieros S.A.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-09] (/n software, Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [501216 2015-06-18] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [141512 2018-09-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188824 2018-09-14] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [109864 2018-09-14] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-09-11] (Malwarebytes)
S2 Hardlock; C:\Windows\SysWOW64\drivers\hardlock.sys [676864 2004-07-14] (Aladdin Knowledge Systems) [File not signed]
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [200232 2018-10-20] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [118584 2018-10-21] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [58400 2018-10-21] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260384 2018-10-21] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [100664 2018-10-21] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-07] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2016-09-09] (/n software, Inc.)
S3 ALSysIO; \??\C:\Users\Usuario\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
U3 aswbdisk; no ImagePath
S1 cajpstfa; \??\C:\Windows\system32\drivers\cajpstfa.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-21 10:47 - 2018-10-21 10:47 - 000028498 _____ C:\Users\Usuario\Desktop\FRST.txt
2018-10-21 10:44 - 2018-10-21 10:46 - 000000000 ____D C:\Users\Usuario\Desktop\octubre 2018 escritorio
2018-10-21 10:38 - 2018-10-21 10:38 - 000260384 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-10-21 10:38 - 2018-10-21 10:38 - 000118584 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-10-21 10:38 - 2018-10-21 10:38 - 000100664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-10-21 10:38 - 2018-10-21 10:38 - 000058400 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-10-21 10:38 - 2018-10-21 10:38 - 000000000 ____D C:\work
2018-10-21 09:23 - 2018-10-21 10:47 - 000000000 ____D C:\FRST
2018-10-21 09:20 - 2018-10-21 09:23 - 002414592 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2018-10-21 08:45 - 2018-10-21 08:45 - 000002249 _____ C:\Users\Administrador\Desktop\Google Chrome.lnk
2018-10-21 02:29 - 2018-10-21 02:29 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2018-10-21 02:29 - 2018-10-21 02:29 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2018-10-21 02:21 - 2014-06-30 23:24 - 000008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2018-10-21 02:21 - 2014-06-30 23:14 - 000008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2018-10-21 02:21 - 2014-03-09 22:48 - 001389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2018-10-21 02:21 - 2014-03-09 22:48 - 000171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2018-10-21 02:21 - 2014-03-09 22:47 - 000619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2018-10-21 02:21 - 2014-03-09 22:47 - 000099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2018-10-21 02:20 - 2014-06-06 07:16 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2018-10-21 02:20 - 2014-06-06 07:12 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2018-10-20 16:10 - 2018-10-20 16:10 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\vlc
2018-10-20 16:05 - 2018-10-20 16:06 - 000007605 _____ C:\Users\Administrador\AppData\Local\Resmon.ResmonCfg
2018-10-20 15:54 - 2018-10-20 15:54 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\AMD
2018-10-20 14:58 - 2018-10-20 14:58 - 000000000 ____D C:\Users\Administrador\Documents\My Games
2018-10-20 14:44 - 2018-10-20 14:44 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Sun
2018-10-20 14:44 - 2018-10-20 14:44 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\Sun
2018-10-20 14:39 - 2018-10-20 14:41 - 000000000 ____D C:\Users\Administrador\AppData\Local\Adobe
2018-10-20 14:39 - 2018-10-20 14:39 - 000296936 _____ C:\Users\Administrador\AppData\Local\GDIPFONTCACHEV1.DAT
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Mozilla
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Autodesk
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Apple Computer
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\Mozilla
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\Mozilla
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\mbam
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\Google
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\CEF
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\Autodesk
2018-10-20 14:38 - 2018-10-20 14:41 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Adobe
2018-10-20 14:38 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\AMD
2018-10-20 14:38 - 2018-10-20 14:38 - 000001393 _____ C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-10-20 14:36 - 2014-05-14 17:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-10-20 14:36 - 2014-05-14 17:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-10-20 14:36 - 2014-05-14 17:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-10-20 14:36 - 2014-05-14 17:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-10-20 14:35 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-10-20 14:35 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-10-20 14:35 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-10-20 14:35 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-10-20 14:21 - 2018-10-20 14:21 - 000002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2018-10-20 14:21 - 2018-10-20 14:21 - 000001912 _____ C:\Windows\epplauncher.mif
2018-10-20 14:21 - 2018-10-20 14:21 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-10-20 14:21 - 2018-10-20 14:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-10-20 14:11 - 2018-10-20 14:11 - 000000000 ____D C:\Users\Administrador\AppData\Local\ElevatedDiagnostics
2018-10-20 14:09 - 2018-10-20 14:38 - 000000000 ____D C:\Users\Administrador
2018-10-20 14:09 - 2018-10-20 14:09 - 000000020 ___SH C:\Users\Administrador\ntuser.ini
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Reciente
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Plantillas
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Mis documentos
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Menú Inicio
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Impresoras
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Entorno de red
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Documents\Mis vídeos
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Documents\Mis imágenes
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Documents\Mi música
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Datos de programa
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Configuración local
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Historial
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Datos de programa
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Archivos temporales de Internet
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 ____D C:\Users\Administrador\AppData\Local\mbamtray
2018-10-20 14:09 - 2016-01-08 14:28 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Macromedia
2018-10-20 14:09 - 2011-04-12 10:20 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Media Center Programs
2018-10-20 13:39 - 2018-10-20 13:44 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\uTorrent
2018-10-20 13:12 - 2018-10-20 13:12 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign68c2c7a934d3c68d
2018-10-20 08:46 - 2018-10-20 14:09 - 000200232 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-10-18 09:26 - 2018-10-18 09:26 - 000097244 _____ C:\Users\Usuario\Desktop\RhinoCrashDump.3dm
2018-10-18 06:55 - 2018-10-18 10:55 - 000000000 ___HD C:\ProgramData\12423110b01798004b20b717b311253c
2018-10-16 06:54 - 2018-10-16 06:54 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2018-10-16 06:51 - 2018-10-16 06:51 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-16 06:51 - 2018-10-16 06:51 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2018-10-16 06:51 - 2018-10-16 06:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-16 06:51 - 2018-10-16 06:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-16 06:51 - 2018-10-16 06:51 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-16 06:51 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-10-15 13:03 - 2018-10-15 13:03 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign2093b1e66a2ffe57
2018-10-15 11:15 - 2018-10-15 11:15 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign14808e53e33f7c5f
2018-10-15 11:08 - 2018-10-15 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigneb993f3fcd8af769
2018-10-15 11:08 - 2018-10-15 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign71fe81a4e0049e9c
2018-10-15 11:08 - 2018-10-15 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign6c3c98d9d89370e5
2018-10-15 11:08 - 2018-10-15 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign54fbf2efd6573ba4
2018-10-13 09:14 - 2018-10-13 09:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignf221c4f75890e654
2018-10-13 09:14 - 2018-10-13 09:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign9565305aa6e75461
2018-10-13 09:14 - 2018-10-13 09:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign481d475bb006045d
2018-10-11 15:16 - 2018-10-11 15:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbf3bf333ae06f2f4
2018-10-11 15:15 - 2018-10-11 15:15 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigncfa74364ed4d30e8
2018-10-11 15:15 - 2018-10-11 15:15 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign174e78915536869f
2018-10-11 12:07 - 2018-10-11 12:07 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigncaf4ea7b737c82a8
2018-10-11 12:07 - 2018-10-11 12:07 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignace54831db1df838
2018-10-11 12:07 - 2018-10-11 12:07 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign35c09277723fb0ff
2018-10-11 11:44 - 2018-10-11 11:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignfc1d4eb1f1ed1ce4
2018-10-11 11:44 - 2018-10-11 11:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign7e1346a814dee1f1
2018-10-11 11:44 - 2018-10-11 11:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign05490c13ab455fc1
2018-10-10 17:12 - 2018-10-10 12:07 - 000757700 _____ C:\Users\Usuario\Documents\cartel.bak
2018-10-10 13:14 - 2018-10-10 13:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignf2ec6cd0d56c8bfd
2018-10-10 13:14 - 2018-10-10 13:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignea0e3c74c58baabc
2018-10-10 13:14 - 2018-10-10 13:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign35dc0e5697f4d5dc
2018-10-10 13:14 - 2018-10-10 13:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign0c4135b3f246e598
2018-10-10 12:17 - 2018-10-10 12:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign36dcd04308a31922
2018-10-10 12:16 - 2018-10-10 12:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignccfd8f9dab1a4946
2018-10-10 12:16 - 2018-10-10 12:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign940f29f652e7f2f8
2018-10-10 11:34 - 2018-10-10 17:12 - 000760739 _____ C:\Users\Usuario\Documents\cartel.dwg
2018-10-10 11:34 - 2018-10-10 13:14 - 000753172 _____ C:\Users\Usuario\Documents\acaite.dwg
2018-10-10 11:34 - 2018-10-10 12:35 - 000757700 _____ C:\Users\Usuario\Documents\acaite.bak
2018-10-09 21:00 - 2018-10-09 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-09 15:23 - 2018-10-09 15:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8803b0c085ec1cdb
2018-10-09 15:23 - 2018-10-09 15:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign4e503ef13113a431
2018-10-09 15:23 - 2018-10-09 15:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1039898a48b799a8
2018-10-09 14:33 - 2018-10-09 14:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign10ec45465ff3bd70
2018-10-09 14:20 - 2018-10-09 14:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign90cc7f9f3e7ffb17
2018-10-09 14:02 - 2018-10-09 14:33 - 000042680 _____ C:\Users\Usuario\Documents\globe.dwg
2018-10-09 14:02 - 2018-10-09 14:20 - 000040410 _____ C:\Users\Usuario\Documents\globe.bak
 
  • Like
Reactions: Khasmir

Broni

Malware Annihilator
2018-10-09 13:19 - 2018-10-09 13:19 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign6319ac095ad1a7f6
2018-10-09 13:11 - 2018-10-09 13:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8b0cec56191e03c3
2018-10-09 13:11 - 2018-10-09 13:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign82da93d91a9ac1a8
2018-10-09 13:11 - 2018-10-09 13:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign5c8b04d39862d6b1
2018-10-09 12:53 - 2018-10-09 12:53 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-10-09 12:53 - 2018-10-09 12:53 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-10-09 12:53 - 2018-10-09 12:53 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-10-09 12:53 - 2018-10-09 12:53 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-10-09 12:25 - 2018-10-09 12:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna8548dbea757ae08
2018-10-09 12:13 - 2018-10-09 12:13 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbad24802716069d5
2018-10-09 09:06 - 2018-10-09 09:06 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna1f12fa6002e4f7a
2018-10-09 09:05 - 2018-10-09 09:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign85877c3a81f672ac
2018-10-09 09:05 - 2018-10-09 09:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign808a4b3a812a7c3e
2018-10-08 13:45 - 2018-10-08 13:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbc6354a326e1fa44
2018-10-08 13:45 - 2018-10-08 13:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign95ecc30df75425c7
2018-10-08 13:45 - 2018-10-08 13:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign89dcc52d294d333e
2018-10-08 12:12 - 2018-10-08 12:12 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign7922d8b71b6b4832
2018-10-08 12:04 - 2018-10-08 12:04 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign814312127614cc6f
2018-10-08 12:04 - 2018-10-08 12:04 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1a03e44e6fd0104b
2018-10-08 10:44 - 2018-10-08 10:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign5db6e1e1cb96bd10
2018-10-08 10:43 - 2018-10-08 10:43 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbf416b0a06d6d067
2018-10-08 10:43 - 2018-10-08 10:43 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign708593fcca92478b
2018-10-08 09:17 - 2018-10-08 09:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna0ef71cd0820a601
2018-10-08 09:17 - 2018-10-08 09:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8348df1b724a1436
2018-10-08 09:17 - 2018-10-08 09:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign63be81cabf6fb189
2018-10-08 09:17 - 2018-10-08 09:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign2fbf11bef7d1d241
2018-10-08 09:08 - 2018-10-08 09:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1b261938258142ec
2018-10-08 09:05 - 2018-10-08 09:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign9fb932d32ef4de7b
2018-10-08 09:05 - 2018-10-08 09:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign5b3f62f31f36a3b6
2018-10-04 22:20 - 2018-10-04 22:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignae6f9c746dc10819
2018-10-04 22:20 - 2018-10-04 22:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign7971ec55d9cccb43
2018-10-04 22:20 - 2018-10-04 22:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign62f7dcfd0730a3bd
2018-10-04 21:05 - 2018-10-04 21:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign76cbc87c0e707daf
2018-10-04 19:11 - 2018-10-04 19:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignacd9ef4517f323e7
2018-10-04 19:11 - 2018-10-04 19:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8162454b1d8bd0a5
2018-10-04 19:11 - 2018-10-04 19:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign5ca1f8ce841312b8
2018-10-04 19:03 - 2018-10-04 19:03 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign2cf18e8ff284efa3
2018-10-04 19:02 - 2018-10-04 19:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignd525c9477e166a58
2018-10-04 19:02 - 2018-10-04 19:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1b4121bc12040975
2018-10-04 19:01 - 2018-10-04 19:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignc98756493e14b047
2018-10-04 19:01 - 2018-10-04 19:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign344368e22485a773
2018-10-04 18:59 - 2018-10-04 18:59 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignba79601fb35ca4c8
2018-10-04 18:59 - 2018-10-04 18:59 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8e715a05499bc27d
2018-10-04 18:59 - 2018-10-04 18:59 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign285ca5c60b75fa36
2018-10-04 18:56 - 2018-10-04 18:56 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigne943be688f3e6392
2018-10-04 18:56 - 2018-10-04 18:56 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign324e3a1dd535fe30
2018-10-04 18:52 - 2018-10-04 18:52 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigne26ffcd0417d39bf
2018-10-04 18:52 - 2018-10-04 18:52 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignc96b2204a428e2ee
2018-10-04 18:52 - 2018-10-04 18:52 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignc8e58a71f7ad1f28
2018-10-04 18:51 - 2018-10-04 18:51 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign54139709f450df43
2018-10-04 18:51 - 2018-10-04 18:51 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign3efd3d57556d334c
2018-10-04 18:25 - 2018-10-04 18:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignf5a839262c9437a0
2018-10-04 18:20 - 2018-10-04 18:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign5fea8883ca3650db
2018-10-04 18:20 - 2018-10-04 18:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1d14e75f7f91a4a9
2018-10-04 17:25 - 2018-10-04 17:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign9b4c56bcd02abaca
2018-10-04 17:25 - 2018-10-04 17:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign976e101c00c6ad82
2018-10-04 17:25 - 2018-10-04 17:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign3eebc2b9e0d97cf2
2018-10-04 17:24 - 2018-10-04 17:24 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8b302faf93f74c16
2018-10-04 17:24 - 2018-10-04 17:24 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign43f562e10993c139
2018-10-04 17:24 - 2018-10-04 17:24 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign19cfa20da7cf72b4
2018-10-04 17:18 - 2018-10-04 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigndba72635aa6e9891
2018-10-04 17:18 - 2018-10-04 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign983ea86c9db9129b
2018-10-04 17:18 - 2018-10-04 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign4413dfea578e3ee9
2018-10-04 17:18 - 2018-10-04 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign152a8de259b93810
2018-10-04 17:18 - 2018-10-04 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign0471b593c1981611
2018-10-04 17:17 - 2018-10-04 17:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign54c50e2418f51d75
2018-10-04 17:17 - 2018-10-04 17:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign40b22d35c7b9371a
2018-10-04 17:17 - 2018-10-04 17:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign277d08b09573518a
2018-10-04 11:26 - 2018-10-04 11:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign7eba7dcfdc2290eb
2018-10-04 11:26 - 2018-10-04 11:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign413ee8646a43e62f
2018-10-04 11:22 - 2018-10-04 11:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna4c7c38a3558c138
2018-10-04 11:22 - 2018-10-04 11:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign78065a401349353a
2018-10-04 11:22 - 2018-10-04 11:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign25151dca1867b5aa
2018-10-04 10:43 - 2018-10-04 10:43 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign9b134e77642febd4
2018-10-04 10:39 - 2018-10-04 10:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignb1e3359a2d0d76c2
2018-10-04 10:39 - 2018-10-04 10:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign997e996a0a3ea7d4
2018-10-04 10:39 - 2018-10-04 10:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign60403e367572a2a6
2018-10-04 10:37 - 2018-10-04 10:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign61dae22113f316e6
2018-10-04 10:37 - 2018-10-04 10:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign0dc3682e79b65db7
2018-10-04 10:25 - 2018-10-04 10:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign7ebbe6afe9c6b2ba
2018-10-04 10:25 - 2018-10-04 10:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign638eb45c8a26e490
2018-10-04 10:24 - 2018-10-04 10:24 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignd46a23d11db183bd
2018-10-04 10:22 - 2018-10-04 10:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignacdd647b3bc80e91
2018-10-04 10:22 - 2018-10-04 10:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign71c5cab11b36b8a1
2018-10-04 10:22 - 2018-10-04 10:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign49d19f5e2eae5f9f
2018-10-04 10:22 - 2018-10-04 10:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign47224ba50f74ba8b
2018-10-04 09:20 - 2018-10-04 09:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignd5ef28d8570661ef
2018-10-04 09:20 - 2018-10-04 09:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1af8a8a2269187c6
2018-10-02 13:25 - 2018-10-02 13:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignf283588042e126eb
2018-10-02 13:25 - 2018-10-02 13:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigne8e8d97c1c4d5daa
2018-10-01 11:49 - 2018-10-01 11:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignfeb9203a5bf8c46e
2018-10-01 11:49 - 2018-10-01 11:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignb2c475a3d60c1ea4
2018-10-01 11:49 - 2018-10-01 11:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8561f9cc213cb066
2018-10-01 11:49 - 2018-10-01 11:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign58861943da338c97
2018-10-01 10:48 - 2018-10-01 10:48 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign94680e9f43092057
2018-10-01 10:48 - 2018-10-01 10:48 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8b0b026378671c61
2018-10-01 10:43 - 2018-10-01 10:43 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign6fc06dc898cdaf7a
2018-10-01 10:43 - 2018-10-01 10:43 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign2abbec0829f0b46a
2018-10-01 10:26 - 2018-10-01 10:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignfd2a326e7582c51d
2018-10-01 10:26 - 2018-10-01 10:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna4e4d21f6d1fe81d
2018-09-30 12:06 - 2018-09-30 12:06 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign6fc533e342b587f2
2018-09-30 11:05 - 2018-09-30 11:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign850498402f73723e
2018-09-30 11:02 - 2018-09-30 11:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignea347f8df17042f0
2018-09-30 11:02 - 2018-09-30 11:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign97cf1ab57897875e
2018-09-30 11:02 - 2018-09-30 11:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign946606531a7b3db1
2018-09-30 11:02 - 2018-09-30 11:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign746689f1a72637d2
2018-09-30 10:42 - 2018-09-30 11:05 - 000790179 _____ C:\Users\Usuario\Documents\rosa.bak
2018-09-29 17:48 - 2018-09-29 17:48 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign4cf8cd3d0110dea7
2018-09-29 15:22 - 2018-09-29 15:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignff4cabeebe7381f4
2018-09-29 15:22 - 2018-09-29 15:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign22b257ecbe0834f8
2018-09-29 15:22 - 2018-09-29 15:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign10f7fa4b9c292d10
2018-09-29 10:33 - 2018-09-29 10:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign829b072008ead8c7
2018-09-29 10:33 - 2018-09-29 10:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign3c1da5569493cad3
2018-09-29 10:14 - 2018-09-29 10:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbfbe46db2e922832
2018-09-29 10:14 - 2018-09-29 10:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbf8a5adb234c38af
2018-09-29 00:43 - 2018-09-29 00:43 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\AMD
2018-09-29 00:26 - 2018-09-29 00:26 - 000003152 _____ C:\Windows\System32\Tasks\StartCN
2018-09-29 00:26 - 2018-09-29 00:26 - 000003066 _____ C:\Windows\System32\Tasks\StartDVR
2018-09-29 00:26 - 2018-09-29 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2018-09-29 00:16 - 2018-09-29 00:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2018-09-28 13:44 - 2018-09-28 13:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign75dbf8ea8bcc93b1
2018-09-28 13:44 - 2018-09-28 13:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign413dd904a9d55aa7
2018-09-26 14:20 - 2018-09-26 14:20 - 000113256 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2018-09-26 14:20 - 2018-09-26 14:20 - 000104840 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2018-09-26 04:48 - 2018-09-26 04:48 - 000331144 _____ C:\Windows\system32\clinfo.exe
2018-09-26 04:48 - 2018-09-26 04:48 - 000169864 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-09-26 04:48 - 2018-09-26 04:48 - 000146312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-09-26 04:47 - 2018-09-26 04:47 - 060112264 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2018-09-26 04:47 - 2018-09-26 04:47 - 026375560 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2018-09-26 04:47 - 2018-09-26 04:47 - 021076360 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2018-09-26 04:46 - 2018-09-26 04:46 - 049420168 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2018-09-26 04:40 - 2018-09-26 04:40 - 012034200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdvt.dll
2018-09-26 04:40 - 2018-09-26 04:40 - 000166240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2018-09-26 04:40 - 2018-09-26 04:40 - 000141496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 031333768 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 012654248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6t.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000188112 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000162880 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000134040 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000114976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000103664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000103664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 047102856 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2018-09-26 04:38 - 2018-09-26 04:38 - 015924104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 013778824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 003709832 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 003338120 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 000150408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 000127368 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 000060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2018-09-26 04:37 - 2018-09-26 04:37 - 000543624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2018-09-26 04:37 - 2018-09-26 04:37 - 000373640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2018-09-26 04:37 - 2018-09-26 04:37 - 000139144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2018-09-26 04:37 - 2018-09-26 04:37 - 000117128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000561544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000472456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2018-09-26 04:29 - 2018-09-26 04:29 - 000176008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000153992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000144776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000129928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2018-09-26 04:29 - 2018-09-26 04:29 - 000036744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2018-09-26 04:28 - 2018-09-26 04:28 - 014957960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2018-09-26 04:28 - 2018-09-26 04:28 - 012391304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2018-09-26 04:28 - 2018-09-26 04:28 - 000910728 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2018-09-26 04:28 - 2018-09-26 04:28 - 000741256 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2018-09-26 04:21 - 2018-09-26 04:21 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2018-09-26 04:20 - 2018-09-26 04:20 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2018-09-26 04:18 - 2018-09-26 04:18 - 000009936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2018-09-26 04:18 - 2018-09-26 04:18 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000578440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2018-09-26 04:17 - 2018-09-26 04:17 - 000489352 _____ (AMD) C:\Windows\system32\atitmm64.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000480648 _____ C:\Windows\system32\dgtrayicon.exe
2018-09-26 04:17 - 2018-09-26 04:17 - 000467848 _____ C:\Windows\system32\GameManager64.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000373640 _____ C:\Windows\SysWOW64\GameManager32.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000209800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000115592 _____ (AMD) C:\Windows\system32\atimuixx.dll
2018-09-26 04:16 - 2018-09-26 04:16 - 001183624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2018-09-26 04:16 - 2018-09-26 04:16 - 001183624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2018-09-26 04:16 - 2018-09-26 04:16 - 000746376 _____ (AMD) C:\Windows\system32\atieclxx.exe
2018-09-26 04:16 - 2018-09-26 04:16 - 000496008 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2018-09-26 04:16 - 2018-09-26 04:16 - 000458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2018-09-26 04:16 - 2018-09-26 04:16 - 000423304 _____ C:\Windows\system32\atieah64.exe
2018-09-26 04:16 - 2018-09-26 04:16 - 000341384 _____ C:\Windows\SysWOW64\atieah32.exe
2018-09-26 04:15 - 2018-09-26 04:15 - 000457096 _____ C:\Windows\system32\amdgfxinfo64.dll
2018-09-26 04:15 - 2018-09-26 04:15 - 000370568 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2018-09-26 04:15 - 2018-09-26 04:15 - 000223624 _____ C:\Windows\system32\Drivers\amdacpksd.sys
2018-09-26 04:04 - 2018-09-26 04:04 - 000902184 _____ C:\Windows\SysWOW64\atiapfxx.blb
2018-09-26 04:04 - 2018-09-26 04:04 - 000902184 _____ C:\Windows\system32\atiapfxx.blb
2018-09-26 01:20 - 2018-09-29 00:21 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2018-09-25 23:22 - 2018-09-25 23:22 - 000164168 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2018-09-25 23:22 - 2018-09-25 23:22 - 000135328 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2018-09-25 18:33 - 2018-09-25 18:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign4e131d3a38d6e76a
2018-09-25 18:33 - 2018-09-25 18:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign0fc49bfd35606b9c
2018-09-24 11:50 - 2018-09-24 11:50 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign85fe5c1460d956b9
2018-09-24 11:50 - 2018-09-24 11:50 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign431531125529a6a0
2018-09-24 10:49 - 2018-09-24 10:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignc1a35346b29e4be2
2018-09-24 10:49 - 2018-09-24 10:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbdd10532a280d895
2018-09-24 10:49 - 2018-09-24 10:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign0fe0d4c2ed52dfa0
2018-09-23 14:25 - 2018-09-23 14:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignd4fabb0a6e45f7fd
2018-09-23 14:25 - 2018-09-23 14:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignd26583bea0691cb2
2018-09-23 14:25 - 2018-09-23 14:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign157bb46b84691fe9
2018-09-23 14:17 - 2018-09-23 14:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbf47d0b6c8a659aa
2018-09-23 14:17 - 2018-09-23 14:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna8f95821bb4dd8e0
2018-09-23 14:08 - 2018-09-23 14:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigncdec6b1bdb4a7c50
2018-09-23 14:08 - 2018-09-23 14:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignc96ae6a839d312b6
2018-09-23 14:08 - 2018-09-23 14:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignab61a38a19aa352f
2018-09-23 13:19 - 2018-09-23 13:19 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigndd5466e84be549a8
2018-09-23 13:19 - 2018-09-23 13:19 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign4960aaed485d9490
2018-09-23 09:38 - 2018-09-23 09:38 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign86591b74c944f17f
2018-09-23 09:38 - 2018-09-23 09:38 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign55d10786cc6b1901
2018-09-23 09:38 - 2018-09-23 09:38 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign330bf6da0ba3e4d3
2018-09-23 09:23 - 2018-09-23 09:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignad5466a5b06aa556
2018-09-23 09:23 - 2018-09-23 09:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign6c71c2fc4b0921a8

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-21 10:47 - 2018-04-08 17:35 - 000000000 ____D C:\ProgramData\Gramblr
2018-10-21 10:45 - 2009-07-14 05:45 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-21 10:45 - 2009-07-14 05:45 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-21 10:43 - 2011-04-12 10:10 - 000750994 _____ C:\Windows\system32\perfh00A.dat
2018-10-21 10:43 - 2011-04-12 10:10 - 000160036 _____ C:\Windows\system32\perfc00A.dat
2018-10-21 10:43 - 2009-07-14 06:13 - 001685736 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-21 10:43 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-10-21 10:42 - 2018-06-17 19:09 - 000000000 ___HD C:\USUARIO-PC
2018-10-21 10:42 - 2017-01-03 12:03 - 000000990 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-10-21 10:38 - 2016-09-18 23:56 - 000000000 ____D C:\ProgramData\PACE
2018-10-21 10:38 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-21 10:37 - 2016-09-19 00:30 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-10-21 10:31 - 2017-01-03 12:03 - 000000994 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-10-21 02:45 - 2015-12-24 17:23 - 001658706 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-10-21 02:29 - 2009-07-14 03:34 - 000000478 _____ C:\Windows\win.ini
2018-10-21 02:13 - 2018-06-17 19:09 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\bdba28455878b916c2f53f9b1f3365a2
2018-10-21 02:00 - 2016-01-08 14:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe
2018-10-20 18:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-10-20 16:18 - 2018-06-20 00:48 - 000000000 ____D C:\Windows\pss
2018-10-20 16:12 - 2017-01-28 00:39 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
2018-10-20 16:12 - 2016-12-05 00:17 - 000000000 ___RD C:\Users\Usuario\iCloudDrive
2018-10-20 14:39 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-10-19 23:40 - 2017-03-20 18:21 - 000000000 ____D C:\Users\Usuario\AppData\Local\Battle.net
2018-10-18 13:54 - 2016-01-10 22:20 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Adobe
2018-10-18 13:01 - 2017-01-28 14:06 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Grasshopper
2018-10-18 09:26 - 2017-01-28 11:41 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\McNeel
2018-10-16 16:05 - 2016-05-10 23:43 - 000000000 ____D C:\Users\Usuario\.afirma
2018-10-15 22:48 - 2010-11-21 04:27 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-10-15 11:08 - 2017-03-06 02:21 - 000000033 _____ C:\Users\Usuario\AppData\Roaming\AdobeWLCMCache.dat
2018-10-11 13:46 - 2018-06-01 22:44 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-10-11 13:03 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-10-10 12:06 - 2018-04-08 17:35 - 000000000 ____D C:\Program Files\Gramblr
2018-10-09 21:00 - 2017-01-03 12:03 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-10-09 00:20 - 2018-05-02 18:40 - 007878240 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-08 19:00 - 2016-06-18 12:34 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-08 10:43 - 2018-05-02 01:19 - 000296936 _____ C:\Users\Usuario\AppData\Local\GDIPFONTCACHEV1.DAT
2018-10-07 01:18 - 2017-06-18 18:37 - 000000000 ____D C:\Users\Usuario\Documents\Adobe Premiere Pro Audio Previews
2018-10-06 09:54 - 2017-01-24 14:56 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vlc
2018-09-29 00:26 - 2015-12-24 17:22 - 000000000 ____D C:\Program Files\AMD
2018-09-29 00:23 - 2016-09-19 00:31 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-09-29 00:21 - 2016-01-25 18:12 - 000000000 ____D C:\AMD
2018-09-26 04:40 - 2015-11-18 09:19 - 011980616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2018-09-26 04:39 - 2018-09-19 01:23 - 012587304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2018-09-26 04:39 - 2016-09-07 16:41 - 038207880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2018-09-26 04:37 - 2018-09-19 01:26 - 001532808 _____ (AMD) C:\Windows\system32\coinst_18.30.dll
2018-09-26 04:29 - 2018-05-16 20:22 - 013290240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2018-09-26 04:29 - 2015-11-18 09:20 - 001569336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2018-09-26 04:29 - 2015-06-23 03:08 - 016219048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2018-09-26 04:29 - 2015-06-23 03:08 - 001927264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2018-09-26 04:18 - 2018-09-19 01:07 - 012897328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2018-09-26 04:18 - 2018-09-19 01:07 - 000189136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2018-09-26 04:18 - 2018-05-16 20:24 - 000173168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2018-09-26 04:18 - 2015-11-18 09:20 - 000155176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2018-09-26 04:18 - 2015-11-18 09:19 - 010501008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2018-09-26 04:18 - 2015-06-23 03:08 - 000205128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2018-09-26 04:17 - 2016-09-07 16:41 - 000240520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2018-09-26 04:17 - 2016-09-07 16:41 - 000158088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2018-09-26 04:16 - 2016-09-07 16:41 - 001619848 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2018-09-22 10:26 - 2017-01-03 12:03 - 000003990 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-09-22 10:26 - 2017-01-03 12:03 - 000003738 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-09-21 19:48 - 2016-01-11 17:56 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-21 17:00 - 2016-01-13 13:28 - 000000000 ____D C:\Users\Usuario\.matplotlib

==================== Files in the root of some directories =======

2017-03-06 02:21 - 2018-10-15 11:08 - 000000033 _____ () C:\Users\Usuario\AppData\Roaming\AdobeWLCMCache.dat
2016-05-25 10:31 - 2018-06-05 10:56 - 000001456 _____ () C:\Users\Usuario\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2016-07-18 16:09 - 2016-09-30 11:41 - 000001456 _____ () C:\Users\Usuario\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-03-22 09:30 - 2018-05-18 04:59 - 000006144 _____ () C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-21 18:36 - 2018-06-26 12:45 - 000534528 _____ (Dirección General de la Policía) C:\Users\Usuario\AppData\Local\DNIeService.exe
2018-09-28 02:45 - 2018-09-28 02:45 - 000000000 _____ () C:\Users\Usuario\AppData\Local\oobelibMkey.log
2017-07-07 21:48 - 2017-08-08 14:31 - 000000024 _____ () C:\Users\Usuario\AppData\Local\pdfshaper.ini
2018-07-03 22:56 - 2018-09-19 19:58 - 000007603 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg
2018-06-24 08:19 - 2018-06-24 08:19 - 000000000 _____ () C:\Users\Usuario\AppData\Local\{3EBCBDFE-6156-409C-A90A-1064C3E57486}

Some zero byte size files/folders:
==========================
C:\Windows\System32\.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-15 08:57

==================== End of FRST.txt ============================
 

Broni

Malware Annihilator
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Usuario (21-10-2018 10:47:50)
Running from C:\Users\Usuario\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-12-24 15:49:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

11162D3E62214D2B8D88 (S-1-5-21-195718489-560072280-3497813212-1010 - Limited - Enabled)
Administrador (S-1-5-21-195718489-560072280-3497813212-500 - Administrator - Enabled) => C:\Users\Administrador
HomeGroupUser$ (S-1-5-21-195718489-560072280-3497813212-1012 - Limited - Enabled)
Invitado (S-1-5-21-195718489-560072280-3497813212-501 - Limited - Disabled)
Usuario (S-1-5-21-195718489-560072280-3497813212-1000 - Administrator - Enabled) => C:\Users\Usuario

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\uTorrent) (Version: 3.5.3.44396 - BitTorrent Inc.)
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_2) (Version: 10.0.2 - Adobe Systems Incorporated)
Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_5) (Version: 1.0.5 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.1.298 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated)
Age of Empires III - Complete Collection (HKLM-x32\...\Age of Empires III - Complete Collection_is1) (Version: - )
Akamai NetSession Interface (HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.0.108.150 - Autodesk)
Aplicaciones destacadas de Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Apple Application Support (32 bits) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.031 - ASUSTek Computer Inc.)
AutoCAD 2016 - Español (Spanish) (HKLM\...\{5783F2D7-F001-040A-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-F001-040A-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2016 - Español (Spanish) (HKLM\...\AutoCAD 2016 - Español (Spanish)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\{F6FD1651-0000-1033-0102-387BAF9B3B0A}) (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.3 - Gobierno de España)
Avid Application Manager (HKLM\...\{99E377DB-D2D0-44A5-8533-AA8BE1381644}) (Version: 2.5.9.13525 - Avid Technology, Inc.)
Avid Media Composer (HKLM\...\{F74D4B69-914F-4DAC-A08D-37BD217A0003}) (Version: 8.4.4.38500 - Avid Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
CE3X v1.3 (HKLM-x32\...\{100903D5-435B-4897-84B9-082CF759B2DA}_is1) (Version: - EFINOVA_CENER)
CE3X v2.1 (HKLM-x32\...\{562774A2-0404-4C75-9BD0-570FE49EC887}_is1) (Version: - EFINOVATIC_CENER)
CE3X v2.3 (HKLM-x32\...\{7139BD7B-FC0B-435F-8E79-63D7CCDA2BA8}_is1) (Version: - Certificacion Energetica SL)
Celtx (2.9.1) (HKLM-x32\...\Celtx (2.9.1)) (Version: 2.9.1 (es-ES) - Greyfirst)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.6 - FNMT-RCM)
Core Temp 1.12.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.12.1 - ALCPU)
Dropbox (HKLM-x32\...\Dropbox) (Version: 59.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 2.1.0.0 - Google LLC.)
Gramblr (HKLM\...\Gramblr) (Version: 2.9.154 - Gramblr Team)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
I.G.I.C.-Modelo400 (HKLM-x32\...\I.G.I.C.-Modelo400) (Version: 7.3.0.1 - Gobierno de Canarias)
I.G.I.C.-Modelo420-(2016) (HKLM-x32\...\I.G.I.C.-Modelo420-(2016)) (Version: 7.1.0.0 - Gobierno de Canarias)
I.G.I.C.-Modelo420-(2018) (HKLM-x32\...\I.G.I.C.-Modelo420-(2018)) (Version: 7.3.0.0 - Gobierno de Canarias)
I.G.I.C.-Modelo425-(2016) (HKLM-x32\...\I.G.I.C.-Modelo425-(2016)) (Version: 5.1.0.3 - Gobierno de Canarias)
iCloud (HKLM\...\{C8127F91-0244-4FF0-8014-0C432E15E09D}) (Version: 7.5.0.34 - Apple Inc.)
Importación de SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Instalable DNIe (HKLM\...\{D2CE0562-13E0-4FC9-85F2-CA3D0392310E}) (Version: 14.0.0 - Cuerpo Nacional de Policía)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
iTunes (HKLM\...\{5B9A1F2F-0FFA-4633-99F2-63A8DB8C07BD}) (Version: 12.7.5.9 - Apple Inc.)
iZotope Insight (HKLM-x32\...\iZotope Insight_is1) (Version: 1.03 - iZotope, Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
K-Lite Mega Codec Pack 11.8.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.8.5 - KLCP)
Libro del Edificio 2004 (HKLM-x32\...\ST6UNST #1) (Version: - )
Magic Bullet Suite v12.0.6 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 12.0.6 - Red Giant, LLC)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_STANDARD_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 3.5 - ABSoft)
Nero 8 Lite 8.1.1.3 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.1.1.3 - Updatepack.nl)
PACE License Support Win64 (HKLM\...\{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.)
pCloud Drive (HKLM-x32\...\{3370a839-c7d0-4c00-b8de-85c26d2c4bda}) (Version: 3.5.4.0 - pCloud AG)
pCloud Drive (HKLM-x32\...\{5ED8943F-FC69-4C0A-B2EE-8945BC6D5E7A}) (Version: 3.5.4 - pCloud AG) Hidden
PDF Shaper 2.7 (HKLM-x32\...\PDF Shaper_is1) (Version: - Glorylogic)
Philips Product Selector 5.2.9.17 (HKLM-x32\...\{81AD9228-21AC-4DBD-AE33-98146A88BAA8}) (Version: 5.2.9.17 - Philips Lighting) Hidden
Philips Product Selector 5.2.9.17 (HKLM-x32\...\InstallShield_{81AD9228-21AC-4DBD-AE33-98146A88BAA8}) (Version: 5.2.9.17 - Philips Lighting)
PPS max plugin 1.7.0 (HKLM-x32\...\PPS max plugin_is1) (Version: 1.7.0.0 - Tree C Technology B.V.)
ProtoJewel (HKLM-x32\...\ProtoJewel) (Version: - Techjewel)
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC)
Rhino 6 (HKLM\...\{8AAC9DBA-CD94-4CA0-8A53-49BB11EEC1CF}) (Version: 6.7.18199.22081 - Robert McNeel & Associates) Hidden
Rhino 6 (HKLM-x32\...\{4bd6c2c4-457a-4b2d-b8bf-403c56563887}) (Version: 6.7.18199.22081 - Robert McNeel & Associates)
Rhino Installer Engine (HKLM\...\{03AE7DCE-7D39-4E1E-9795-4016746A9346}) (Version: 6.7.18199.22081 - Robert McNeel & Associates) Hidden
Rhinoceros 5 Help Media (HKLM-x32\...\{17B822A0-154B-41BB-A049-8586899F1FD6}) (Version: 5.11.50106.18145 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (es-ES) (HKLM-x32\...\{D7CBE2FD-8EF8-4304-9B2C-3AABC4E478E2}) (Version: 5.11.50106.18145 - Robert McNeel & Associates)
Rhinoceros 6 Language Pack Installer (en-US) (HKLM\...\{C089C90C-E533-4767-8A94-C12E3E686C21}) (Version: 6.7.18199.22081 - Robert McNeel & Associates) Hidden
Sentinel Protection Installer 7.6.6 (HKLM-x32\...\{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 - SafeNet, Inc.)
Skype versión 8.22 (HKLM-x32\...\Skype_is1) (Version: 8.22 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Twixtor v6 for After Effects and Premiere Pro (HKLM\...\Twixtor v6 for After Effects and Premiere Pro 6.2.8) (Version: 6.2.8 - RE:Vision Effects)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard (11/23/2017 1.0.2.6) (HKLM\...\4156F59B733E1BC3DE3D5DA2299224A42B2FF794) (Version: 11/23/2017 1.0.2.6 - Dirección General de la Policía)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-195718489-560072280-3497813212-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-195718489-560072280-3497813212-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-195718489-560072280-3497813212-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-195718489-560072280-3497813212-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\es-ES\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-195718489-560072280-3497813212-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {54D26EC7-2740-420C-9710-9E920B98CCC4} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {54D26EC7-2740-420C-9710-9E920B98CCC4} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-09-14] (ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-05-23] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-09-14] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-09-25] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-09-14] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08E81B5F-5A38-4675-ACA4-745E86DB8CD2} - System32\Tasks\{3CB6BDEB-8042-43D6-8044-F5F4E36FBBA9} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SKMOQR52\JavaSetup8u171.exe" -d C:\Users\Usuario\Desktop
Task: {156DB75D-D0D5-420D-9DBB-3146147002A9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-15] (AVAST Software)
Task: {31003ED2-7ACF-4755-B6D5-84B9F5EE6B1C} - System32\Tasks\ASUS Live Update Task Schedule => C:\Program Files (x86)\ASUS\GPU Tweak\ASUSLiveUpdate.exe
Task: {46A96C50-73F2-4073-85B0-A4CB01508144} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {4A3B364E-8E23-44D1-94D1-4A565D6D4E2E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-07-03] (Piriform Ltd)
Task: {53CABDF1-EFF5-44D9-AA66-50C9376426EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {66098C0E-E09F-4EA5-9531-3A67CDD2C5C6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-09-25] (Advanced Micro Devices, Inc.)
Task: {6913C2BA-5FFE-4056-AD9D-BD1F9F364302} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {69BDC5D5-DBE4-4825-8A0C-5363929858EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {69CD61B9-D8AD-4CEB-A004-084D652DB2F1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-01-03] (Dropbox, Inc.)
Task: {6CFDAC2B-C3B7-493F-969C-F9DC9E78BC0F} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-18] ()
Task: {70C09DDB-AD8C-44C3-BB80-BD20B81C7207} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {813BE252-880A-4F5D-A756-BEBDE8B03688} - System32\Tasks\AdobeGCInvoker-1.0-Usuario-PC-Usuario => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {82050221-F66F-40DB-81D8-CB1E062399CD} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-01-03] (Dropbox, Inc.)
Task: {855E19A3-95ED-4779-8F71-BDA415E3D396} - System32\Tasks\{824522FB-36C6-4AC1-B244-D6F2C602D9E9} => C:\Windows\system32\pcalua.exe -a "E:\avid\Avid Media Composer 8.4.4 Multilingual Incl Patch\MediaComposer\autorun.exe" -d "E:\avid\Avid Media Composer 8.4.4 Multilingual Incl Patch\MediaComposer"
Task: {96A0B873-9359-43A0-8BF4-1C2F11A8E210} - System32\Tasks\{363A0873-2F7F-4ADF-AEDB-F6D194E9F273} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6T0QAS93\JavaUninstallTool.exe" -d C:\Users\Usuario\Desktop
Task: {A1D764FA-EC4E-4E48-A3A8-C6BF40438C7C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-09-25] (Advanced Micro Devices, Inc.)
Task: {AB9A4836-7299-4385-BA9B-2D713C7952BC} - System32\Tasks\AdobeAAMUpdater-1.0-Usuario-PC-Usuario => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {D5141AC0-CF1A-4723-8D40-5F2149818F65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {FFD897C7-BD9B-4F6B-AD0F-AA4DDF66321A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-07-03] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Usuario\Desktop\octubre 2018 escritorio\OSGeo4W\OSGeo4W Shell.lnk -> C:\OSGeo4W64\OSGeo4W.bat ()

==================== Loaded Modules (Whitelisted) ==============

2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-29 11:28 - 2015-05-29 11:28 - 000048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2013-10-25 13:09 - 2013-10-25 13:09 - 007740928 _____ () c:\program files\avid\editor transcode\transcodeservice\jre\bin\server\jvm.dll
2018-04-08 17:35 - 2018-10-10 12:06 - 014535760 _____ () C:\Program Files\Gramblr\gramblr.exe
2018-10-16 06:51 - 2018-09-12 17:57 - 002785784 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-10-16 06:51 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-26 02:52 - 2018-02-10 02:12 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-05-22 22:08 - 2018-05-22 22:08 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-05-22 22:09 - 2018-05-22 22:09 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-02-27 21:08 - 2018-02-27 21:08 - 034523072 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-06-24 12:26 - 2018-06-24 12:26 - 000061408 _____ () C:\Program Files\CCleaner\branding.dll
2016-05-05 08:06 - 2016-03-23 11:02 - 000061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-05-05 08:06 - 2016-03-23 11:02 - 000110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2017-10-26 08:39 - 2015-05-22 11:37 - 007282688 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\entograf.dll
2017-10-26 08:39 - 2015-05-17 21:24 - 000036864 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypemsgs.dll
2017-10-26 08:39 - 2015-01-30 14:15 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\msgsdlls.dll
2017-10-26 08:39 - 2015-05-22 11:31 - 008949760 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\proglib.dll
2017-10-26 08:39 - 2015-05-14 09:08 - 000061440 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypestr.dll
2017-10-26 08:39 - 2015-03-12 15:24 - 000028672 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypemem.dll
2017-10-26 08:39 - 2015-05-19 10:10 - 000724992 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\basicos2.dll
2017-10-26 08:39 - 2015-06-04 07:51 - 000163840 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cyassert.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 000348160 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\dllinsta.dll
2017-10-26 08:39 - 2015-05-14 09:08 - 000032768 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\unicode.dll
2017-10-26 08:39 - 2015-05-19 10:10 - 001204224 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\basicos.dll
2017-10-26 08:39 - 2015-04-14 14:10 - 000114688 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\arrays.dll
2017-10-26 08:39 - 2015-05-20 12:12 - 001163264 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\componen.dll
2017-10-26 08:39 - 2015-05-19 10:10 - 000565248 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\panelwin.dll
2017-10-26 08:39 - 2014-11-18 12:52 - 000094208 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypemath.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 001708032 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\basicwin.dll
2017-10-26 08:39 - 2015-04-14 14:10 - 000102400 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\imagnwin.dll
2017-10-26 08:39 - 2015-05-14 09:03 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\textomsg.dll
2017-10-26 08:39 - 2015-04-14 14:10 - 000045056 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\arrorden.dll
2017-10-26 08:39 - 2015-05-21 12:08 - 000192512 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypedir.dll
2017-10-26 08:39 - 2015-05-22 11:31 - 001183744 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\iniciacype.dll
2017-10-26 08:39 - 2014-09-12 07:20 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\atexit.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 000036864 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypefile.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\verswin.dll
2017-10-26 08:39 - 2014-06-03 09:58 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\env.dll
2017-10-26 08:39 - 2015-03-12 15:40 - 000024576 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\entobase.dll
2017-10-26 08:39 - 2015-05-22 11:31 - 001204224 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\mnservcp.dll
2017-10-26 08:39 - 2015-05-22 11:31 - 000307200 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\splash.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 000073728 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypeio.dll
2017-10-26 08:39 - 2014-06-03 10:01 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\pastbas2.dll
2017-10-26 08:39 - 2015-05-14 12:28 - 001413120 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypeconf.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 000049152 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypesock.dll
2017-10-26 08:39 - 2015-04-01 16:24 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\sockconf.dll
2017-10-26 08:39 - 2015-05-17 21:20 - 000049152 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypesrv.dll
2017-10-26 08:39 - 2014-09-17 09:28 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\callback.dll
2016-05-05 08:06 - 2015-11-05 13:07 - 000052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2016-05-05 08:06 - 2015-11-05 13:07 - 000742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2016-05-05 08:06 - 2015-11-05 13:07 - 000195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2016-05-05 08:06 - 2013-09-23 18:52 - 000043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2016-05-05 08:06 - 2016-03-23 10:35 - 000286656 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\es-ES\AdWingManRes.dll
2018-02-14 06:03 - 2018-02-14 06:03 - 067115984 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\es_ES\acrotray.esp
2016-05-05 08:06 - 2015-09-08 07:31 - 040640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2016-05-05 08:06 - 2014-09-03 01:29 - 000912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2016-05-05 08:06 - 2014-09-03 01:29 - 000134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2016-05-05 08:06 - 2014-09-03 01:29 - 000950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2018-01-30 09:38 - 2018-01-30 09:38 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-01-30 09:39 - 2018-01-30 09:39 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-01-30 09:38 - 2018-01-30 09:38 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2018-01-30 09:38 - 2018-01-30 09:38 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-02-14 06:26 - 2018-02-14 06:26 - 000111056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2018-01-30 09:38 - 2018-01-30 09:38 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2015-07-11 00:37 - 2015-07-11 00:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
 

Broni

Malware Annihilator
==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:fDGxnRDKyHlN56wh33UaklPh [1974]
AlternateDataStreams: C:\ProgramData\Microsoft:i0qEKD48wObw9pgtGUpv [1960]
AlternateDataStreams: C:\ProgramData\Microsoft:X3DEQSnGMClNNRvYeTMsS [2060]
AlternateDataStreams: C:\ProgramData\PACE:7A5EEAB3C79D0A63 [217]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\Usuario\AppData\Local\Archivos temporales de Internet:T3ADxtJobQA0r0QV1 [2102]
AlternateDataStreams: C:\Users\Usuario\AppData\Local\Temp:7WHrDbScQYRJrd306NADr2nc [2066]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\gobcan.es -> hxxps://sede.gobcan.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\laspalmasgc.es -> hxxp://multicanal.laspalmasgc.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\red.es -> hxxps://red.es

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-02-08 22:21 - 000001662 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na2m-pr.licenses.adobe.com
127.0.0.1 na4r.services.adobe.com
127.0.0.1 ims-na1-prprod.adobelogin.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-195718489-560072280-3497813212-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-195718489-560072280-3497813212-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 80.58.61.254 - 80.58.61.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avid Application Manager.lnk => C:\Windows\pss\Avid Application Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avid Background Services Manager.lnk => C:\Windows\pss\Avid Background Services Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Servidor de pastillas de red.lnk => C:\Windows\pss\Servidor de pastillas de red.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^12423110b01798004b20b717b311253c.lnk => C:\Windows\pss\12423110b01798004b20b717b311253c.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: 12423110b01798004b20b717b311253c => C:\ProgramData\12423110b01798004b20b717b311253c\12423110b01798004b20b717b311253c.exe C:\ProgramData\12423110b01798004b20b717b311253c\test.au3
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Autodesk Sync =>
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudPhotos => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
MSCONFIG\startupreg: iCloudServices => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{E4EB9EBC-0F67-4C82-881E-6C569339F12E}C:\users\usuario\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\usuario\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{DF404E0C-DF6F-4D09-8EB7-6BCBFFCDE452}C:\users\usuario\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\usuario\appdata\local\akamai\netsession_win.exe
FirewallRules: [{ADA37594-5D2E-40E8-8912-FE26DADB164F}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{2DA8C679-A785-48BD-A377-C74A7B4B363D}C:\users\usuario\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\usuario\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{177FDB7B-7F0F-47B8-B135-98483C6FF4D0}C:\users\usuario\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\usuario\appdata\local\akamai\netsession_win.exe
FirewallRules: [{73EACA1C-A441-417B-9CC2-EEC198B362DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{32B12652-11A6-4398-B59E-03EBAD6A78C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0DB2EE66-7E98-48B9-96B4-DC681CE3AE7F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8EBBCFAA-92D1-4591-939D-8AD308154EAE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{219D9B7F-3847-4CDA-A803-E2A785E5964E}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{617B6CA9-A674-4ECB-A05F-13C0622AEB3D}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{9097B6BA-12F4-48A5-99F6-C2B09A0F48EB}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{22607C4A-DF15-481C-97CD-15CD341857E9}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{384F6C9F-A88C-4ECE-8B39-EC5BE61DDFE5}] => (Allow) C:\Program Files\Avid\Application Manager\jre\bin\java.exe
FirewallRules: [{2FCD9F52-AAD7-4707-B964-EB6B316C1486}] => (Allow) C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe
FirewallRules: [{4A2D0ADF-6752-47D5-8263-35720CDE47BD}] => (Allow) C:\Program Files\Avid\Application Manager\AvidAppManHelper.exe
FirewallRules: [{2CC100E9-0EB7-4742-B1E3-C27E7450600F}] => (Allow) C:\Program Files (x86)\pCloud Drive\pCloud.exe
FirewallRules: [TCP Query User{169D62E3-4514-4FE6-9E11-C6B06A205DB6}C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe
FirewallRules: [UDP Query User{0B04CD46-82A3-4C07-A7E4-58BB3264147C}C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe
FirewallRules: [{E0ADCFAC-8E8F-48AA-82F4-C62D27245B6A}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D5D57D43-AB38-49B2-A5C1-0E946E65019F}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A037E303-E001-405A-8206-BC1037FAE05C}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2E92449A-1D0A-42C3-962D-4B8F946EF8E4}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{298C8C12-F5A9-4F84-9D43-6757520D7E45}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CBD27310-DB41-4510-88C8-B8CCDE69CE25}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{B0B6B57D-FD88-49EE-99AF-0D48FD0B95D2}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe
FirewallRules: [UDP Query User{FD25C5F2-EB4B-4244-9B1A-12DF4DC3BAFB}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe
FirewallRules: [TCP Query User{1B3B8A92-5CED-473F-9146-33A95BC348C8}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe
FirewallRules: [UDP Query User{E3FE88E0-1B48-4761-8643-39402F369D45}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe
FirewallRules: [TCP Query User{2F9E74B3-87DE-4E7E-94BD-DF96941FC6ED}C:\program files\adobe\adobe premiere pro cc 2017\pproheadless.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\pproheadless.exe
FirewallRules: [UDP Query User{833C806A-5110-4910-B8F2-507E585E82BB}C:\program files\adobe\adobe premiere pro cc 2017\pproheadless.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\pproheadless.exe
FirewallRules: [{91EFA0EB-7AF4-4A4E-8218-BDB818997C00}] => (Allow) LPort=60532
FirewallRules: [{FF65649A-BE50-4D9C-BD14-4C1327625607}] => (Allow) LPort=5000
FirewallRules: [{0AD95CFF-55EE-4BD1-876B-CECA940CE725}] => (Allow) E:\steam\Steam.exe
FirewallRules: [{78566FBA-DBB0-489F-B680-4F07056A23CA}] => (Allow) E:\steam\Steam.exe
FirewallRules: [TCP Query User{E85044DB-68A3-44B5-A509-580B52E37517}E:\age of empires iii - complete collection\bin\age3.exe] => (Allow) E:\age of empires iii - complete collection\bin\age3.exe
FirewallRules: [UDP Query User{A692CB4E-DE1D-4A05-96B7-393D6626AA29}E:\age of empires iii - complete collection\bin\age3.exe] => (Allow) E:\age of empires iii - complete collection\bin\age3.exe
FirewallRules: [TCP Query User{E478464A-A3A3-4191-BEFA-61958AA88F6B}E:\age of empires iii - complete collection\bin\age3y.exe] => (Allow) E:\age of empires iii - complete collection\bin\age3y.exe
FirewallRules: [UDP Query User{5125EC6E-864F-433E-AC85-2FEDC456D826}E:\age of empires iii - complete collection\bin\age3y.exe] => (Allow) E:\age of empires iii - complete collection\bin\age3y.exe
FirewallRules: [{799BF236-A524-47F3-A852-A4EACECB0884}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{FB06CBC8-E9DB-4DF6-A02D-C0A1FB40C991}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{720413C8-9417-46C0-B492-5817BFDF1922}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{3F3E4CB3-AACC-4D1E-9545-46DD405BEE32}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{C48B8755-3DE9-422A-AE49-D39397FF7E0F}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Block) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{72596645-9C97-4CD2-BD6D-DDC5BA92F66D}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Block) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{A4860623-540E-4DA7-9F5B-D5A40F3B40F3}C:\cype ingenieros\versión 2015\servipas\servidor de pastillas de red.exe] => (Allow) C:\cype ingenieros\versión 2015\servipas\servidor de pastillas de red.exe
FirewallRules: [UDP Query User{A372C2E0-2654-4E6A-BD2E-A5B8EA5356A3}C:\cype ingenieros\versión 2015\servipas\servidor de pastillas de red.exe] => (Allow) C:\cype ingenieros\versión 2015\servipas\servidor de pastillas de red.exe
FirewallRules: [TCP Query User{38E19385-462E-4E0B-9216-16E978C35CF1}E:\battle.net\battle.net.exe] => (Allow) E:\battle.net\battle.net.exe
FirewallRules: [UDP Query User{D5D4A753-F237-453C-AE81-2E0D1F1376B2}E:\battle.net\battle.net.exe] => (Allow) E:\battle.net\battle.net.exe
FirewallRules: [{16C5E787-C496-4CF5-974D-D715BE003A93}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{0710DFC3-2B19-4E48-8B78-ED763689C83A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{D4E5524C-92EC-4375-BB3A-B34C0F12E363}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{06FD0118-B09D-4331-8CF8-D0D0B6D8E945}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F349512C-268F-4DA5-8703-3E7E7716463C}] => (Allow) LPort=49429
FirewallRules: [{E881A326-6049-4488-BFC8-C3E13C41F0C9}] => (Allow) LPort=5000
FirewallRules: [{D72D94E8-47A7-437D-8A38-512452A3415B}] => (Allow) E:\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1C2BB89A-B7F7-494F-8E6E-2EC5C51B0768}] => (Allow) E:\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5E2AFFCF-F219-436E-BBCD-6D75186C922A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{AE534154-82F2-40CB-A77F-0B582516B5DD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{201BE19F-DE0E-46B0-98AE-CDB73960128C}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{FB4FD78C-24B3-45E7-BFB6-083BAB8CDAE3}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{8A57E629-B59A-4E75-A468-402B7071B6E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1E7997D6-C246-4F4E-8DA1-87D6695236B6}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{1ED89859-F4D1-4318-9F96-0B2D40406C67}E:\battle.net\heroes of the storm\versions\base69350\heroesofthestorm_x64.exe] => (Allow) E:\battle.net\heroes of the storm\versions\base69350\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E487A2F2-34DE-4685-81F5-C3897D643524}E:\battle.net\heroes of the storm\versions\base69350\heroesofthestorm_x64.exe] => (Allow) E:\battle.net\heroes of the storm\versions\base69350\heroesofthestorm_x64.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Mouse PS/2 de Microsoft
Description: Mouse PS/2 de Microsoft
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teclado PS/2 estándar
Description: Teclado PS/2 estándar
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Teclados estándar)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/21/2018 10:40:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (10/21/2018 10:38:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Hardlock no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador

Error: (10/21/2018 10:38:27 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Windows\SysWow64\drivers\hardlock.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (10/21/2018 10:38:12 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: El controlador ACPI ha devuelto un Id. no válido para un dispositivo secundario (5).


Windows Defender:
===================================
Date: 2018-07-08 05:46:02.423
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.271.645.0
Versión de firma anterior:1.269.1974.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:1.1.15000.2
Versión de motor anterior:1.1.14901.4
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control.

Date: 2018-07-08 05:46:02.422
Description:
Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor:1.1.15000.2
Versión de motor anterior:1.1.14901.4
Origen de actualización:Usuario
Usuario:NT AUTHORITY\SYSTEM
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control.

CodeIntegrity:
===================================

Date: 2016-01-11 16:58:47.821
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Users\Usuario\AppData\Local\Temp\eu-l2_live\frost.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-01-11 16:58:47.818
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Users\Usuario\AppData\Local\Temp\eu-l2_live\frost.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-01-11 16:58:47.815
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Users\Usuario\AppData\Local\Temp\eu-l2_live\frost.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-01-11 16:58:47.810
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Users\Usuario\AppData\Local\Temp\eu-l2_live\frost.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-01-11 16:58:47.785
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Games\LineageII EU\Frost\frost.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-01-11 16:58:47.782
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Games\LineageII EU\Frost\frost.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-01-11 16:58:47.779
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Games\LineageII EU\Frost\frost.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-01-11 16:58:47.752
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Games\LineageII EU\Frost\frost.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 37%
Total physical RAM: 16320.59 MB
Available physical RAM: 10216.65 MB
Total Virtual: 42044.98 MB
Available Virtual: 33838.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:1.74 GB) NTFS
Drive e: (Datos) (Fixed) (Total:931.41 GB) (Free:122.43 GB) NTFS

\\?\Volume{2aaebfc4-aa4c-11e5-aac4-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 848AFDB8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 848AFDA0)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
  • Like
Reactions: Khasmir

Broni

Malware Annihilator
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
  • Like
Reactions: Khasmir

Khasmir

TS Rookie
Hello, I have followed your instructions.

RogueKiller V12.13.5.0 (x64) [Oct 15 2018] (Gratuito) por Adlice Software
correo : http://www.adlice.com/contact/
Realimentación : https://forum.adlice.com
Página Web : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Sistema Operativo : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Comenzado en : Modo Normal
Usuario : Usuario [Administrador]
Iniciado desde : C:\Program Files\RogueKiller\RogueKiller64.exe
Modo : Borrar -- Fecha : 10/21/2018 22:24:04 (Duración : 00:38:08)
Conmutadores : -refid

¤¤¤ Procesos : 2 ¤¤¤
[BitMiner.Gen0|Proc.Injected|Proc.RunPE] vbc.exe(5456) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe[7] -> Terminado [TermProc]
[BitMiner.Gen0|Proc.Injected|Proc.RunPE] notepad.exe(6344) -- C:\Windows\SysWOW64\notepad.exe[7] -> Terminado [TermProc]

¤¤¤ Registro : 2 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Windows\CurrentVersion\Run | 12423110b01798004b20b717b311253c : C:\ProgramData\12423110b01798004b20b717b311253c\12423110b01798004b20b717b311253c.exe C:\ProgramData\12423110b01798004b20b717b311253c\test.au3 [x] -> No seleccionado
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Windows\CurrentVersion\Run | 12423110b01798004b20b717b311253c : C:\ProgramData\12423110b01798004b20b717b311253c\12423110b01798004b20b717b311253c.exe C:\ProgramData\12423110b01798004b20b717b311253c\test.au3 [x] -> No seleccionado

¤¤¤ Tareas : 0 ¤¤¤

¤¤¤ Archivos : 14 ¤¤¤
[PUP.Gen1][Carpeta] C:\ProgramData\Reimage Protector -> Borrado
[PUP.Gen1][Carpeta] C:\ProgramData\Reimage Protector\Results -> Borrado
[PUP.Gen1][Archivo] C:\ProgramData\Reimage Protector\url_setting_definitions.txt -> Borrado
[PUP.uTorrentAds][Archivo] C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Borrado
[PUP.uTorrentAds][Archivo] C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe -> Borrado
[PUP.uTorrentAds][Archivo] C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe -> Borrado
[PUP.uTorrentAds][Archivo] C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe -> Borrado
[PUP.uTorrentAds][Archivo] C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe -> Borrado
[PUP.uTorrentAds][Archivo] C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.0_44294\utorrentie.exe -> Borrado
[PUP.uTorrentAds][Archivo] C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe -> Borrado
[PUP.uTorrentAds][Archivo] C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.3_44358\utorrentie.exe -> Borrado
[PUP.uTorrentAds][Archivo] C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe -> Borrado
[PUP.Gen1][Carpeta] C:\ProgramData\Reimage Protector -> ERROR [3]
[Adw.Neoreklami][Archivo] C:\Program Files\Avid\Avid Media Composer\AMPIHost.dll -> Borrado
[Adw.Neoreklami][Archivo] C:\Program Files\Avid\Editor Transcode\Avid Interplay AME\AMPIHost.dll -> Borrado
[PUP.Reimage|PUP.Gen1][Carpeta] C:\Program Files\Reimage -> Borrado
[PUP.Reimage|PUP.Gen1][Archivo] C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe -> Borrado
[PUP.Reimage|PUP.Gen1][Archivo] C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe -> Borrado
[PUP.Reimage|PUP.Gen1][Carpeta] C:\Program Files\Reimage\Reimage Protector -> Borrado

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Archivo Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Cargado) ¤¤¤

¤¤¤ Exploradores Web : 0 ¤¤¤

¤¤¤ Comprobacion MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1ER162 ATA Device +++++
--- User ---
[MBR] 403512d8583e8f70526ea6f45fff6e5f
[BSP] 8e39726155d68ba2410c3d425b46d95c : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953766 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] 05131d0257630947b94cfd2efbc3e694
[BSP] 8874b52a82dcee683b222e7215333e4f : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114471 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/21/18
Scan Time: 11:09 PM
Log File: 0a722b10-d57e-11e8-a979-408d5c472ddc.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.463
Update Package Version: 1.0.7457
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Usuario-PC\Usuario

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 312570
Threats Detected: 7
Threats Quarantined: 7
Time Elapsed: 1 min, 30 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
Trojan.Agent.Generic, HKU\S-1-5-21-195718489-560072280-3497813212-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|12423110b01798004b20b717b311253c, Quarantined, [3702], [538249],1.0.7457

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 1
Trojan.Agent.Generic, C:\PROGRAMDATA\12423110b01798004b20b717b311253c, Quarantined, [3702], [538249],1.0.7457

File: 5
Trojan.Agent.Generic, C:\PROGRAMDATA\12423110b01798004b20b717b311253c\test.au3, Quarantined, [3702], [538249],1.0.7457
Trojan.Agent.Generic, C:\ProgramData\12423110b01798004b20b717b311253c\12423110b01798004b20b717b311253c.exe, Quarantined, [3702], [538249],1.0.7457
Trojan.Agent.Generic, C:\ProgramData\12423110b01798004b20b717b311253c\PE.bin, Quarantined, [3702], [538249],1.0.7457
Trojan.Agent.Generic, C:\ProgramData\12423110b01798004b20b717b311253c\PE2.bin, Quarantined, [3702], [538249],1.0.7457
Trojan.Agent.Generic, C:\ProgramData\12423110b01798004b20b717b311253c\shell.txt, Quarantined, [3702], [538249],1.0.7457

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)


# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-21-2018
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2688 octets] - [25/06/2018 19:13:39]
AdwCleaner[C00].txt - [2539 octets] - [25/06/2018 19:13:50]
AdwCleaner[S01].txt - [1371 octets] - [25/06/2018 19:20:53]
AdwCleaner[S02].txt - [2058 octets] - [21/10/2018 23:26:59]
AdwCleaner[S03].txt - [2119 octets] - [21/10/2018 23:33:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
 

Broni

Malware Annihilator
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
  • Like
Reactions: Khasmir

Khasmir

TS Rookie
Ok. I don't understand what I do wrong. I received the same message as before: "Your content can not be submitted. This is likely because your content is spam-like or contains inappropriate elements. Please change your content or try again later. If you still have problems, please contact an administrator"
 

Attachments

Broni

Malware Annihilator
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Usuario (administrator) on USUARIO-PC (22-10-2018 01:10:53)
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario & Administrador)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files\Gramblr\gramblr.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(CYPE Ingenieros S.A.) C:\CYPE Ingenieros\Versión 2015\servipas\servcpas.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Akamai Technologies, Inc.) C:\Users\Usuario\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Usuario\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [177928 2018-09-14] (ESET)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [716224 2016-03-23] (Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409936 2018-02-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-02-17] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Usuario\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2017-02-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-07-03] (Piriform Ltd)
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [12423110b01798004b20b717b311253c] => C:\ProgramData\12423110b01798004b20b717b311253c\12423110b01798004b20b717b311253c.exe [0 ] (AutoIt Team)
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
SSODL: EldosMountNotificator-cbfs6 - {30321E38-D140-438C-8F3D-67A7D8ED6C02} - C:\Windows\system32\cbfsMntNtf6.dll (/n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {30321E38-D140-438C-8F3D-67A7D8ED6C02} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\12423110b01798004b20b717b311253c.lnk [2018-10-21]
ShortcutTarget: 12423110b01798004b20b717b311253c.lnk -> C:\USUARIO-PC\igchlsmnig.exe (AutoIt Team)
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\28b00a2b0bf43e470d82a32996af0997.lnk [2018-07-02]
ShortcutTarget: 28b00a2b0bf43e470d82a32996af0997.lnk -> C:\USUARIO-PC\igchlsmnig.exe (AutoIt Team)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{933B5029-AFBF-41E2-B902-34D099B52750}: [DhcpNameServer] 80.58.61.254 80.58.61.250

Internet Explorer:
==================
HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.es/
HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
SearchScopes: HKU\S-1-5-21-195718489-560072280-3497813212-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO: DIALux Browser Helper Object -> {F586CB96-7091-42ec-9829-F5D5CE65AFC1} -> C:\Program Files\DIAL GmbH\DIALux\Dialux.BHO_x64.dll [2016-01-12] (DIAL GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-08] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-08] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
BHO-x32: DIALux Browser Helper Object -> {F586CB96-7091-42ec-9829-F5D5CE65AFC1} -> C:\Program Files\DIAL GmbH\DIALux\Dialux.BHO_x86.dll [2016-01-12] (DIAL GmbH)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-195718489-560072280-3497813212-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-195718489-560072280-3497813212-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems Incorporated)

FireFox:
========
FF ProfilePath: [core]
defaultProfile=default
[not found] <==== ATTENTION
FF DefaultProfile: krtp18zv.default
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\krtp18zv.default [2018-10-21]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\krtp18zv.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-18] [Legacy]
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Greyfirst\Celtx\Profiles\vum5kru5.default [2018-06-24]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2016-01-25] [Legacy] [not signed]
FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2016-01-25] [Legacy] [not signed]
FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2016-01-25] [Legacy] [not signed]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2016-01-25] [Legacy] [not signed]
FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2016-01-25] [Legacy] [not signed]
FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2016-01-25] [Legacy] [not signed]
FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2016-01-25] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2018-10-20] [Legacy]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2016-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-08] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-02-17] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2018-10-22]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Player para ver Movistar+) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-07-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [njpedbdniajflhgfoipnjkednnlkngbj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 Avid DMF Service; C:\Program Files\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe [661768 2015-12-03] (Avid Technology, Inc.)
R2 Avid Editor Broker; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe [662280 2015-12-03] (Avid Technology, Inc.)
R2 Avid Editor Db Engine; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe [661768 2015-12-03] (Avid Technology, Inc.)
S3 Avid Editor Transcode Service; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe [662280 2015-12-03] (Avid Technology, Inc.)
R2 Avid Editor Transcode Status; C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe [297736 2015-12-03] (Avid Technology, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-03] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-10-09] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2260144 2018-09-14] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2260144 2018-09-14] (ESET)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [14535760 2018-10-10] () [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [65904 2018-07-19] (Robert McNeel & Associates)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
R2 Servidor de pastillas de red; C:\CYPE Ingenieros\Versión 2015\servipas\servcpas.exe [102400 2015-11-30] (CYPE Ingenieros S.A.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-09] (/n software, Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [501216 2015-06-18] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [141512 2018-09-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188824 2018-09-14] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [109864 2018-09-14] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-09-11] (Malwarebytes)
S2 Hardlock; C:\Windows\SysWOW64\drivers\hardlock.sys [676864 2004-07-14] (Aladdin Knowledge Systems) [File not signed]
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [200232 2018-10-21] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [118584 2018-10-21] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [58400 2018-10-21] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260384 2018-10-21] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [100664 2018-10-22] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-07] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2016-09-09] (/n software, Inc.)
S3 ALSysIO; \??\C:\Users\Usuario\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
U3 aswbdisk; no ImagePath
S1 cajpstfa; \??\C:\Windows\system32\drivers\cajpstfa.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-21 23:40 - 2018-10-21 23:40 - 000000000 ___HD C:\ProgramData\12423110b01798004b20b717b311253c
2018-10-21 23:39 - 2018-10-21 23:39 - 000002195 _____ C:\Users\Usuario\Desktop\AdwCleaner[C03].txt
2018-10-21 23:37 - 2018-10-22 00:43 - 000100664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-10-21 23:37 - 2018-10-21 23:37 - 000260384 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-10-21 23:37 - 2018-10-21 23:37 - 000118584 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-10-21 23:37 - 2018-10-21 23:37 - 000058400 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-10-21 23:34 - 2018-10-21 23:34 - 000002119 _____ C:\Users\Usuario\Desktop\AdwCleaner[S03].txt
2018-10-21 23:20 - 2018-10-21 23:20 - 007592144 _____ (Malwarebytes) C:\Users\Usuario\Desktop\AdwCleaner.exe
2018-10-21 23:14 - 2018-10-21 23:14 - 000002061 _____ C:\Users\Usuario\Desktop\malware summary.txt
2018-10-21 23:09 - 2018-10-21 23:09 - 000200232 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-10-21 23:09 - 2018-10-21 23:09 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-21 23:09 - 2018-10-21 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-21 23:09 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-10-21 23:07 - 2018-10-21 23:07 - 080707680 _____ (Malwarebytes ) C:\Users\Usuario\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.7438.exe
2018-10-21 23:06 - 2018-10-21 23:06 - 000009058 _____ C:\Users\Usuario\Desktop\rk_9118.tmp.txt
2018-10-21 22:24 - 2018-10-21 22:24 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-10-21 22:22 - 2018-10-21 23:08 - 000000000 ____D C:\ProgramData\RogueKiller
2018-10-21 22:22 - 2018-10-21 23:05 - 000000000 ____D C:\Program Files\RogueKiller
2018-10-21 22:22 - 2018-10-21 22:22 - 000000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-10-21 22:22 - 2018-10-21 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-10-21 17:37 - 2018-10-21 17:37 - 036961368 _____ (Adlice Software ) C:\Users\Usuario\Desktop\RogueKiller_setup_ref3.exe
2018-10-21 17:34 - 2018-10-21 17:34 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign316c3b500c91a96c
2018-10-21 16:49 - 2018-10-21 16:49 - 000000000 ____D C:\work
2018-10-21 12:52 - 2011-04-09 07:58 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2018-10-21 12:52 - 2011-04-09 06:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2018-10-21 12:44 - 2015-02-04 04:16 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2018-10-21 12:44 - 2015-02-04 03:54 - 000417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2018-10-21 10:47 - 2018-10-22 01:11 - 000027089 _____ C:\Users\Usuario\Desktop\FRST.txt
2018-10-21 10:47 - 2018-10-21 10:48 - 000070373 _____ C:\Users\Usuario\Desktop\Addition.txt
2018-10-21 09:23 - 2018-10-22 01:10 - 000000000 ____D C:\FRST
2018-10-21 09:20 - 2018-10-21 09:23 - 002414592 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2018-10-21 08:45 - 2018-10-21 08:45 - 000002249 _____ C:\Users\Administrador\Desktop\Google Chrome.lnk
2018-10-21 02:29 - 2018-10-21 02:29 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2018-10-21 02:29 - 2018-10-21 02:29 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2018-10-21 02:21 - 2014-06-30 23:24 - 000008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2018-10-21 02:21 - 2014-06-30 23:14 - 000008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2018-10-21 02:21 - 2014-03-09 22:48 - 001389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2018-10-21 02:21 - 2014-03-09 22:48 - 000171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2018-10-21 02:21 - 2014-03-09 22:47 - 000619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2018-10-21 02:21 - 2014-03-09 22:47 - 000099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2018-10-21 02:20 - 2014-06-06 07:16 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2018-10-21 02:20 - 2014-06-06 07:12 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2018-10-20 16:10 - 2018-10-20 16:10 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\vlc
2018-10-20 16:05 - 2018-10-20 16:06 - 000007605 _____ C:\Users\Administrador\AppData\Local\Resmon.ResmonCfg
2018-10-20 15:54 - 2018-10-20 15:54 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\AMD
2018-10-20 14:58 - 2018-10-20 14:58 - 000000000 ____D C:\Users\Administrador\Documents\My Games
2018-10-20 14:44 - 2018-10-20 14:44 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Sun
2018-10-20 14:44 - 2018-10-20 14:44 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\Sun
2018-10-20 14:39 - 2018-10-20 14:41 - 000000000 ____D C:\Users\Administrador\AppData\Local\Adobe
2018-10-20 14:39 - 2018-10-20 14:39 - 000296936 _____ C:\Users\Administrador\AppData\Local\GDIPFONTCACHEV1.DAT
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Mozilla
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Autodesk
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Apple Computer
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\Mozilla
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\Mozilla
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\mbam
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\Google
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\CEF
2018-10-20 14:39 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\Autodesk
2018-10-20 14:38 - 2018-10-20 14:41 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Adobe
2018-10-20 14:38 - 2018-10-20 14:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\AMD
2018-10-20 14:38 - 2018-10-20 14:38 - 000001393 _____ C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-10-20 14:36 - 2014-05-14 17:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-10-20 14:36 - 2014-05-14 17:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-10-20 14:36 - 2014-05-14 17:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-10-20 14:36 - 2014-05-14 17:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-10-20 14:35 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-10-20 14:35 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-10-20 14:35 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-10-20 14:35 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-10-20 14:21 - 2018-10-20 14:21 - 000002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2018-10-20 14:21 - 2018-10-20 14:21 - 000001912 _____ C:\Windows\epplauncher.mif
2018-10-20 14:21 - 2018-10-20 14:21 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-10-20 14:21 - 2018-10-20 14:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-10-20 14:11 - 2018-10-20 14:11 - 000000000 ____D C:\Users\Administrador\AppData\Local\ElevatedDiagnostics
2018-10-20 14:09 - 2018-10-20 14:38 - 000000000 ____D C:\Users\Administrador
2018-10-20 14:09 - 2018-10-20 14:09 - 000000020 ___SH C:\Users\Administrador\ntuser.ini
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Reciente
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Plantillas
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Mis documentos
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Menú Inicio
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Impresoras
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Entorno de red
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Documents\Mis vídeos
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Documents\Mis imágenes
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Documents\Mi música
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Datos de programa
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\Configuración local
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Historial
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Datos de programa
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Archivos temporales de Internet
2018-10-20 14:09 - 2018-10-20 14:09 - 000000000 ____D C:\Users\Administrador\AppData\Local\mbamtray
2018-10-20 14:09 - 2016-01-08 14:28 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Macromedia
2018-10-20 14:09 - 2011-04-12 10:20 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Media Center Programs
2018-10-20 13:39 - 2018-10-20 13:44 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\uTorrent
2018-10-20 13:12 - 2018-10-20 13:12 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign68c2c7a934d3c68d
2018-10-18 09:26 - 2018-10-18 09:26 - 000097244 _____ C:\Users\Usuario\Desktop\RhinoCrashDump.3dm
2018-10-16 06:54 - 2018-10-16 06:54 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2018-10-16 06:51 - 2018-10-21 23:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-16 06:51 - 2018-10-16 06:51 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2018-10-16 06:51 - 2018-10-16 06:51 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-15 13:03 - 2018-10-15 13:03 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign2093b1e66a2ffe57
2018-10-15 11:15 - 2018-10-15 11:15 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign14808e53e33f7c5f
2018-10-15 11:08 - 2018-10-15 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigneb993f3fcd8af769
2018-10-15 11:08 - 2018-10-15 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign71fe81a4e0049e9c
2018-10-15 11:08 - 2018-10-15 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign6c3c98d9d89370e5
2018-10-15 11:08 - 2018-10-15 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign54fbf2efd6573ba4
2018-10-13 09:14 - 2018-10-13 09:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignf221c4f75890e654
2018-10-13 09:14 - 2018-10-13 09:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign9565305aa6e75461
2018-10-13 09:14 - 2018-10-13 09:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign481d475bb006045d
2018-10-11 15:16 - 2018-10-11 15:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbf3bf333ae06f2f4
2018-10-11 15:15 - 2018-10-11 15:15 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigncfa74364ed4d30e8
2018-10-11 15:15 - 2018-10-11 15:15 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign174e78915536869f
2018-10-11 12:07 - 2018-10-11 12:07 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigncaf4ea7b737c82a8
2018-10-11 12:07 - 2018-10-11 12:07 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignace54831db1df838
2018-10-11 12:07 - 2018-10-11 12:07 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign35c09277723fb0ff
2018-10-11 11:44 - 2018-10-11 11:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignfc1d4eb1f1ed1ce4
2018-10-11 11:44 - 2018-10-11 11:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign7e1346a814dee1f1
2018-10-11 11:44 - 2018-10-11 11:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign05490c13ab455fc1
2018-10-10 13:14 - 2018-10-10 13:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignf2ec6cd0d56c8bfd
2018-10-10 13:14 - 2018-10-10 13:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignea0e3c74c58baabc
2018-10-10 13:14 - 2018-10-10 13:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign35dc0e5697f4d5dc
2018-10-10 13:14 - 2018-10-10 13:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign0c4135b3f246e598
2018-10-10 12:17 - 2018-10-10 12:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign36dcd04308a31922
2018-10-10 12:16 - 2018-10-10 12:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignccfd8f9dab1a4946
2018-10-10 12:16 - 2018-10-10 12:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign940f29f652e7f2f8
2018-10-09 21:00 - 2018-10-09 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-09 15:23 - 2018-10-09 15:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8803b0c085ec1cdb
2018-10-09 15:23 - 2018-10-09 15:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign4e503ef13113a431
2018-10-09 15:23 - 2018-10-09 15:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1039898a48b799a8
2018-10-09 14:33 - 2018-10-09 14:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign10ec45465ff3bd70
2018-10-09 14:20 - 2018-10-09 14:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign90cc7f9f3e7ffb17
2018-10-09 13:19 - 2018-10-09 13:19 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign6319ac095ad1a7f6
2018-10-09 13:11 - 2018-10-09 13:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8b0cec56191e03c3
2018-10-09 13:11 - 2018-10-09 13:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign82da93d91a9ac1a8
2018-10-09 13:11 - 2018-10-09 13:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign5c8b04d39862d6b1
2018-10-09 12:53 - 2018-10-09 12:53 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
 

Broni

Malware Annihilator
2018-10-09 12:53 - 2018-10-09 12:53 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-10-09 12:53 - 2018-10-09 12:53 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-10-09 12:53 - 2018-10-09 12:53 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-10-09 12:25 - 2018-10-09 12:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna8548dbea757ae08
2018-10-09 12:13 - 2018-10-09 12:13 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbad24802716069d5
2018-10-09 09:06 - 2018-10-09 09:06 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna1f12fa6002e4f7a
2018-10-09 09:05 - 2018-10-09 09:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign85877c3a81f672ac
2018-10-09 09:05 - 2018-10-09 09:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign808a4b3a812a7c3e
2018-10-08 13:45 - 2018-10-08 13:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbc6354a326e1fa44
2018-10-08 13:45 - 2018-10-08 13:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign95ecc30df75425c7
2018-10-08 13:45 - 2018-10-08 13:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign89dcc52d294d333e
2018-10-08 12:12 - 2018-10-08 12:12 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign7922d8b71b6b4832
2018-10-08 12:04 - 2018-10-08 12:04 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign814312127614cc6f
2018-10-08 12:04 - 2018-10-08 12:04 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1a03e44e6fd0104b
2018-10-08 10:44 - 2018-10-08 10:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign5db6e1e1cb96bd10
2018-10-08 10:43 - 2018-10-08 10:43 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbf416b0a06d6d067
2018-10-08 10:43 - 2018-10-08 10:43 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign708593fcca92478b
2018-10-08 09:17 - 2018-10-08 09:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna0ef71cd0820a601
2018-10-08 09:17 - 2018-10-08 09:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8348df1b724a1436
2018-10-08 09:17 - 2018-10-08 09:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign63be81cabf6fb189
2018-10-08 09:17 - 2018-10-08 09:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign2fbf11bef7d1d241
2018-10-08 09:08 - 2018-10-08 09:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1b261938258142ec
2018-10-08 09:05 - 2018-10-08 09:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign9fb932d32ef4de7b
2018-10-08 09:05 - 2018-10-08 09:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign5b3f62f31f36a3b6
2018-10-04 22:20 - 2018-10-04 22:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignae6f9c746dc10819
2018-10-04 22:20 - 2018-10-04 22:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign7971ec55d9cccb43
2018-10-04 22:20 - 2018-10-04 22:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign62f7dcfd0730a3bd
2018-10-04 21:05 - 2018-10-04 21:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign76cbc87c0e707daf
2018-10-04 19:11 - 2018-10-04 19:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignacd9ef4517f323e7
2018-10-04 19:11 - 2018-10-04 19:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8162454b1d8bd0a5
2018-10-04 19:11 - 2018-10-04 19:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign5ca1f8ce841312b8
2018-10-04 19:03 - 2018-10-04 19:03 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign2cf18e8ff284efa3
2018-10-04 19:02 - 2018-10-04 19:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignd525c9477e166a58
2018-10-04 19:02 - 2018-10-04 19:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1b4121bc12040975
2018-10-04 19:01 - 2018-10-04 19:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignc98756493e14b047
2018-10-04 19:01 - 2018-10-04 19:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign344368e22485a773
2018-10-04 18:59 - 2018-10-04 18:59 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignba79601fb35ca4c8
2018-10-04 18:59 - 2018-10-04 18:59 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8e715a05499bc27d
2018-10-04 18:59 - 2018-10-04 18:59 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign285ca5c60b75fa36
2018-10-04 18:56 - 2018-10-04 18:56 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigne943be688f3e6392
2018-10-04 18:56 - 2018-10-04 18:56 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign324e3a1dd535fe30
2018-10-04 18:52 - 2018-10-04 18:52 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigne26ffcd0417d39bf
2018-10-04 18:52 - 2018-10-04 18:52 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignc96b2204a428e2ee
2018-10-04 18:52 - 2018-10-04 18:52 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignc8e58a71f7ad1f28
2018-10-04 18:51 - 2018-10-04 18:51 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign54139709f450df43
2018-10-04 18:51 - 2018-10-04 18:51 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign3efd3d57556d334c
2018-10-04 18:25 - 2018-10-04 18:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignf5a839262c9437a0
2018-10-04 18:20 - 2018-10-04 18:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign5fea8883ca3650db
2018-10-04 18:20 - 2018-10-04 18:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1d14e75f7f91a4a9
2018-10-04 17:25 - 2018-10-04 17:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign9b4c56bcd02abaca
2018-10-04 17:25 - 2018-10-04 17:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign976e101c00c6ad82
2018-10-04 17:25 - 2018-10-04 17:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign3eebc2b9e0d97cf2
2018-10-04 17:24 - 2018-10-04 17:24 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8b302faf93f74c16
2018-10-04 17:24 - 2018-10-04 17:24 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign43f562e10993c139
2018-10-04 17:24 - 2018-10-04 17:24 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign19cfa20da7cf72b4
2018-10-04 17:18 - 2018-10-04 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigndba72635aa6e9891
2018-10-04 17:18 - 2018-10-04 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign983ea86c9db9129b
2018-10-04 17:18 - 2018-10-04 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign4413dfea578e3ee9
2018-10-04 17:18 - 2018-10-04 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign152a8de259b93810
2018-10-04 17:18 - 2018-10-04 17:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign0471b593c1981611
2018-10-04 17:17 - 2018-10-04 17:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign54c50e2418f51d75
2018-10-04 17:17 - 2018-10-04 17:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign40b22d35c7b9371a
2018-10-04 17:17 - 2018-10-04 17:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign277d08b09573518a
2018-10-04 11:26 - 2018-10-04 11:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign7eba7dcfdc2290eb
2018-10-04 11:26 - 2018-10-04 11:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign413ee8646a43e62f
2018-10-04 11:22 - 2018-10-04 11:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna4c7c38a3558c138
2018-10-04 11:22 - 2018-10-04 11:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign78065a401349353a
2018-10-04 11:22 - 2018-10-04 11:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign25151dca1867b5aa
2018-10-04 10:43 - 2018-10-04 10:43 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign9b134e77642febd4
2018-10-04 10:39 - 2018-10-04 10:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignb1e3359a2d0d76c2
2018-10-04 10:39 - 2018-10-04 10:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign997e996a0a3ea7d4
2018-10-04 10:39 - 2018-10-04 10:39 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign60403e367572a2a6
2018-10-04 10:37 - 2018-10-04 10:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign61dae22113f316e6
2018-10-04 10:37 - 2018-10-04 10:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign0dc3682e79b65db7
2018-10-04 10:25 - 2018-10-04 10:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign7ebbe6afe9c6b2ba
2018-10-04 10:25 - 2018-10-04 10:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign638eb45c8a26e490
2018-10-04 10:24 - 2018-10-04 10:24 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignd46a23d11db183bd
2018-10-04 10:22 - 2018-10-04 10:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignacdd647b3bc80e91
2018-10-04 10:22 - 2018-10-04 10:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign71c5cab11b36b8a1
2018-10-04 10:22 - 2018-10-04 10:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign49d19f5e2eae5f9f
2018-10-04 10:22 - 2018-10-04 10:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign47224ba50f74ba8b
2018-10-04 09:20 - 2018-10-04 09:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignd5ef28d8570661ef
2018-10-04 09:20 - 2018-10-04 09:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign1af8a8a2269187c6
2018-10-02 13:25 - 2018-10-02 13:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignf283588042e126eb
2018-10-02 13:25 - 2018-10-02 13:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigne8e8d97c1c4d5daa
2018-10-01 11:49 - 2018-10-01 11:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignfeb9203a5bf8c46e
2018-10-01 11:49 - 2018-10-01 11:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignb2c475a3d60c1ea4
2018-10-01 11:49 - 2018-10-01 11:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8561f9cc213cb066
2018-10-01 11:49 - 2018-10-01 11:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign58861943da338c97
2018-10-01 10:48 - 2018-10-01 10:48 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign94680e9f43092057
2018-10-01 10:48 - 2018-10-01 10:48 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign8b0b026378671c61
2018-10-01 10:43 - 2018-10-01 10:43 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign6fc06dc898cdaf7a
2018-10-01 10:43 - 2018-10-01 10:43 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign2abbec0829f0b46a
2018-10-01 10:26 - 2018-10-01 10:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignfd2a326e7582c51d
2018-10-01 10:26 - 2018-10-01 10:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna4e4d21f6d1fe81d
2018-09-30 12:06 - 2018-09-30 12:06 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign6fc533e342b587f2
2018-09-30 11:05 - 2018-09-30 11:05 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign850498402f73723e
2018-09-30 11:02 - 2018-09-30 11:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignea347f8df17042f0
2018-09-30 11:02 - 2018-09-30 11:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign97cf1ab57897875e
2018-09-30 11:02 - 2018-09-30 11:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign946606531a7b3db1
2018-09-30 11:02 - 2018-09-30 11:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign746689f1a72637d2
2018-09-29 17:48 - 2018-09-29 17:48 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign4cf8cd3d0110dea7
2018-09-29 15:22 - 2018-09-29 15:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignff4cabeebe7381f4
2018-09-29 15:22 - 2018-09-29 15:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign22b257ecbe0834f8
2018-09-29 15:22 - 2018-09-29 15:22 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign10f7fa4b9c292d10
2018-09-29 10:33 - 2018-09-29 10:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign829b072008ead8c7
2018-09-29 10:33 - 2018-09-29 10:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign3c1da5569493cad3
2018-09-29 10:14 - 2018-09-29 10:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbfbe46db2e922832
2018-09-29 10:14 - 2018-09-29 10:14 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbf8a5adb234c38af
2018-09-29 00:43 - 2018-09-29 00:43 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\AMD
2018-09-29 00:26 - 2018-09-29 00:26 - 000003152 _____ C:\Windows\System32\Tasks\StartCN
2018-09-29 00:26 - 2018-09-29 00:26 - 000003066 _____ C:\Windows\System32\Tasks\StartDVR
2018-09-29 00:26 - 2018-09-29 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2018-09-29 00:16 - 2018-09-29 00:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2018-09-28 13:44 - 2018-09-28 13:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign75dbf8ea8bcc93b1
2018-09-28 13:44 - 2018-09-28 13:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign413dd904a9d55aa7
2018-09-26 14:20 - 2018-09-26 14:20 - 000113256 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2018-09-26 14:20 - 2018-09-26 14:20 - 000104840 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2018-09-26 04:48 - 2018-09-26 04:48 - 000331144 _____ C:\Windows\system32\clinfo.exe
2018-09-26 04:48 - 2018-09-26 04:48 - 000169864 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-09-26 04:48 - 2018-09-26 04:48 - 000146312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-09-26 04:47 - 2018-09-26 04:47 - 060112264 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2018-09-26 04:47 - 2018-09-26 04:47 - 026375560 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2018-09-26 04:47 - 2018-09-26 04:47 - 021076360 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2018-09-26 04:46 - 2018-09-26 04:46 - 049420168 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2018-09-26 04:40 - 2018-09-26 04:40 - 012034200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdvt.dll
2018-09-26 04:40 - 2018-09-26 04:40 - 000166240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2018-09-26 04:40 - 2018-09-26 04:40 - 000141496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 031333768 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 012654248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6t.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000188112 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000162880 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000134040 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000114976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000103664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2018-09-26 04:39 - 2018-09-26 04:39 - 000103664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 047102856 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2018-09-26 04:38 - 2018-09-26 04:38 - 015924104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 013778824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 003709832 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 003338120 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 000150408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 000127368 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2018-09-26 04:38 - 2018-09-26 04:38 - 000060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2018-09-26 04:37 - 2018-09-26 04:37 - 000543624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2018-09-26 04:37 - 2018-09-26 04:37 - 000373640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2018-09-26 04:37 - 2018-09-26 04:37 - 000139144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2018-09-26 04:37 - 2018-09-26 04:37 - 000117128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000561544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000472456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2018-09-26 04:29 - 2018-09-26 04:29 - 000176008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000153992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000144776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000129928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2018-09-26 04:29 - 2018-09-26 04:29 - 000036744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2018-09-26 04:29 - 2018-09-26 04:29 - 000033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2018-09-26 04:28 - 2018-09-26 04:28 - 014957960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2018-09-26 04:28 - 2018-09-26 04:28 - 012391304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2018-09-26 04:28 - 2018-09-26 04:28 - 000910728 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2018-09-26 04:28 - 2018-09-26 04:28 - 000741256 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2018-09-26 04:21 - 2018-09-26 04:21 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2018-09-26 04:20 - 2018-09-26 04:20 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2018-09-26 04:18 - 2018-09-26 04:18 - 000009936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2018-09-26 04:18 - 2018-09-26 04:18 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000578440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2018-09-26 04:17 - 2018-09-26 04:17 - 000489352 _____ (AMD) C:\Windows\system32\atitmm64.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000480648 _____ C:\Windows\system32\dgtrayicon.exe
2018-09-26 04:17 - 2018-09-26 04:17 - 000467848 _____ C:\Windows\system32\GameManager64.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000373640 _____ C:\Windows\SysWOW64\GameManager32.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000209800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2018-09-26 04:17 - 2018-09-26 04:17 - 000115592 _____ (AMD) C:\Windows\system32\atimuixx.dll
2018-09-26 04:16 - 2018-09-26 04:16 - 001183624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2018-09-26 04:16 - 2018-09-26 04:16 - 001183624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2018-09-26 04:16 - 2018-09-26 04:16 - 000746376 _____ (AMD) C:\Windows\system32\atieclxx.exe
2018-09-26 04:16 - 2018-09-26 04:16 - 000496008 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2018-09-26 04:16 - 2018-09-26 04:16 - 000458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2018-09-26 04:16 - 2018-09-26 04:16 - 000423304 _____ C:\Windows\system32\atieah64.exe
2018-09-26 04:16 - 2018-09-26 04:16 - 000341384 _____ C:\Windows\SysWOW64\atieah32.exe
2018-09-26 04:15 - 2018-09-26 04:15 - 000457096 _____ C:\Windows\system32\amdgfxinfo64.dll
2018-09-26 04:15 - 2018-09-26 04:15 - 000370568 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2018-09-26 04:15 - 2018-09-26 04:15 - 000223624 _____ C:\Windows\system32\Drivers\amdacpksd.sys
2018-09-26 04:04 - 2018-09-26 04:04 - 000902184 _____ C:\Windows\SysWOW64\atiapfxx.blb
2018-09-26 04:04 - 2018-09-26 04:04 - 000902184 _____ C:\Windows\system32\atiapfxx.blb
2018-09-26 01:20 - 2018-09-29 00:21 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2018-09-25 23:22 - 2018-09-25 23:22 - 000164168 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2018-09-25 23:22 - 2018-09-25 23:22 - 000135328 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2018-09-25 18:33 - 2018-09-25 18:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign4e131d3a38d6e76a
2018-09-25 18:33 - 2018-09-25 18:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign0fc49bfd35606b9c
2018-09-24 11:50 - 2018-09-24 11:50 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign85fe5c1460d956b9
2018-09-24 11:50 - 2018-09-24 11:50 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign431531125529a6a0
2018-09-24 10:49 - 2018-09-24 10:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignc1a35346b29e4be2
2018-09-24 10:49 - 2018-09-24 10:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbdd10532a280d895
2018-09-24 10:49 - 2018-09-24 10:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign0fe0d4c2ed52dfa0
2018-09-23 14:25 - 2018-09-23 14:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignd4fabb0a6e45f7fd
2018-09-23 14:25 - 2018-09-23 14:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignd26583bea0691cb2
2018-09-23 14:25 - 2018-09-23 14:25 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign157bb46b84691fe9
2018-09-23 14:17 - 2018-09-23 14:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignbf47d0b6c8a659aa
2018-09-23 14:17 - 2018-09-23 14:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigna8f95821bb4dd8e0
2018-09-23 14:08 - 2018-09-23 14:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigncdec6b1bdb4a7c50
2018-09-23 14:08 - 2018-09-23 14:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignc96ae6a839d312b6
2018-09-23 14:08 - 2018-09-23 14:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignab61a38a19aa352f
2018-09-23 13:19 - 2018-09-23 13:19 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsigndd5466e84be549a8
2018-09-23 13:19 - 2018-09-23 13:19 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign4960aaed485d9490
2018-09-23 09:38 - 2018-09-23 09:38 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign86591b74c944f17f
2018-09-23 09:38 - 2018-09-23 09:38 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign55d10786cc6b1901
2018-09-23 09:38 - 2018-09-23 09:38 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign330bf6da0ba3e4d3
2018-09-23 09:23 - 2018-09-23 09:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsignad5466a5b06aa556
2018-09-23 09:23 - 2018-09-23 09:23 - 000000000 ____D C:\Users\Usuario\AppData\Local\Tempzxpsign6c71c2fc4b0921a8

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-22 01:11 - 2018-04-08 17:35 - 000000000 ____D C:\ProgramData\Gramblr
2018-10-22 00:31 - 2017-01-03 12:03 - 000000994 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-10-21 23:44 - 2009-07-14 05:45 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-21 23:44 - 2009-07-14 05:45 - 000021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-21 23:43 - 2011-04-12 10:10 - 000750994 _____ C:\Windows\system32\perfh00A.dat
2018-10-21 23:43 - 2011-04-12 10:10 - 000160036 _____ C:\Windows\system32\perfc00A.dat
2018-10-21 23:43 - 2009-07-14 06:13 - 001685736 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-21 23:43 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-10-21 23:38 - 2018-06-17 19:09 - 000000000 ___HD C:\USUARIO-PC
2018-10-21 23:38 - 2017-01-03 12:03 - 000000990 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-10-21 23:37 - 2016-09-19 00:30 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-10-21 23:37 - 2016-09-18 23:56 - 000000000 ____D C:\ProgramData\PACE
2018-10-21 23:37 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-21 13:20 - 2009-07-14 03:34 - 000000478 _____ C:\Windows\win.ini
2018-10-21 02:45 - 2015-12-24 17:23 - 001658706 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-10-21 02:13 - 2018-06-17 19:09 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\bdba28455878b916c2f53f9b1f3365a2
2018-10-21 02:00 - 2016-01-08 14:26 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe
2018-10-20 16:18 - 2018-06-20 00:48 - 000000000 ____D C:\Windows\pss
2018-10-20 16:12 - 2017-01-28 00:39 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
2018-10-20 16:12 - 2016-12-05 00:17 - 000000000 ___RD C:\Users\Usuario\iCloudDrive
2018-10-20 14:39 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-10-19 23:40 - 2017-03-20 18:21 - 000000000 ____D C:\Users\Usuario\AppData\Local\Battle.net
2018-10-18 13:54 - 2016-01-10 22:20 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Adobe
2018-10-18 13:01 - 2017-01-28 14:06 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Grasshopper
2018-10-18 09:26 - 2017-01-28 11:41 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\McNeel
2018-10-16 16:05 - 2016-05-10 23:43 - 000000000 ____D C:\Users\Usuario\.afirma
2018-10-15 22:48 - 2010-11-21 04:27 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-10-15 11:08 - 2017-03-06 02:21 - 000000033 _____ C:\Users\Usuario\AppData\Roaming\AdobeWLCMCache.dat
2018-10-11 13:46 - 2018-06-01 22:44 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-10-11 13:03 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-10-10 12:06 - 2018-04-08 17:35 - 000000000 ____D C:\Program Files\Gramblr
2018-10-09 21:00 - 2017-01-03 12:03 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-10-09 00:20 - 2018-05-02 18:40 - 007878240 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-08 19:00 - 2016-06-18 12:34 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-08 10:43 - 2018-05-02 01:19 - 000296936 _____ C:\Users\Usuario\AppData\Local\GDIPFONTCACHEV1.DAT
2018-10-07 01:18 - 2017-06-18 18:37 - 000000000 ____D C:\Users\Usuario\Documents\Adobe Premiere Pro Audio Previews
2018-10-06 09:54 - 2017-01-24 14:56 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vlc
2018-09-29 00:26 - 2015-12-24 17:22 - 000000000 ____D C:\Program Files\AMD
2018-09-29 00:23 - 2016-09-19 00:31 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-09-29 00:21 - 2016-01-25 18:12 - 000000000 ____D C:\AMD
2018-09-26 04:40 - 2015-11-18 09:19 - 011980616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2018-09-26 04:39 - 2018-09-19 01:23 - 012587304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2018-09-26 04:39 - 2016-09-07 16:41 - 038207880 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2018-09-26 04:37 - 2018-09-19 01:26 - 001532808 _____ (AMD) C:\Windows\system32\coinst_18.30.dll
2018-09-26 04:29 - 2018-05-16 20:22 - 013290240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2018-09-26 04:29 - 2015-11-18 09:20 - 001569336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2018-09-26 04:29 - 2015-06-23 03:08 - 016219048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2018-09-26 04:29 - 2015-06-23 03:08 - 001927264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2018-09-26 04:18 - 2018-09-19 01:07 - 012897328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2018-09-26 04:18 - 2018-09-19 01:07 - 000189136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2018-09-26 04:18 - 2018-05-16 20:24 - 000173168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2018-09-26 04:18 - 2015-11-18 09:20 - 000155176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2018-09-26 04:18 - 2015-11-18 09:19 - 010501008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2018-09-26 04:18 - 2015-06-23 03:08 - 000205128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2018-09-26 04:17 - 2016-09-07 16:41 - 000240520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2018-09-26 04:17 - 2016-09-07 16:41 - 000158088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2018-09-26 04:16 - 2016-09-07 16:41 - 001619848 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2018-09-22 10:26 - 2017-01-03 12:03 - 000003990 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-09-22 10:26 - 2017-01-03 12:03 - 000003738 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore

==================== Files in the root of some directories =======

2017-03-06 02:21 - 2018-10-15 11:08 - 000000033 _____ () C:\Users\Usuario\AppData\Roaming\AdobeWLCMCache.dat
2016-05-25 10:31 - 2018-06-05 10:56 - 000001456 _____ () C:\Users\Usuario\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2016-07-18 16:09 - 2016-09-30 11:41 - 000001456 _____ () C:\Users\Usuario\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-03-22 09:30 - 2018-05-18 04:59 - 000006144 _____ () C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-21 18:36 - 2018-06-26 12:45 - 000534528 _____ (Dirección General de la Policía) C:\Users\Usuario\AppData\Local\DNIeService.exe
2018-09-28 02:45 - 2018-09-28 02:45 - 000000000 _____ () C:\Users\Usuario\AppData\Local\oobelibMkey.log
2017-07-07 21:48 - 2017-08-08 14:31 - 000000024 _____ () C:\Users\Usuario\AppData\Local\pdfshaper.ini
2018-07-03 22:56 - 2018-09-19 19:58 - 000007603 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg
2018-06-24 08:19 - 2018-06-24 08:19 - 000000000 _____ () C:\Users\Usuario\AppData\Local\{3EBCBDFE-6156-409C-A90A-1064C3E57486}

Some files in TEMP:
====================
2018-10-21 22:22 - 2016-05-11 19:20 - 001732032 _____ (Microsoft Corporation) C:\Users\Usuario\AppData\Local\Temp\dllnt_dump.dll

Some zero byte size files/folders:
==========================
C:\Windows\System32\.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-15 08:57

==================== End of FRST.txt ============================
 

Broni

Malware Annihilator
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Usuario (22-10-2018 01:11:30)
Running from C:\Users\Usuario\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-12-24 15:49:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

11162D3E62214D2B8D88 (S-1-5-21-195718489-560072280-3497813212-1010 - Limited - Enabled)
Administrador (S-1-5-21-195718489-560072280-3497813212-500 - Administrator - Enabled) => C:\Users\Administrador
HomeGroupUser$ (S-1-5-21-195718489-560072280-3497813212-1012 - Limited - Enabled)
Invitado (S-1-5-21-195718489-560072280-3497813212-501 - Limited - Disabled)
Usuario (S-1-5-21-195718489-560072280-3497813212-1000 - Administrator - Enabled) => C:\Users\Usuario

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\uTorrent) (Version: 3.5.3.44396 - BitTorrent Inc.)
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_2) (Version: 10.0.2 - Adobe Systems Incorporated)
Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_5) (Version: 1.0.5 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.1.298 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}) (Version: 10.1.52.14 - Adobe Systems, Inc.)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated)
Age of Empires III - Complete Collection (HKLM-x32\...\Age of Empires III - Complete Collection_is1) (Version: - )
Akamai NetSession Interface (HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.0.108.150 - Autodesk)
Aplicaciones destacadas de Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Apple Application Support (32 bits) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.0.6.9 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.031 - ASUSTek Computer Inc.)
AutoCAD 2016 - Español (Spanish) (HKLM\...\{5783F2D7-F001-040A-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-F001-040A-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2016 - Español (Spanish) (HKLM\...\AutoCAD 2016 - Español (Spanish)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\{F6FD1651-0000-1033-0102-387BAF9B3B0A}) (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.3 - Gobierno de España)
Avid Application Manager (HKLM\...\{99E377DB-D2D0-44A5-8533-AA8BE1381644}) (Version: 2.5.9.13525 - Avid Technology, Inc.)
Avid Media Composer (HKLM\...\{F74D4B69-914F-4DAC-A08D-37BD217A0003}) (Version: 8.4.4.38500 - Avid Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
CE3X v1.3 (HKLM-x32\...\{100903D5-435B-4897-84B9-082CF759B2DA}_is1) (Version: - EFINOVA_CENER)
CE3X v2.1 (HKLM-x32\...\{562774A2-0404-4C75-9BD0-570FE49EC887}_is1) (Version: - EFINOVATIC_CENER)
CE3X v2.3 (HKLM-x32\...\{7139BD7B-FC0B-435F-8E79-63D7CCDA2BA8}_is1) (Version: - Certificacion Energetica SL)
Celtx (2.9.1) (HKLM-x32\...\Celtx (2.9.1)) (Version: 2.9.1 (es-ES) - Greyfirst)
Complemento Guardar como PDF o XPS de Microsoft para programas de Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.6 - FNMT-RCM)
Core Temp 1.12.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.12.1 - ALCPU)
Dropbox (HKLM-x32\...\Dropbox) (Version: 59.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 2.1.0.0 - Google LLC.)
Gramblr (HKLM\...\Gramblr) (Version: 2.9.154 - Gramblr Team)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
I.G.I.C.-Modelo400 (HKLM-x32\...\I.G.I.C.-Modelo400) (Version: 7.3.0.1 - Gobierno de Canarias)
I.G.I.C.-Modelo420-(2016) (HKLM-x32\...\I.G.I.C.-Modelo420-(2016)) (Version: 7.1.0.0 - Gobierno de Canarias)
I.G.I.C.-Modelo420-(2018) (HKLM-x32\...\I.G.I.C.-Modelo420-(2018)) (Version: 7.3.0.0 - Gobierno de Canarias)
I.G.I.C.-Modelo425-(2016) (HKLM-x32\...\I.G.I.C.-Modelo425-(2016)) (Version: 5.1.0.3 - Gobierno de Canarias)
iCloud (HKLM\...\{C8127F91-0244-4FF0-8014-0C432E15E09D}) (Version: 7.5.0.34 - Apple Inc.)
Importación de SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Instalable DNIe (HKLM\...\{D2CE0562-13E0-4FC9-85F2-CA3D0392310E}) (Version: 14.0.0 - Cuerpo Nacional de Policía)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
iTunes (HKLM\...\{5B9A1F2F-0FFA-4633-99F2-63A8DB8C07BD}) (Version: 12.7.5.9 - Apple Inc.)
iZotope Insight (HKLM-x32\...\iZotope Insight_is1) (Version: 1.03 - iZotope, Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
K-Lite Mega Codec Pack 11.8.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.8.5 - KLCP)
Libro del Edificio 2004 (HKLM-x32\...\ST6UNST #1) (Version: - )
Magic Bullet Suite v12.0.6 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 12.0.6 - Red Giant, LLC)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_STANDARD_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_STANDARD_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 3.5 - ABSoft)
Nero 8 Lite 8.1.1.3 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.1.1.3 - Updatepack.nl)
PACE License Support Win64 (HKLM\...\{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.)
pCloud Drive (HKLM-x32\...\{3370a839-c7d0-4c00-b8de-85c26d2c4bda}) (Version: 3.5.4.0 - pCloud AG)
pCloud Drive (HKLM-x32\...\{5ED8943F-FC69-4C0A-B2EE-8945BC6D5E7A}) (Version: 3.5.4 - pCloud AG) Hidden
PDF Shaper 2.7 (HKLM-x32\...\PDF Shaper_is1) (Version: - Glorylogic)
Philips Product Selector 5.2.9.17 (HKLM-x32\...\{81AD9228-21AC-4DBD-AE33-98146A88BAA8}) (Version: 5.2.9.17 - Philips Lighting) Hidden
Philips Product Selector 5.2.9.17 (HKLM-x32\...\InstallShield_{81AD9228-21AC-4DBD-AE33-98146A88BAA8}) (Version: 5.2.9.17 - Philips Lighting)
PPS max plugin 1.7.0 (HKLM-x32\...\PPS max plugin_is1) (Version: 1.7.0.0 - Tree C Technology B.V.)
ProtoJewel (HKLM-x32\...\ProtoJewel) (Version: - Techjewel)
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC)
Rhino 6 (HKLM\...\{8AAC9DBA-CD94-4CA0-8A53-49BB11EEC1CF}) (Version: 6.7.18199.22081 - Robert McNeel & Associates) Hidden
Rhino 6 (HKLM-x32\...\{4bd6c2c4-457a-4b2d-b8bf-403c56563887}) (Version: 6.7.18199.22081 - Robert McNeel & Associates)
Rhino Installer Engine (HKLM\...\{03AE7DCE-7D39-4E1E-9795-4016746A9346}) (Version: 6.7.18199.22081 - Robert McNeel & Associates) Hidden
Rhinoceros 5 Help Media (HKLM-x32\...\{17B822A0-154B-41BB-A049-8586899F1FD6}) (Version: 5.11.50106.18145 - Robert McNeel & Associates)
Rhinoceros 5 Language Pack Installer (es-ES) (HKLM-x32\...\{D7CBE2FD-8EF8-4304-9B2C-3AABC4E478E2}) (Version: 5.11.50106.18145 - Robert McNeel & Associates)
Rhinoceros 6 Language Pack Installer (en-US) (HKLM\...\{C089C90C-E533-4767-8A94-C12E3E686C21}) (Version: 6.7.18199.22081 - Robert McNeel & Associates) Hidden
RogueKiller version 12.13.5.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.13.5.0 - Adlice Software)
Sentinel Protection Installer 7.6.6 (HKLM-x32\...\{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 - SafeNet, Inc.)
Skype versión 8.22 (HKLM-x32\...\Skype_is1) (Version: 8.22 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Twixtor v6 for After Effects and Premiere Pro (HKLM\...\Twixtor v6 for After Effects and Premiere Pro 6.2.8) (Version: 6.2.8 - RE:Vision Effects)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard (11/23/2017 1.0.2.6) (HKLM\...\4156F59B733E1BC3DE3D5DA2299224A42B2FF794) (Version: 11/23/2017 1.0.2.6 - Dirección General de la Policía)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-195718489-560072280-3497813212-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-195718489-560072280-3497813212-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-195718489-560072280-3497813212-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-195718489-560072280-3497813212-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\es-ES\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-195718489-560072280-3497813212-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files (x86)\pCloud Drive\OverlayIcon64.dll [2016-11-17] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {54D26EC7-2740-420C-9710-9E920B98CCC4} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {54D26EC7-2740-420C-9710-9E920B98CCC4} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (/n software, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-09-14] (ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-05-23] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-09-14] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [ContextMenuExtension] -> {a0b73fac-351f-3948-9d8a-1dad9d870193} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-09-25] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2018-09-14] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08E81B5F-5A38-4675-ACA4-745E86DB8CD2} - System32\Tasks\{3CB6BDEB-8042-43D6-8044-F5F4E36FBBA9} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SKMOQR52\JavaSetup8u171.exe" -d C:\Users\Usuario\Desktop
Task: {156DB75D-D0D5-420D-9DBB-3146147002A9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-15] (AVAST Software)
Task: {31003ED2-7ACF-4755-B6D5-84B9F5EE6B1C} - System32\Tasks\ASUS Live Update Task Schedule => C:\Program Files (x86)\ASUS\GPU Tweak\ASUSLiveUpdate.exe
Task: {3A988C32-C7B3-4A88-A8C5-C8396A1B4363} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {46A96C50-73F2-4073-85B0-A4CB01508144} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {4A3B364E-8E23-44D1-94D1-4A565D6D4E2E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-07-03] (Piriform Ltd)
Task: {53CABDF1-EFF5-44D9-AA66-50C9376426EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {66098C0E-E09F-4EA5-9531-3A67CDD2C5C6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-09-25] (Advanced Micro Devices, Inc.)
Task: {69BDC5D5-DBE4-4825-8A0C-5363929858EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {69CD61B9-D8AD-4CEB-A004-084D652DB2F1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-01-03] (Dropbox, Inc.)
Task: {6CFDAC2B-C3B7-493F-969C-F9DC9E78BC0F} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-18] ()
Task: {70C09DDB-AD8C-44C3-BB80-BD20B81C7207} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {813BE252-880A-4F5D-A756-BEBDE8B03688} - System32\Tasks\AdobeGCInvoker-1.0-Usuario-PC-Usuario => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {82050221-F66F-40DB-81D8-CB1E062399CD} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-01-03] (Dropbox, Inc.)
Task: {855E19A3-95ED-4779-8F71-BDA415E3D396} - System32\Tasks\{824522FB-36C6-4AC1-B244-D6F2C602D9E9} => C:\Windows\system32\pcalua.exe -a "E:\avid\Avid Media Composer 8.4.4 Multilingual Incl Patch\MediaComposer\autorun.exe" -d "E:\avid\Avid Media Composer 8.4.4 Multilingual Incl Patch\MediaComposer"
Task: {96A0B873-9359-43A0-8BF4-1C2F11A8E210} - System32\Tasks\{363A0873-2F7F-4ADF-AEDB-F6D194E9F273} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6T0QAS93\JavaUninstallTool.exe" -d C:\Users\Usuario\Desktop
Task: {A1D764FA-EC4E-4E48-A3A8-C6BF40438C7C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-09-25] (Advanced Micro Devices, Inc.)
Task: {AB9A4836-7299-4385-BA9B-2D713C7952BC} - System32\Tasks\AdobeAAMUpdater-1.0-Usuario-PC-Usuario => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {D5141AC0-CF1A-4723-8D40-5F2149818F65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {FFD897C7-BD9B-4F6B-AD0F-AA4DDF66321A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-07-03] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-29 11:28 - 2015-05-29 11:28 - 000048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2013-10-25 13:09 - 2013-10-25 13:09 - 007740928 _____ () c:\program files\avid\editor transcode\transcodeservice\jre\bin\server\jvm.dll
2018-04-08 17:35 - 2018-10-10 12:06 - 014535760 _____ () C:\Program Files\Gramblr\gramblr.exe
2018-10-21 23:09 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-21 23:09 - 2018-09-12 17:57 - 002785784 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-09-26 02:52 - 2018-02-10 02:12 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-24 22:07 - 2018-04-24 22:07 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 22:07 - 2018-04-24 22:07 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-05-22 22:08 - 2018-05-22 22:08 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-05-22 22:09 - 2018-05-22 22:09 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-06-24 12:26 - 2018-06-24 12:26 - 000061408 _____ () C:\Program Files\CCleaner\branding.dll
2018-02-27 21:08 - 2018-02-27 21:08 - 034523072 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-09-17 23:39 - 2018-09-15 09:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-17 23:39 - 2018-09-15 09:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2016-05-05 08:06 - 2016-03-23 11:02 - 000061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-05-05 08:06 - 2016-03-23 11:02 - 000110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2017-10-26 08:39 - 2015-05-22 11:37 - 007282688 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\entograf.dll
2017-10-26 08:39 - 2015-05-17 21:24 - 000036864 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypemsgs.dll
2017-10-26 08:39 - 2015-01-30 14:15 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\msgsdlls.dll
2017-10-26 08:39 - 2015-05-22 11:31 - 008949760 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\proglib.dll
2017-10-26 08:39 - 2015-05-14 09:08 - 000061440 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypestr.dll
2017-10-26 08:39 - 2015-03-12 15:24 - 000028672 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypemem.dll
2017-10-26 08:39 - 2015-05-19 10:10 - 000724992 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\basicos2.dll
2017-10-26 08:39 - 2015-06-04 07:51 - 000163840 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cyassert.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 000348160 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\dllinsta.dll
2017-10-26 08:39 - 2015-05-14 09:08 - 000032768 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\unicode.dll
2017-10-26 08:39 - 2015-05-19 10:10 - 001204224 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\basicos.dll
2017-10-26 08:39 - 2015-04-14 14:10 - 000114688 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\arrays.dll
2017-10-26 08:39 - 2015-05-20 12:12 - 001163264 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\componen.dll
2017-10-26 08:39 - 2015-05-19 10:10 - 000565248 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\panelwin.dll
2017-10-26 08:39 - 2014-11-18 12:52 - 000094208 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypemath.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 001708032 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\basicwin.dll
2017-10-26 08:39 - 2015-04-14 14:10 - 000102400 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\imagnwin.dll
2017-10-26 08:39 - 2015-05-14 09:03 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\textomsg.dll
2017-10-26 08:39 - 2015-04-14 14:10 - 000045056 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\arrorden.dll
2017-10-26 08:39 - 2015-05-21 12:08 - 000192512 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypedir.dll
2017-10-26 08:39 - 2015-05-22 11:31 - 001183744 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\iniciacype.dll
2017-10-26 08:39 - 2014-09-12 07:20 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\atexit.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 000036864 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypefile.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\verswin.dll
2017-10-26 08:39 - 2014-06-03 09:58 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\env.dll
2017-10-26 08:39 - 2015-03-12 15:40 - 000024576 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\entobase.dll
2017-10-26 08:39 - 2015-05-22 11:31 - 001204224 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\mnservcp.dll
2017-10-26 08:39 - 2015-05-22 11:31 - 000307200 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\splash.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 000073728 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypeio.dll
2017-10-26 08:39 - 2014-06-03 10:01 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\pastbas2.dll
2017-10-26 08:39 - 2015-05-14 12:28 - 001413120 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypeconf.dll
2017-10-26 08:39 - 2015-05-17 21:19 - 000049152 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypesock.dll
2017-10-26 08:39 - 2015-04-01 16:24 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\sockconf.dll
2017-10-26 08:39 - 2015-05-17 21:20 - 000049152 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\cypesrv.dll
2017-10-26 08:39 - 2014-09-17 09:28 - 000020480 _____ () C:\CYPE Ingenieros\Versión 2015\servipas\callback.dll
2016-05-05 08:06 - 2015-11-05 13:07 - 000052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2016-05-05 08:06 - 2015-11-05 13:07 - 000742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2016-05-05 08:06 - 2015-11-05 13:07 - 000195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2016-05-05 08:06 - 2013-09-23 18:52 - 000043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2016-05-05 08:06 - 2016-03-23 10:35 - 000286656 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\es-ES\AdWingManRes.dll
2018-02-14 06:03 - 2018-02-14 06:03 - 067115984 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\acrotray.esp
2016-05-05 08:06 - 2015-09-08 07:31 - 040640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2016-05-05 08:06 - 2014-09-03 01:29 - 000912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2016-05-05 08:06 - 2014-09-03 01:29 - 000134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2016-05-05 08:06 - 2014-09-03 01:29 - 000950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2018-01-30 09:38 - 2018-01-30 09:38 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-01-30 09:39 - 2018-01-30 09:39 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-01-30 09:38 - 2018-01-30 09:38 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2018-01-30 09:38 - 2018-01-30 09:38 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-02-14 06:26 - 2018-02-14 06:26 - 000111056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2018-01-30 09:38 - 2018-01-30 09:38 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2015-07-11 00:37 - 2015-07-11 00:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:fDGxnRDKyHlN56wh33UaklPh [1974]
AlternateDataStreams: C:\ProgramData\Microsoft:i0qEKD48wObw9pgtGUpv [1960]
AlternateDataStreams: C:\ProgramData\Microsoft:X3DEQSnGMClNNRvYeTMsS [2060]
AlternateDataStreams: C:\ProgramData\PACE:7A5EEAB3C79D0A63 [217]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\Usuario\AppData\Local\Archivos temporales de Internet:T3ADxtJobQA0r0QV1 [2102]
AlternateDataStreams: C:\Users\Usuario\AppData\Local\Temp:7WHrDbScQYRJrd306NADr2nc [2066]
 
  • Like
Reactions: Khasmir

Broni

Malware Annihilator
==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\gobcan.es -> hxxps://sede.gobcan.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\laspalmasgc.es -> hxxp://multicanal.laspalmasgc.es
IE trusted site: HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\red.es -> hxxps://red.es

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-02-08 22:21 - 000001662 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na2m-pr.licenses.adobe.com
127.0.0.1 na4r.services.adobe.com
127.0.0.1 ims-na1-prprod.adobelogin.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-195718489-560072280-3497813212-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 80.58.61.254 - 80.58.61.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avid Application Manager.lnk => C:\Windows\pss\Avid Application Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avid Background Services Manager.lnk => C:\Windows\pss\Avid Background Services Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Servidor de pastillas de red.lnk => C:\Windows\pss\Servidor de pastillas de red.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^12423110b01798004b20b717b311253c.lnk => C:\Windows\pss\12423110b01798004b20b717b311253c.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Usuario^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: 12423110b01798004b20b717b311253c => C:\ProgramData\12423110b01798004b20b717b311253c\12423110b01798004b20b717b311253c.exe C:\ProgramData\12423110b01798004b20b717b311253c\test.au3
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Autodesk Sync =>
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudPhotos => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
MSCONFIG\startupreg: iCloudServices => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{E4EB9EBC-0F67-4C82-881E-6C569339F12E}C:\users\usuario\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\usuario\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{DF404E0C-DF6F-4D09-8EB7-6BCBFFCDE452}C:\users\usuario\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\usuario\appdata\local\akamai\netsession_win.exe
FirewallRules: [{ADA37594-5D2E-40E8-8912-FE26DADB164F}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{2DA8C679-A785-48BD-A377-C74A7B4B363D}C:\users\usuario\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\usuario\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{177FDB7B-7F0F-47B8-B135-98483C6FF4D0}C:\users\usuario\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\usuario\appdata\local\akamai\netsession_win.exe
FirewallRules: [{73EACA1C-A441-417B-9CC2-EEC198B362DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{32B12652-11A6-4398-B59E-03EBAD6A78C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0DB2EE66-7E98-48B9-96B4-DC681CE3AE7F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8EBBCFAA-92D1-4591-939D-8AD308154EAE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{219D9B7F-3847-4CDA-A803-E2A785E5964E}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{617B6CA9-A674-4ECB-A05F-13C0622AEB3D}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{9097B6BA-12F4-48A5-99F6-C2B09A0F48EB}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{22607C4A-DF15-481C-97CD-15CD341857E9}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{384F6C9F-A88C-4ECE-8B39-EC5BE61DDFE5}] => (Allow) C:\Program Files\Avid\Application Manager\jre\bin\java.exe
FirewallRules: [{2FCD9F52-AAD7-4707-B964-EB6B316C1486}] => (Allow) C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe
FirewallRules: [{4A2D0ADF-6752-47D5-8263-35720CDE47BD}] => (Allow) C:\Program Files\Avid\Application Manager\AvidAppManHelper.exe
FirewallRules: [{2CC100E9-0EB7-4742-B1E3-C27E7450600F}] => (Allow) C:\Program Files (x86)\pCloud Drive\pCloud.exe
FirewallRules: [TCP Query User{169D62E3-4514-4FE6-9E11-C6B06A205DB6}C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe
FirewallRules: [UDP Query User{0B04CD46-82A3-4C07-A7E4-58BB3264147C}C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2015\adobe premiere pro.exe
FirewallRules: [{E0ADCFAC-8E8F-48AA-82F4-C62D27245B6A}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D5D57D43-AB38-49B2-A5C1-0E946E65019F}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A037E303-E001-405A-8206-BC1037FAE05C}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2E92449A-1D0A-42C3-962D-4B8F946EF8E4}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{298C8C12-F5A9-4F84-9D43-6757520D7E45}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CBD27310-DB41-4510-88C8-B8CCDE69CE25}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{B0B6B57D-FD88-49EE-99AF-0D48FD0B95D2}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe
FirewallRules: [UDP Query User{FD25C5F2-EB4B-4244-9B1A-12DF4DC3BAFB}C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro cc 2017\adobe premiere pro.exe
FirewallRules: [TCP Query User{1B3B8A92-5CED-473F-9146-33A95BC348C8}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe
FirewallRules: [UDP Query User{E3FE88E0-1B48-4761-8643-39402F369D45}C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cc 2017\adobe media encoder.exe
FirewallRules: [TCP Query User{2F9E74B3-87DE-4E7E-94BD-DF96941FC6ED}C:\program files\adobe\adobe premiere pro cc 2017\pproheadless.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\pproheadless.exe
FirewallRules: [UDP Query User{833C806A-5110-4910-B8F2-507E585E82BB}C:\program files\adobe\adobe premiere pro cc 2017\pproheadless.exe] => (Allow) C:\program files\adobe\adobe premiere pro cc 2017\pproheadless.exe
FirewallRules: [{91EFA0EB-7AF4-4A4E-8218-BDB818997C00}] => (Allow) LPort=60532
FirewallRules: [{FF65649A-BE50-4D9C-BD14-4C1327625607}] => (Allow) LPort=5000
FirewallRules: [{0AD95CFF-55EE-4BD1-876B-CECA940CE725}] => (Allow) E:\steam\Steam.exe
FirewallRules: [{78566FBA-DBB0-489F-B680-4F07056A23CA}] => (Allow) E:\steam\Steam.exe
FirewallRules: [TCP Query User{E85044DB-68A3-44B5-A509-580B52E37517}E:\age of empires iii - complete collection\bin\age3.exe] => (Allow) E:\age of empires iii - complete collection\bin\age3.exe
FirewallRules: [UDP Query User{A692CB4E-DE1D-4A05-96B7-393D6626AA29}E:\age of empires iii - complete collection\bin\age3.exe] => (Allow) E:\age of empires iii - complete collection\bin\age3.exe
FirewallRules: [TCP Query User{E478464A-A3A3-4191-BEFA-61958AA88F6B}E:\age of empires iii - complete collection\bin\age3y.exe] => (Allow) E:\age of empires iii - complete collection\bin\age3y.exe
FirewallRules: [UDP Query User{5125EC6E-864F-433E-AC85-2FEDC456D826}E:\age of empires iii - complete collection\bin\age3y.exe] => (Allow) E:\age of empires iii - complete collection\bin\age3y.exe
FirewallRules: [{799BF236-A524-47F3-A852-A4EACECB0884}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{FB06CBC8-E9DB-4DF6-A02D-C0A1FB40C991}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{720413C8-9417-46C0-B492-5817BFDF1922}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{3F3E4CB3-AACC-4D1E-9545-46DD405BEE32}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{C48B8755-3DE9-422A-AE49-D39397FF7E0F}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Block) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{72596645-9C97-4CD2-BD6D-DDC5BA92F66D}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Block) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{A4860623-540E-4DA7-9F5B-D5A40F3B40F3}C:\cype ingenieros\versión 2015\servipas\servidor de pastillas de red.exe] => (Allow) C:\cype ingenieros\versión 2015\servipas\servidor de pastillas de red.exe
FirewallRules: [UDP Query User{A372C2E0-2654-4E6A-BD2E-A5B8EA5356A3}C:\cype ingenieros\versión 2015\servipas\servidor de pastillas de red.exe] => (Allow) C:\cype ingenieros\versión 2015\servipas\servidor de pastillas de red.exe
FirewallRules: [TCP Query User{38E19385-462E-4E0B-9216-16E978C35CF1}E:\battle.net\battle.net.exe] => (Allow) E:\battle.net\battle.net.exe
FirewallRules: [UDP Query User{D5D4A753-F237-453C-AE81-2E0D1F1376B2}E:\battle.net\battle.net.exe] => (Allow) E:\battle.net\battle.net.exe
FirewallRules: [{16C5E787-C496-4CF5-974D-D715BE003A93}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{0710DFC3-2B19-4E48-8B78-ED763689C83A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{D4E5524C-92EC-4375-BB3A-B34C0F12E363}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{06FD0118-B09D-4331-8CF8-D0D0B6D8E945}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F349512C-268F-4DA5-8703-3E7E7716463C}] => (Allow) LPort=49429
FirewallRules: [{E881A326-6049-4488-BFC8-C3E13C41F0C9}] => (Allow) LPort=5000
FirewallRules: [{D72D94E8-47A7-437D-8A38-512452A3415B}] => (Allow) E:\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1C2BB89A-B7F7-494F-8E6E-2EC5C51B0768}] => (Allow) E:\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5E2AFFCF-F219-436E-BBCD-6D75186C922A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{AE534154-82F2-40CB-A77F-0B582516B5DD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{201BE19F-DE0E-46B0-98AE-CDB73960128C}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [UDP Query User{FB4FD78C-24B3-45E7-BFB6-083BAB8CDAE3}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{8A57E629-B59A-4E75-A468-402B7071B6E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1E7997D6-C246-4F4E-8DA1-87D6695236B6}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{1ED89859-F4D1-4318-9F96-0B2D40406C67}E:\battle.net\heroes of the storm\versions\base69350\heroesofthestorm_x64.exe] => (Allow) E:\battle.net\heroes of the storm\versions\base69350\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E487A2F2-34DE-4685-81F5-C3897D643524}E:\battle.net\heroes of the storm\versions\base69350\heroesofthestorm_x64.exe] => (Allow) E:\battle.net\heroes of the storm\versions\base69350\heroesofthestorm_x64.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Mouse PS/2 de Microsoft
Description: Mouse PS/2 de Microsoft
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teclado PS/2 estándar
Description: Teclado PS/2 estándar
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Teclados estándar)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/22/2018 12:19:27 AM) (Source: System Restore) (EventID: 8211) (User: )
Description: No se pudo crear el punto de restauración programado. Información adicional: (0x8004231f).

Error: (10/22/2018 12:19:27 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; descripción = Punto de control programado; error = 0x8004231f).

Error: (10/21/2018 11:38:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (10/21/2018 11:25:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Explorer.EXE, versión 6.1.7601.17514, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 1390

Hora de inicio: 01d469838ece25b1

Hora de finalización: 11

Ruta de acceso de la aplicación: C:\Windows\Explorer.EXE

Identificador de informe: 1f9fd9e1-d580-11e8-947b-408d5c472ddc

Error: (10/21/2018 10:18:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (10/21/2018 05:32:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (10/21/2018 04:51:19 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.

Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/21/2018 04:51:19 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.

Contexto: aplicación Windows

Detalles:
El catálogo del índice de contenido está dañado. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (10/21/2018 11:37:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Hardlock no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador

Error: (10/21/2018 11:37:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Se bloqueó la carga de \??\C:\Windows\SysWow64\drivers\hardlock.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador.

Error: (10/21/2018 11:37:16 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: El controlador ACPI ha devuelto un Id. no válido para un dispositivo secundario (5).

Error: (10/21/2018 11:36:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio DbxSvc se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/21/2018 11:36:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Avid Editor Broker se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/21/2018 11:36:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio PACE License Services terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 2000 milisegundos: Reiniciar el servicio.

Error: (10/21/2018 11:36:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Servidor de pastillas de red se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/21/2018 11:36:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio McNeel Update Service 5.0 se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2018-07-08 05:46:02.423
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.271.645.0
Versión de firma anterior:1.269.1974.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:1.1.15000.2
Versión de motor anterior:1.1.14901.4
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control.

Date: 2018-07-08 05:46:02.422
Description:
Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor:1.1.15000.2
Versión de motor anterior:1.1.14901.4
Origen de actualización:Usuario
Usuario:NT AUTHORITY\SYSTEM
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control.

CodeIntegrity:
===================================

Date: 2016-01-11 16:58:47.821
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Users\Usuario\AppData\Local\Temp\eu-l2_live\frost.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-01-11 16:58:47.818
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Users\Usuario\AppData\Local\Temp\eu-l2_live\frost.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-01-11 16:58:47.815
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Users\Usuario\AppData\Local\Temp\eu-l2_live\frost.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-01-11 16:58:47.810
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume1\Users\Usuario\AppData\Local\Temp\eu-l2_live\frost.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-01-11 16:58:47.785
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Games\LineageII EU\Frost\frost.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-01-11 16:58:47.782
Description:
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Games\LineageII EU\Frost\frost.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-01-11 16:58:47.779
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Games\LineageII EU\Frost\frost.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-01-11 16:58:47.752
Description:
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Games\LineageII EU\Frost\frost.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 28%
Total physical RAM: 16320.59 MB
Available physical RAM: 11592.14 MB
Total Virtual: 41715.08 MB
Available Virtual: 35388.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:0.18 GB) NTFS
Drive e: (Datos) (Fixed) (Total:931.41 GB) (Free:122.22 GB) NTFS

\\?\Volume{2aaebfc4-aa4c-11e5-aac4-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 848AFDB8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 848AFDA0)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
  • Like
Reactions: Khasmir

Broni

Malware Annihilator
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • Like
Reactions: Khasmir

Khasmir

TS Rookie
Good morning,
thanks for your help, here is the log. (Fixlog.txt)
The same above message when I tried to post: "Your content can not be submitted. This is likely because your content is spam-like or contains inappropriate elements. Please change your content or try again later. If you still have problems, please contact an administrator."
Sorry for the inconvenience.
 

Attachments

Broni

Malware Annihilator
Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Usuario (22-10-2018 08:15:47) Run:1
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario & Administrador)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-195718489-560072280-3497813212-1000\...\Run: [AdobeBridge] => [X]
Toolbar: HKU\S-1-5-21-195718489-560072280-3497813212-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
[not found] <==== ATTENTION
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X] <==== ATTENTION
S3 ALSysIO; \??\C:\Users\Usuario\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
U3 aswbdisk; no ImagePath
S1 cajpstfa; \??\C:\Windows\system32\drivers\cajpstfa.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
2017-03-06 02:21 - 2018-10-15 11:08 - 000000033 _____ () C:\Users\Usuario\AppData\Roaming\AdobeWLCMCache.dat
2016-05-25 10:31 - 2018-06-05 10:56 - 000001456 _____ () C:\Users\Usuario\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2016-07-18 16:09 - 2016-09-30 11:41 - 000001456 _____ () C:\Users\Usuario\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-03-22 09:30 - 2018-05-18 04:59 - 000006144 _____ () C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-21 18:36 - 2018-06-26 12:45 - 000534528 _____ (Direcci�n General de la Polic�a) C:\Users\Usuario\AppData\Local\DNIeService.exe
2018-09-28 02:45 - 2018-09-28 02:45 - 000000000 _____ () C:\Users\Usuario\AppData\Local\oobelibMkey.log
2017-07-07 21:48 - 2017-08-08 14:31 - 000000024 _____ () C:\Users\Usuario\AppData\Local\pdfshaper.ini
2018-07-03 22:56 - 2018-09-19 19:58 - 000007603 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg
2018-06-24 08:19 - 2018-06-24 08:19 - 000000000 _____ () C:\Users\Usuario\AppData\Local\{3EBCBDFE-6156-409C-A90A-1064C3E57486}
2018-10-21 22:22 - 2016-05-11 19:20 - 001732032 _____ (Microsoft Corporation) C:\Users\Usuario\AppData\Local\Temp\dllnt_dump.dll
C:\Windows\System32\.exe
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\Microsoft:fDGxnRDKyHlN56wh33UaklPh [1974]
AlternateDataStreams: C:\ProgramData\Microsoft:i0qEKD48wObw9pgtGUpv [1960]
AlternateDataStreams: C:\ProgramData\Microsoft:X3DEQSnGMClNNRvYeTMsS [2060]
AlternateDataStreams: C:\ProgramData\PACE:7A5EEAB3C79D0A63 [217]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\Usuario\AppData\Local\Archivos temporales de Internet:T3ADxtJobQA0r0QV1 [2102]
AlternateDataStreams: C:\Users\Usuario\AppData\Local\Temp:7WHrDbScQYRJrd306NADr2nc [2066]

*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
"HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
[not found] <==== ATTENTION => Error: No automatic fix found for this entry.
PaceLicenseDServices => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\PaceLicenseDServices => removed successfully
PaceLicenseDServices => service removed successfully
HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully
ALSysIO => service removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\cajpstfa => removed successfully
cajpstfa => service removed successfully
HKLM\System\CurrentControlSet\Services\dbx => removed successfully
dbx => service removed successfully
HKLM\System\CurrentControlSet\Services\gdrv => removed successfully
gdrv => service removed successfully
C:\Users\Usuario\AppData\Roaming\AdobeWLCMCache.dat => moved successfully
C:\Users\Usuario\AppData\Local\Adobe Guardar para Web 13.0 Prefs => moved successfully
C:\Users\Usuario\AppData\Local\Adobe Save for Web 13.0 Prefs => moved successfully
C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Usuario\AppData\Local\DNIeService.exe => moved successfully
C:\Users\Usuario\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\Usuario\AppData\Local\pdfshaper.ini => moved successfully
C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Users\Usuario\AppData\Local\{3EBCBDFE-6156-409C-A90A-1064C3E57486} => moved successfully
C:\Users\Usuario\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Windows\System32\.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
C:\ProgramData\Microsoft => ":fDGxnRDKyHlN56wh33UaklPh" ADS removed successfully
C:\ProgramData\Microsoft => ":i0qEKD48wObw9pgtGUpv" ADS removed successfully
C:\ProgramData\Microsoft => ":X3DEQSnGMClNNRvYeTMsS" ADS removed successfully
C:\ProgramData\PACE => ":7A5EEAB3C79D0A63" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\Users\Usuario\AppData\Local\Archivos temporales de Internet => ":T3ADxtJobQA0r0QV1" ADS removed successfully
C:\Users\Usuario\AppData\Local\Temp => ":7WHrDbScQYRJrd306NADr2nc" ADS removed successfully


The system needed a reboot.

==== End of Fixlog 08:16:27 ====
 
  • Like
Reactions: Khasmir

Broni

Malware Annihilator
Last scans...

Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 

Khasmir

TS Rookie
Ok! Thanks

Results of screen317's Security Check version 1.014 --- 12/23/15
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
ESET Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 181
Java version 32-bit out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Google Chrome (69.0.3497.100)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````


Farbar Service Scanner Version: 27-01-2016
Ran by Usuario (administrator) on 22-10-2018 at 18:15:11
Running from "C:\Users\Usuario\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

2018-10-22 18:04:59.782 Sophos Virus Removal Tool version 2.7.0
2018-10-22 18:04:59.782 Copyright (c) 2009-2018 Sophos Limited. All rights reserved.

2018-10-22 18:04:59.782 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2018-10-22 18:04:59.782 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
2018-10-22 18:04:59.782 Checking for updates...
2018-10-22 18:05:02.643 Update progress: proxy server not available
2018-10-22 18:05:08.408 Option all = no
2018-10-22 18:05:08.408 Option recurse = yes
2018-10-22 18:05:08.408 Option archive = no
2018-10-22 18:05:08.408 Option service = yes
2018-10-22 18:05:08.408 Option confirm = yes
2018-10-22 18:05:08.408 Option sxl = yes
2018-10-22 18:05:08.409 Option max-data-age = 35
2018-10-22 18:05:08.409 Option vdl-logging = yes
2018-10-22 18:05:08.415 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2018-10-22 18:05:08.415 Machine ID: e51fb666b1634f98814f72401141e497
2018-10-22 18:05:08.417 Component SVRTcli.exe version 2.7.0
2018-10-22 18:05:08.417 Component control.dll version 2.7.0
2018-10-22 18:05:08.417 Component SVRTservice.exe version 2.7.0
2018-10-22 18:05:08.418 Component engine\osdp.dll version 1.44.1.2420
2018-10-22 18:05:08.418 Component engine\veex.dll version 3.73.0.2420
2018-10-22 18:05:08.418 Component engine\savi.dll version 9.0.11.2420
2018-10-22 18:05:08.419 Component rkdisk.dll version 1.5.33.1
2018-10-22 18:05:08.419 Version info: Product version 2.7.0
2018-10-22 18:05:08.419 Version info: Detection engine 3.73.0
2018-10-22 18:05:08.419 Version info: Detection data 5.55
2018-10-22 18:05:08.419 Version info: Build date 18/09/2018
2018-10-22 18:05:08.419 Version info: Data files added 259
2018-10-22 18:05:08.419 Version info: Last successful update (not yet updated)
2018-10-22 18:05:12.967 Downloading updates...
2018-10-22 18:05:12.968 Update progress: [I96736] sdds.svrt_v1.6: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2018-10-22 18:05:12.968 Update progress: [I95020] sdds.svrt_v1.6: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-10-22 18:05:12.968 Update progress: [I22529] sdds.svrt_v1.6: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-10-22 18:05:12.968 Update progress: [V81533] SU::createCachedPackageSource creating cached package source for http://d2.sophosupd.com/update-B: url=SOPHOS
2018-10-22 18:05:12.968 Update progress: [V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
2018-10-22 18:05:12.968 Update progress: [V81533] SU::createCachedPackageSource creating package source to download customer file
2018-10-22 18:05:12.968 Update progress: [V81533] SU::createCachedPackageSource creating cached package source
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: catalogue/sdds.data0910.xml
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: catalogue/sdds.data0910.xml: 109 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 08da391d15a3010e12142e03a9597ebdx000.xml: 3386 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 08da391d15a3010e12142e03a9597ebdx000.xml: 47 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4a0d7320d19b57576fb11281bbabbb0ax000.xml: 8673 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4a0d7320d19b57576fb11281bbabbb0ax000.xml: 47 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE559/81033f4318e0c45d3da59be715ad397cx000.xml: 590 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE559/81033f4318e0c45d3da59be715ad397cx000.xml: 46 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: SXLSUP/9658bb75e4104455fe802645d41af3dax000.xml: 598 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: SXLSUP/9658bb75e4104455fe802645d41af3dax000.xml: 78 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE548/107dc245a5689ba1cd4964b62c503aafx000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE548/107dc245a5689ba1cd4964b62c503aafx000.xml: 47 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE557/13239828b0b1bf83de4692d775629148x000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE557/13239828b0b1bf83de4692d775629148x000.xml: 31 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE554/1883db40022af8cbc8fd680f1c4185ddx000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE554/1883db40022af8cbc8fd680f1c4185ddx000.xml: 62 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE550/1e04bd4f6cc5b189217b416d0cacd23ax000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE550/1e04bd4f6cc5b189217b416d0cacd23ax000.xml: 63 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE553/236bb4ca0d2561a8e59124e4a65837c9x000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE553/236bb4ca0d2561a8e59124e4a65837c9x000.xml: 47 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE552/49e28e1f82adf19b43a3acfb11c919bax000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE552/49e28e1f82adf19b43a3acfb11c919bax000.xml: 46 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE549/564f40c936555e7bd11a0669b02f9ce5x000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE549/564f40c936555e7bd11a0669b02f9ce5x000.xml: 63 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE551/69eda22632d06ac2df0c576c5946841fx000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE551/69eda22632d06ac2df0c576c5946841fx000.xml: 47 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE547/7ed7c972ea5728a2f9cd6af0e14d9dadx000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE547/7ed7c972ea5728a2f9cd6af0e14d9dadx000.xml: 46 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE555/9f59846a02fa77254f4813df557d969bx000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE555/9f59846a02fa77254f4813df557d969bx000.xml: 63 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE556/cd085cdff0109eb84b9c16d718521445x000.xml: 601 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE556/cd085cdff0109eb84b9c16d718521445x000.xml: 31 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE558/866791cf16d308e40fc14d554897399bx000.xml: 12824 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE558/866791cf16d308e40fc14d554897399bx000.xml: 47 ms
2018-10-22 18:05:12.968 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 40ca8275295620dd4b3e35641c180de5x000.xml: 615 bytes
2018-10-22 18:05:12.968 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 40ca8275295620dd4b3e35641c180de5x000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4a8012a70ca59b5b1562a57e02ccb6dax000.xml: 320 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4a8012a70ca59b5b1562a57e02ccb6dax000.xml: 31 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0c458d84352f35f2b272f8b87e9f9576x000.xml: 753 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0c458d84352f35f2b272f8b87e9f9576x000.xml: 62 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 5c7f0eec8cb5f488397216dcfb7e98e8x000.xml: 331 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 5c7f0eec8cb5f488397216dcfb7e98e8x000.xml: 63 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a7f21eb049126d9fab9994032750a2d3x000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a7f21eb049126d9fab9994032750a2d3x000.xml: 46 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4cc3aa83d62c1f21721018c23a13d341x000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4cc3aa83d62c1f21721018c23a13d341x000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 24be0fc59a0372038b7fbb3af3e19d21x000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 24be0fc59a0372038b7fbb3af3e19d21x000.xml: 31 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e4ccc0244dafdc3a404f8bb420c2a165x000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e4ccc0244dafdc3a404f8bb420c2a165x000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1b5385d6d93fc43e87fc7d723b90aab9x000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1b5385d6d93fc43e87fc7d723b90aab9x000.xml: 31 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 44df079c17c27192400c73a86d16785fx000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 44df079c17c27192400c73a86d16785fx000.xml: 31 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9e72c50dc4507dfba988367b178eda4ax000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9e72c50dc4507dfba988367b178eda4ax000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e0a2f9d4b770945eb817f82acf76dc76x000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e0a2f9d4b770945eb817f82acf76dc76x000.xml: 140 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4c204ac4b99df718739c309d0f4ab76bx000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4c204ac4b99df718739c309d0f4ab76bx000.xml: 46 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 46e9b0f78df0d20502af43f391ffc506x000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 46e9b0f78df0d20502af43f391ffc506x000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: eaba289b0a9e187ed96137c42bf85645x000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: eaba289b0a9e187ed96137c42bf85645x000.xml: 62 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e4e261308128b5b42bf54c232030ea27x000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e4e261308128b5b42bf54c232030ea27x000.xml: 31 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 79cbe55b537a6b0b088266c4f7851a6fx000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 79cbe55b537a6b0b088266c4f7851a6fx000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a3d97ad39c880616c6265d17c501d956x000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a3d97ad39c880616c6265d17c501d956x000.xml: 62 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d9072ffa19fc0ff71a828d7ca2bc7828x000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d9072ffa19fc0ff71a828d7ca2bc7828x000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1d98051334b3ea8a0b042e0bb99bc283x000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1d98051334b3ea8a0b042e0bb99bc283x000.xml: 78 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 65cd522db300e140cf78cb0c5862d7fex000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 65cd522db300e140cf78cb0c5862d7fex000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 07c618a8e6ddca7e5889870b20467f25x000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 07c618a8e6ddca7e5889870b20467f25x000.xml: 62 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 65b7509646b00610cf1732a01f49a46fx000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 65b7509646b00610cf1732a01f49a46fx000.xml: 125 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f6ec5061dd7e77923111541727311aa2x000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f6ec5061dd7e77923111541727311aa2x000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 59c292069cc0fcbe6fbcf8d4289432a4x000.xml: 1027 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 59c292069cc0fcbe6fbcf8d4289432a4x000.xml: 140 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ace8e7b646829af68be5b32bbcc82570x000.xml: 338 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ace8e7b646829af68be5b32bbcc82570x000.xml: 109 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 21316b147702b392f36e54f62b662120x000.xml: 877 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 21316b147702b392f36e54f62b662120x000.xml: 32 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 8cd20e1a1b77f00a7e6e232811055fe1x000.xml: 320 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 8cd20e1a1b77f00a7e6e232811055fe1x000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 24194e7eb4fca7d3b7b8c009b8dc5fcbx000.xml: 877 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 24194e7eb4fca7d3b7b8c009b8dc5fcbx000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4c30656787146cde5ee77ebaf74f2b96x000.xml: 332 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4c30656787146cde5ee77ebaf74f2b96x000.xml: 31 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 567db438e895adcf9ea78440c5de8844x000.xml: 877 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 567db438e895adcf9ea78440c5de8844x000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 5a4d39489e191607c7d9a0825676525dx000.xml: 332 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 5a4d39489e191607c7d9a0825676525dx000.xml: 31 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 89d29fbcaae07787ee81db681fa2ac14x000.xml: 877 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 89d29fbcaae07787ee81db681fa2ac14x000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d8219a630d1d065fbe3a30d2ca011404x000.xml: 332 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d8219a630d1d065fbe3a30d2ca011404x000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 6ffd077f12126ae4acbd33e19f0dab5dx000.xml: 877 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 6ffd077f12126ae4acbd33e19f0dab5dx000.xml: 31 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 3e00ae0b34243a6e8aa89353a3afac5ax000.xml: 333 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 3e00ae0b34243a6e8aa89353a3afac5ax000.xml: 47 ms
2018-10-22 18:05:12.969 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 34b5449a252d37d750edc0578d3c38e7x000.xml: 877 bytes
2018-10-22 18:05:12.969 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 34b5449a252d37d750edc0578d3c38e7x000.xml: 46 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 225a62b2655cab382cca25866e4c3260x000.xml: 333 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 225a62b2655cab382cca25866e4c3260x000.xml: 32 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 3a29262db79a12ab214734334c21bf9fx000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 3a29262db79a12ab214734334c21bf9fx000.xml: 46 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: b2a206084b92537f63a48cac10aa6efax000.xml: 333 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: b2a206084b92537f63a48cac10aa6efax000.xml: 47 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 42d97fe8e93ab418990c39941cfe7866x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 42d97fe8e93ab418990c39941cfe7866x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 44f5ce8788a09e50733dd9fb25e5cc0fx000.xml: 333 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 44f5ce8788a09e50733dd9fb25e5cc0fx000.xml: 63 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 41f7ef00ca7a1277b50473c0ed173887x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 41f7ef00ca7a1277b50473c0ed173887x000.xml: 47 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 822a14305512096b1205af4a25214ff4x000.xml: 333 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 822a14305512096b1205af4a25214ff4x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: b128a2ec63f3cef42fd36099f6b824e4x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: b128a2ec63f3cef42fd36099f6b824e4x000.xml: 47 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f4d6babd2c0285dc466a540d69721c1cx000.xml: 333 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f4d6babd2c0285dc466a540d69721c1cx000.xml: 46 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4bacfca9d0b591153102d377f911c407x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4bacfca9d0b591153102d377f911c407x000.xml: 32 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ddd4416b5c3a7fcc9732f5ba0dda4bc5x000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ddd4416b5c3a7fcc9732f5ba0dda4bc5x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 498c52865bf2ae02a40d9b5feebf1daex000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 498c52865bf2ae02a40d9b5feebf1daex000.xml: 32 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 52fa7ac2cf36b9d1cef4f948444d10ccx000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 52fa7ac2cf36b9d1cef4f948444d10ccx000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ad1909f5643d5b943a6b8ff117e91268x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ad1909f5643d5b943a6b8ff117e91268x000.xml: 47 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4c5b22da352eb28016377181666d9666x000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4c5b22da352eb28016377181666d9666x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 7167b921232199f8dfe1f69474cb49e8x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 7167b921232199f8dfe1f69474cb49e8x000.xml: 47 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e7b830aa2b096ec98c4b079ad6c396e6x000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e7b830aa2b096ec98c4b079ad6c396e6x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 2e7a3ab7d9d160827c64d94364fa7b99x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 2e7a3ab7d9d160827c64d94364fa7b99x000.xml: 94 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 57be9378ddf5547656f79ba440ec6a65x000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 57be9378ddf5547656f79ba440ec6a65x000.xml: 78 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 8e7ddcc17585e3f9b5d28d3c513da6d3x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 8e7ddcc17585e3f9b5d28d3c513da6d3x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 34bb3e45cf26cf26bdfe755341fa750bx000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 34bb3e45cf26cf26bdfe755341fa750bx000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: b7fa14240877c2475314b3db9efb6f54x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: b7fa14240877c2475314b3db9efb6f54x000.xml: 47 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ca23acaf880a6e7ab6c47efa26b3685ax000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ca23acaf880a6e7ab6c47efa26b3685ax000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e00aefd4653dcbb3d1a7c86a881119b7x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e00aefd4653dcbb3d1a7c86a881119b7x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 2b9171c44b6881e755a657eadc8528b7x000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 2b9171c44b6881e755a657eadc8528b7x000.xml: 47 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: b9d3fcfdf33da45a348d566686207913x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: b9d3fcfdf33da45a348d566686207913x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: b3f3f824917ad94af8555bea525c18afx000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: b3f3f824917ad94af8555bea525c18afx000.xml: 78 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 6c9d8c2d7817a73e703c139f90b0eb65x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 6c9d8c2d7817a73e703c139f90b0eb65x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 748302662ba2223f19f7cef12ded0228x000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 748302662ba2223f19f7cef12ded0228x000.xml: 47 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 3f73c2216cbcfb635f33718261714b85x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 3f73c2216cbcfb635f33718261714b85x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 6210aabad39ebac7d221cb47376dcc28x000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 6210aabad39ebac7d221cb47376dcc28x000.xml: 47 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0e5e730031af73210b018cae511e6014x000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0e5e730031af73210b018cae511e6014x000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 6b6271513803abf184594f3895f87e7dx000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 6b6271513803abf184594f3895f87e7dx000.xml: 47 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ec9670f2c042dc6deb6db1fbad9f101bx000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ec9670f2c042dc6deb6db1fbad9f101bx000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0424063f573266cdaa7f078eee6812d7x000.xml: 335 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0424063f573266cdaa7f078eee6812d7x000.xml: 32 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 971d05b76b5d7300511870ee2e989d7ex000.xml: 877 bytes
2018-10-22 18:05:12.970 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 971d05b76b5d7300511870ee2e989d7ex000.xml: 31 ms
2018-10-22 18:05:12.970 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: c1ac0a4781372fc1fa34842bed9458fbx000.xml: 335 bytes
2018-10-22 18:05:12.971 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: c1ac0a4781372fc1fa34842bed9458fbx000.xml: 47 ms
2018-10-22 18:05:12.971 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ed649a1d8caa7f626288a6ec8ba066bcx000.xml: 877 bytes
2018-10-22 18:05:12.971 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ed649a1d8caa7f626288a6ec8ba066bcx000.xml: 31 ms
2018-10-22 18:05:12.971 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a0cf02463d59a522f856bc8a295714cdx000.xml: 335 bytes
2018-10-22 18:05:12.971 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a0cf02463d59a522f856bc8a295714cdx000.xml: 32 ms
2018-10-22 18:05:12.971 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4e3e000fce1789360bbf56577a142e29x000.xml: 1027 bytes
2018-10-22 18:05:12.971 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4e3e000fce1789360bbf56577a142e29x000.xml: 46 ms
2018-10-22 18:05:12.971 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: cc8b23e19a91ad3f3b9b1bd77f0cb91fx000.xml: 335 bytes
2018-10-22 18:05:12.971 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: cc8b23e19a91ad3f3b9b1bd77f0cb91fx000.xml: 32 ms
2018-10-22 18:05:12.971 Update progress: [I49502] sdds.data0910.xml: found supplement IDE556 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2018-10-22 18:05:12.971 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE556 LATEST path=
2018-10-22 18:05:12.971 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE556 LATEST path=
2018-10-22 18:05:12.971 Update progress: [I49502] sdds.data0910.xml: found supplement IDE557 LATEST path= baseVersion= [included from product IDE556 LATEST path=]
2018-10-22 18:05:12.971 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE557 LATEST path=
2018-10-22 18:05:12.971 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE557 LATEST path=
2018-10-22 18:05:12.971 Update progress: [I49502] sdds.data0910.xml: found supplement IDE558 LATEST path= baseVersion= [included from product IDE557 LATEST path=]
2018-10-22 18:05:12.971 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE558 LATEST path=
2018-10-22 18:05:12.971 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE558 LATEST path=
2018-10-22 18:05:12.971 Update progress: [I49502] sdds.data0910.xml: found supplement IDE559 LATEST path= baseVersion= [included from product IDE558 LATEST path=]
2018-10-22 18:05:12.971 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE559 LATEST path=
2018-10-22 18:05:12.971 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE559 LATEST path=
2018-10-22 18:05:12.971 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-10-22 18:05:12.971 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: c5d13d1a63d260854d41bcbb940462cdx000.xml: 78124 bytes
2018-10-22 18:05:12.971 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: c5d13d1a63d260854d41bcbb940462cdx000.xml: 281 ms
2018-10-22 18:05:12.971 Update progress: [I19463] Product download size 202917803 bytes
2018-10-22 18:05:18.943 Update progress: [I19463] Syncing product IDE556 LATEST path=
2018-10-22 18:05:18.943 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 7cd4ca4f18730d24c4a6201531d9eaeex000.xml: 29986 bytes
2018-10-22 18:05:18.943 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 7cd4ca4f18730d24c4a6201531d9eaeex000.xml: 32 ms
2018-10-22 18:05:18.943 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: af60c1bc45d64899efd40d5d35160f98x000.xml: 397 bytes
2018-10-22 18:05:18.943 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: af60c1bc45d64899efd40d5d35160f98x000.xml: 63 ms
2018-10-22 18:05:18.943 Update progress: [I19463] Product download size 2524614 bytes
2018-10-22 18:05:19.843 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 3d309a5b78519560b9c2773b396baf70x000.xml: 6015 bytes
2018-10-22 18:05:19.844 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 3d309a5b78519560b9c2773b396baf70x000.xml: 31 ms
2018-10-22 18:05:19.909 Update progress: [I19463] Syncing product IDE557 LATEST path=
2018-10-22 18:05:19.909 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ffd4051f090ebaf99e3586b906f19d1cx000.xml: 28997 bytes
2018-10-22 18:05:19.909 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ffd4051f090ebaf99e3586b906f19d1cx000.xml: 31 ms
2018-10-22 18:05:19.909 Update progress: [I19463] Product download size 3203880 bytes
2018-10-22 18:05:20.830 Update progress: [I19463] Syncing product IDE558 LATEST path=
2018-10-22 18:05:20.830 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 8b163510aacea41715aba6e86cab122ax000.xml: 6357 bytes
2018-10-22 18:05:20.830 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 8b163510aacea41715aba6e86cab122ax000.xml: 31 ms
2018-10-22 18:05:20.830 Update progress: [I19463] Product download size 790501 bytes
2018-10-22 18:05:21.291 Update progress: [I19463] Syncing product IDE559 LATEST path=
2018-10-22 18:05:21.291 Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f430c089bf466bb070b959d79391e4c2x000.xml: 124 bytes
2018-10-22 18:05:21.291 Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f430c089bf466bb070b959d79391e4c2x000.xml: 78 ms
2018-10-22 18:05:21.401 Installing updates...
2018-10-22 18:05:22.002 Error level 1
2018-10-22 18:05:32.404 Update successful
2018-10-22 18:05:41.452 Option all = no
2018-10-22 18:05:41.452 Option recurse = yes
2018-10-22 18:05:41.452 Option archive = no
2018-10-22 18:05:41.452 Option service = yes
2018-10-22 18:05:41.452 Option confirm = yes
2018-10-22 18:05:41.452 Option sxl = yes
2018-10-22 18:05:41.453 Option max-data-age = 35
2018-10-22 18:05:41.453 Option vdl-logging = yes
2018-10-22 18:05:41.457 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2018-10-22 18:05:41.457 Machine ID: e51fb666b1634f98814f72401141e497
2018-10-22 18:05:41.459 Component SVRTcli.exe version 2.7.0
2018-10-22 18:05:41.459 Component control.dll version 2.7.0
2018-10-22 18:05:41.459 Component SVRTservice.exe version 2.7.0
2018-10-22 18:05:41.459 Component engine\osdp.dll version 1.44.1.2420
2018-10-22 18:05:41.459 Component engine\veex.dll version 3.73.0.2420
2018-10-22 18:05:41.459 Component engine\savi.dll version 9.0.11.2420
2018-10-22 18:05:41.460 Component rkdisk.dll version 1.5.33.1
2018-10-22 18:05:41.460 Version info: Product version 2.7.0
2018-10-22 18:05:41.460 Version info: Detection engine 3.73.0
2018-10-22 18:05:41.460 Version info: Detection data 5.55
2018-10-22 18:05:41.460 Version info: Build date 18/09/2018
2018-10-22 18:05:41.460 Version info: Data files added 261
2018-10-22 18:05:41.461 Version info: Last successful update 22/10/2018 19:05:32

2018-10-22 19:47:25.581 Could not open C:\hiberfil.sys
2018-10-22 20:12:08.001 Could not open C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Current Session
2018-10-22 20:12:08.015 Could not open C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
2018-10-22 20:19:46.069 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2018-10-22 20:19:46.072 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2018-10-22 20:19:47.995 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2018-10-22 20:19:47.998 Could not open C:\Windows\System32\config\RegBack\SAM
2018-10-22 20:19:47.999 Could not open C:\Windows\System32\config\RegBack\SECURITY
2018-10-22 20:19:48.000 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2018-10-22 20:19:48.002 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2018-10-22 20:29:32.539 Could not open LOGICAL:0003:00000000
2018-10-22 20:51:11.900 >>> Virus 'Mal/Generic-S' found in file E:\descargas\cype2015n\Installation en français\Installer Serveur de dongles réseau.exe
2018-10-22 20:51:11.900 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-10-22 20:51:11.900 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-10-22 20:51:11.900 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2103
2018-10-22 20:51:11.900 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2103
2018-10-22 20:51:11.900 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2018-10-22 20:51:11.900 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-195718489-560072280-3497813212-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208
2018-10-22 21:13:18.154 Could not check E:\rae\CLASES\TEMARIO PFZ\ELENA-ALBERTO\REY\CORTOS\GRUPO EDUARDO\GRUPO 5-Idea Cortos\Primera\G5 -1º Idea.ppt (corrupt)
2018-10-22 21:18:24.901 The following items will be cleaned up:
2018-10-22 21:18:24.901 Mal/Generic-S
2018-10-22 22:14:42.501 Threat 'Mal/Generic-S' has been cleaned up.
2018-10-22 22:14:42.501 File "E:\descargas\cype2015n\Installation en français\Installer Serveur de dongles réseau.exe" belongs to malware 'Mal/Generic-S'.
2018-10-22 22:14:42.501 File "E:\descargas\cype2015n\Installation en français\Installer Serveur de dongles réseau.exe" has been cleaned up.
2018-10-22 22:14:42.501 Removal successful
2018-10-22 22:14:42.956 Error level 0
 

Broni

Malware Annihilator
Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

Update your Java version here: https://www.java.com/en/download/manual.jsp
Alternate download: https://www.filehippo.com/search?q=java

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

=================================================

Your computer is clean


1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC) and AdwCleaner weekly (you need to redownload these tools since they were removed by DelFix).

7. (optional) If you want to keep all your programs up to date, download and install FileHippo App Manager.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

8. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

9. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry3187642

10. Please, let me know, how your computer is doing.
 
  • Like
Reactions: Khasmir

Khasmir

TS Rookie
My computer is working perfectly. The problem completely disappeared following your instructions. Thank you very much for your help. I appreciate your time and efforts with this. I will do a donation for your valuable time and help this days.

Have a good day Broni!