¿ Browser.exe *32 es un virus?

Hola, foro. Sospecho que el Browser.exe *32 y otros que encontré en el Administrador de Tareas; como, el BrYNSvc.exe *32 y el ccavsrv.exe *32, me están ralentizando la PC.

Leí por ahí que el 1º es de un navegador vietnamita ( Coc Coc ). Los otros, no tengo ni idea.

Ya le pasé, además del antivirus ( Comodo Cloud ), el CCleaner, el Malwarebytes y el ADWcleaner. Pero, no me detectaron nada; salvo, el ADWcleaner, que me detectó un PUP.

Mi SO es el Windows 7 Ultimate x64.

Esto es un proceso de Comodo

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Si.

  • En la nueva ventana que se abre, presiona el botón Analizar y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Hola, Miguel. Gracias por contestar. Acá te mando lo que me pedís. A propósito, me dejó 3 archivos ( 1 FRST y 2 Addition ).

Acá, va el FRST…

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 06-06-2020
Ejecutado por Juan (administrador) sobre JUAN-PC (19-06-2020 19:53:58)
Ejecutado desde C:\Users\Juan\Desktop
Perfiles cargados: Juan
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: "C:\Users\Juan\AppData\Local\Kinza\Application\kinza.exe" -- "%1")
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Comodo Security Solutions -> Comodo) C:\Program Files\COMODO\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc. -> Comodo Inc.) C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\COMODO Cloud Antivirus\ccavsrv.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 Biblioteca Premium DVD\EDICT.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Juan\AppData\Local\Vivaldi\Application\update_notifier.exe
(YANDEX LLC -> YANDEX LLC) C:\Program Files (x86)\Yandex\YandexBrowser\20.6.1.151\service_update.exe <2>

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [CCAV] => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe [7462072 2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [3004440 2020-06-18] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\Run: [E09EXLRD_11158221] => C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 Biblioteca Premium DVD\EDICT.EXE [351000 2008-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\Run: [Vivaldi Update Notifier] => C:\Users\Juan\AppData\Local\Vivaldi\Application\update_notifier.exe [1859656 2020-06-12] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29072568 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-492065729-501448629-2822315028-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-16] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BootExecute: autocheck autochk * 

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0FE2556C-8FC7-4621-A6E0-53656A327BF4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-09] (Adobe Inc. -> Adobe)
Task: {117C5A17-40A4-4FC7-8941-68E84CB58D1A} - System32\Tasks\Opera scheduled assistant Autoupdate 1579514146 => C:\Program Files\Opera\launcher.exe [1517592 2020-06-10] (Opera Software AS -> Opera Software)
Task: {1719DF88-B192-4BDF-AF6B-72C8A49AA12A} - System32\Tasks\Opera scheduled Autoupdate 1525785882 => C:\Program Files\Opera\launcher.exe [1517592 2020-06-10] (Opera Software AS -> Opera Software)
Task: {20779AB4-1557-4FF4-9077-BCFA07DEF453} - System32\Tasks\Actualización del sistema del Navegador Yandex => C:\Program Files (x86)\Yandex\YandexBrowser\20.6.1.151\service_update.exe [1764248 2020-06-09] (YANDEX LLC -> YANDEX LLC)
Task: {277204F1-52F0-472A-82C8-4A4E36E3D96D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-09] (Adobe Inc. -> Adobe)
Task: {3E4505BC-4CF9-43B2-8759-1F8620527F9F} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {464CEAE7-574B-4D26-95E9-CA4A5221931C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-16] (Google Inc -> Google Inc.)
Task: {56C0EE67-826B-4DF5-AA10-00105B281714} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6C8761F4-F938-4DED-9237-0CDFE2734EBE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7FE616EE-3D03-485F-9705-BFCB59B7DDCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-16] (Google Inc -> Google Inc.)
Task: {80C91E35-574A-43D7-970F-319C498F37F8} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
Task: {8F5C3204-F97F-41F1-9022-3941406A46A4} - System32\Tasks\Reparación del Servicio de actualización del Navegador Yandex => C:\Program Files (x86)\Yandex\YandexBrowser\20.6.1.151\service_update.exe [1764248 2020-06-09] (YANDEX LLC -> YANDEX LLC)
Task: {A93FEB1B-316C-4D0A-8930-B05066E116CF} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {B1FE9306-21E3-4355-B754-EE8F29992023} - System32\Tasks\CCAVPostInstall => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe [7462072 2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
Task: {B86D9C3E-9332-4DF1-89C8-D848C81CA7D6} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D51DC4ED-9206-4E5D-8ECD-B941FD84CD4F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D74CEA7C-0AE8-4A9A-A0B4-D5C460C88931} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E49F0B92-52FD-4AD8-9058-15657B1848FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {FFA311E0-99FA-4922-A1BD-8119C177BE5D} - System32\Tasks\Actualización del Navegador Yandex => C:\Users\Juan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [3200920 2020-06-09] (YANDEX LLC -> YANDEX LLC)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\Actualización del Navegador Yandex.job => C:\Users\Juan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
Task: C:\Windows\Tasks\Actualización del sistema del Navegador Yandex.job => C:\Program Files (x86)\Yandex\YandexBrowser\20.6.1.151\service_update.exe
Task: C:\Windows\Tasks\Reparación del Servicio de actualización del Navegador Yandex.job => C:\Program Files (x86)\Yandex\YandexBrowser\20.6.1.151\service_update.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.13.1
Tcpip\..\Interfaces\{C5B11EF8-5BA9-43EA-9A1C-F73DE925F2E8}: [NameServer] 8.26.56.26,8.20.247.20
Tcpip\..\Interfaces\{C5B11EF8-5BA9-43EA-9A1C-F73DE925F2E8}: [DhcpNameServer] 192.168.13.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-492065729-501448629-2822315028-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-492065729-501448629-2822315028-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://bing.com/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

FireFox:
========
FF DefaultProfile: wfnixs5t.default
FF DefaultProfile: l8h7dsue.default
FF DefaultProfile: 7ibtrihw.default
FF ProfilePath: C:\Users\Juan\AppData\Roaming\Waterfox\Profiles\wfnixs5t.default [2020-06-19]
FF Homepage: Waterfox\Profiles\wfnixs5t.default -> ar.search.yahoo.com
FF Extension: (United States English Spellchecker) - C:\Users\Juan\AppData\Roaming\Waterfox\Profiles\wfnixs5t.default\Extensions\[email protected] [2018-05-07] [Heredado]
FF Extension: (Diccionario Español Argentina) - C:\Users\Juan\AppData\Roaming\Waterfox\Profiles\wfnixs5t.default\Extensions\[email protected] [2018-05-07] [Heredado]
FF Extension: (Tampermonkey) - C:\Users\Juan\AppData\Roaming\Waterfox\Profiles\wfnixs5t.default\Extensions\[email protected] [2020-06-17]
FF ProfilePath: C:\Users\Juan\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\l8h7dsue.default [2020-06-16]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\l8h7dsue.default -> bing.com
FF Extension: (British English) - C:\Users\Juan\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\l8h7dsue.default\Extensions\[email protected] [2019-12-23] [Heredado] [no firmado]
FF Extension: (Argentinian Spanish) - C:\Users\Juan\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\l8h7dsue.default\Extensions\[email protected] [2019-09-24] [Heredado] [no firmado]
FF Extension: (Español (AR) Language Pack) - C:\Users\Juan\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\l8h7dsue.default\Extensions\[email protected] [2020-06-11] [Heredado] [no firmado]
FF Extension: (Walnutty) - C:\Users\Juan\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\l8h7dsue.default\Extensions\[email protected] [2020-06-11] [Heredado] [no firmado]
FF ProfilePath: C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default [2020-06-19]
FF Homepage: Comodo\IceDragon\Profiles\7ibtrihw.default -> hxxps://www.ecosia.org/
FF Extension: (English United States Dictionary) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\@unitedstatesenglishdictionary.xpi [2020-02-02]
FF Extension: (Online Security Pro) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2019-09-03]
FF Extension: (Diccionario Español Argentina) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2020-06-12] [Heredado]
FF Extension: (Tampermonkey) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2020-06-10]
FF Extension: (Https Enforcement) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2019-03-15]
FF Extension: (Español (AR) Language Pack) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2020-06-12]
FF Extension: (Español (España) Language Pack) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\[email protected] [2019-03-14]
FF Extension: (Startpage.com — Búsquedas privadas) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-03]
FF Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2020-02-27]
FF Extension: (Media Downloader) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-03-15] [Heredado]
FF Extension: (ANIMATED AVIATOR SNOOPY) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{ac835a9d-b7cc-49d0-8854-4f4dffe03dd1}.xpi [2019-05-13]
FF Extension: (Ecosia, el buscador que planta árboles) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2020-06-11]
FF Extension: (NeoBux AdAlert) - C:\Users\Juan\AppData\Roaming\Comodo\IceDragon\Profiles\7ibtrihw.default\Extensions\{eb80b076-a444-444c-a590-5aee5d977d80}.xpi [2020-06-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-09] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-02-24] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-02-24] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default [2020-06-17]
CHR Notifications: Default -> hxxps://forospyware.com; hxxps://outlook.live.com
CHR HomePage: Default -> hxxp://google.com.ar/
CHR StartupUrls: Default -> "hxxp://google.com.ar/"
CHR Extension: (Presentaciones) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-16]
CHR Extension: (Email Notifier) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\akhfkpnhebiocdilofmaigoggiopgbbd [2019-07-14]
CHR Extension: (Documentos) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-16]
CHR Extension: (Google Drive) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-16]
CHR Extension: (YouTube) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-16]
CHR Extension: (Tampermonkey) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-06-16]
CHR Extension: (Hojas de cálculo) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-16]
CHR Extension: (Watcher for Yandex Mail™) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbahpfmknhllfegibbfdialakjagbdkl [2018-05-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-16]
CHR Extension: (The Simpsons Theme for Chrome) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaojbbngafehcppeijgefadcbjlfnoc [2018-05-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-16]
CHR Extension: (Gmail) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-16]

Opera: 
=======
OPR Extension: (Tampermonkey) - C:\Users\Juan\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2019-12-10]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\Juan\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2019-04-06]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [202752 2010-05-22] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Archivo no firmado]
R2 ccavsrv; C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe [7462072 2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
S3 ccavvirth; C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavvirth.exe [2858160 2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2651840 2019-04-11] (Comodo Security Solutions, Inc. -> COMODO)
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2973592 2020-04-06] (Comodo Security Solutions -> Comodo)
R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [2616792 2019-05-29] (Comodo Security Solutions, Inc. -> Comodo Inc.)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (Comodo Security Solutions, Inc. -> COMODO)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-09] (Malwarebytes Inc -> Malwarebytes)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2015-08-05] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
R2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\20.6.1.151\service_update.exe [1764248 2020-06-09] (YANDEX LLC -> YANDEX LLC)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [6368256 2010-05-22] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [188416 2015-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-06] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-08] (ASUSTeK Computer Inc. -> )
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6368256 2015-07-14] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2010-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-09] (EldoS Corporation -> /n software, Inc.)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2015-07-10] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider) [Archivo no firmado]
R0 cmdccav; C:\Windows\System32\drivers\CmdCCAV.sys [462272 2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [34280 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [867864 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [59096 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [126680 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [50576 2018-01-17] (Comodo Security Solutions, Inc. -> COMODO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-19] (ASUSTeK Computer Inc. -> )
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [237312 2020-02-19] (Oracle Corporation -> Oracle Corporation)
R3 vpnpbus; C:\Windows\System32\DRIVERS\vpnpbus.sys [18624 2016-09-09] (EldoS Corporation -> /n software, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-06-19 19:51 - 2020-06-19 19:53 - 000050155 _____ C:\Users\Juan\Desktop\Addition.txt
2020-06-19 19:48 - 2020-06-19 19:54 - 000028173 _____ C:\Users\Juan\Desktop\FRST.txt
2020-06-19 19:47 - 2020-06-19 19:54 - 000000000 ____D C:\FRST
2020-06-19 19:46 - 2020-06-19 19:46 - 002289152 _____ (Farbar) C:\Users\Juan\Desktop\FRST64.exe
2020-06-19 09:52 - 2020-06-19 09:53 - 008402608 _____ (Malwarebytes) C:\Users\Juan\Desktop\adwcleaner_8.0.5.exe
2020-06-12 11:43 - 2020-06-12 11:43 - 000005144 _____ C:\Users\Juan\AppData\Local\recently-used.xbel
2020-06-12 10:02 - 2020-06-12 10:02 - 000000901 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.20.lnk
2020-06-09 08:15 - 2020-06-09 08:15 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-08 22:59 - 2020-06-16 06:56 - 000000000 ____D C:\Users\Juan\AppData\Roaming\MPC-HC
2020-06-08 22:58 - 2020-06-13 18:17 - 000001748 _____ C:\Users\Juan\Desktop\MPC-HC x64.lnk
2020-06-08 22:57 - 2020-06-08 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2020-06-08 22:57 - 2020-06-08 22:58 - 000000000 ____D C:\Program Files\MPC-HC
2020-06-08 16:39 - 2020-06-08 16:40 - 647887104 _____ C:\Users\Juan\Desktop\Murder Mystery.mp4
2020-06-08 15:42 - 2020-06-08 15:44 - 1447888392 _____ C:\Users\Juan\Desktop\Thats My Boy.mp4
2020-05-26 12:06 - 2020-05-26 12:06 - 000001572 _____ C:\Users\Public\Desktop\LibreOffice 6.4.lnk
2020-05-26 12:06 - 2020-05-26 12:06 - 000001572 _____ C:\ProgramData\Desktop\LibreOffice 6.4.lnk
2020-05-22 13:06 - 2020-05-26 12:06 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.4

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-06-19 19:51 - 2018-08-06 16:37 - 000394205 _____ C:\Windows\system32\Drivers\ccavsfi.dat
2020-06-19 19:46 - 2013-10-14 10:28 - 000000000 ___RD C:\Users\Juan\Descargas
2020-06-19 19:43 - 2017-11-02 23:28 - 000107952 _____ C:\Users\Juan\AppData\Local\GDIPFONTCACHEV1.DAT
2020-06-19 19:21 - 2016-11-24 16:32 - 000000000 ____D C:\Users\Juan\AppData\LocalLow\Mozilla
2020-06-19 19:09 - 2020-04-05 00:10 - 000003428 _____ C:\Windows\system32\Tasks\Actualización del Navegador Yandex
2020-06-19 19:09 - 2020-04-05 00:10 - 000000440 _____ C:\Windows\Tasks\Actualización del Navegador Yandex.job
2020-06-19 19:07 - 2018-04-04 11:49 - 000000000 ____D C:\Users\Juan\AppData\LocalLow\Comodo
2020-06-19 18:10 - 2020-04-05 00:10 - 000000484 _____ C:\Windows\Tasks\Actualización del sistema del Navegador Yandex.job
2020-06-19 18:10 - 2020-04-05 00:10 - 000000448 _____ C:\Windows\Tasks\Reparación del Servicio de actualización del Navegador Yandex.job
2020-06-19 15:24 - 2017-02-03 11:16 - 000003970 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{B4D6B0E4-EDBA-4020-882C-26E1A856B43D}
2020-06-19 11:30 - 2018-05-07 08:14 - 000000000 ____D C:\Program Files\Waterfox
2020-06-19 10:22 - 2009-07-14 01:45 - 000030880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-19 10:22 - 2009-07-14 01:45 - 000030880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-19 10:14 - 2020-04-05 00:10 - 000003576 _____ C:\Windows\system32\Tasks\Actualización del sistema del Navegador Yandex
2020-06-19 10:14 - 2020-04-05 00:10 - 000003444 _____ C:\Windows\system32\Tasks\Reparación del Servicio de actualización del Navegador Yandex
2020-06-19 10:11 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-19 08:34 - 2017-11-03 07:02 - 000472064 _____ C:\Windows\system32\FNTCACHE.DAT
2020-06-18 11:46 - 2020-02-28 06:32 - 000004024 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1579514146
2020-06-17 12:33 - 2020-04-05 00:10 - 000002426 _____ C:\Users\Juan\Desktop\Yandex.lnk
2020-06-17 08:36 - 2018-05-08 10:17 - 000000000 ____D C:\Program Files\Opera
2020-06-16 10:17 - 2018-12-10 08:15 - 000002260 _____ C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kinza.lnk
2020-06-16 10:17 - 2018-12-10 08:15 - 000002223 _____ C:\Users\Juan\Desktop\Kinza.lnk
2020-06-16 10:17 - 2018-12-10 08:15 - 000000000 ____D C:\Users\Juan\AppData\Local\Kinza
2020-06-16 09:48 - 2018-05-16 22:54 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-16 08:21 - 2018-05-08 10:24 - 000003840 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1525785882
2020-06-16 06:57 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-06-16 06:52 - 2018-08-17 14:42 - 000000000 ____D C:\Users\Juan\AppData\Local\CrashDumps
2020-06-14 16:42 - 2019-01-16 20:16 - 000000000 ____D C:\Users\Juan\AppData\Roaming\vlc
2020-06-14 09:43 - 2020-04-26 16:49 - 000000000 ____D C:\Program Files\Slimjet
2020-06-13 21:19 - 2013-10-09 17:28 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-06-13 18:17 - 2019-01-16 20:14 - 000000915 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-06-13 18:17 - 2019-01-16 20:14 - 000000915 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-06-13 11:06 - 2020-04-23 09:50 - 000000374 _____ C:\Users\Juan\.vivaldi_reporting_data
2020-06-13 08:03 - 2020-01-07 12:09 - 001121280 ___SH C:\Users\Juan\Thumbs.db
2020-06-13 08:02 - 2018-03-15 21:02 - 000000000 ____D C:\Users\Juan\Películas
2020-06-13 08:02 - 2013-10-07 12:21 - 000000000 ____D C:\Users\Juan
2020-06-12 11:44 - 2018-05-03 23:14 - 000000000 ____D C:\Users\Juan\AppData\Local\babl-0.1
2020-06-12 11:43 - 2015-03-06 11:31 - 000000000 ____D C:\Users\Juan\AppData\Local\gtk-2.0
2020-06-12 07:57 - 2020-04-23 09:48 - 000000000 ____D C:\Users\Juan\AppData\Local\Vivaldi
2020-06-12 07:56 - 2020-04-23 09:49 - 000002300 _____ C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2020-06-12 07:56 - 2020-04-23 09:49 - 000002263 _____ C:\Users\Juan\Desktop\Vivaldi.lnk
2020-06-11 05:59 - 2019-09-24 09:41 - 000000000 ____D C:\Program Files\Pale Moon
2020-06-10 10:09 - 2014-12-01 20:21 - 000794024 _____ C:\Users\Juan\Desktop\Diarios.pdf
2020-06-09 20:57 - 2017-01-13 13:00 - 000004472 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-06-09 20:57 - 2016-12-23 20:46 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-06-09 20:57 - 2013-10-09 17:28 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-06-09 20:57 - 2013-10-09 17:28 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-09 20:57 - 2013-10-09 17:28 - 000000000 ____D C:\Windows\system32\Macromed
2020-06-09 19:57 - 2018-03-13 20:01 - 000004488 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-09 08:18 - 2020-05-06 08:02 - 000000975 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-06-09 08:18 - 2020-05-06 08:02 - 000000975 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-05-29 00:01 - 2018-12-08 05:41 - 011904474 _____ C:\Windows\system32\Drivers\fvBoxStore.dat
2020-05-26 12:04 - 2019-12-05 23:34 - 000000000 ____D C:\Program Files\LibreOffice
2020-05-24 19:31 - 2013-10-14 19:54 - 000000913 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2020-05-24 19:31 - 2013-10-14 19:54 - 000000913 _____ C:\ProgramData\Desktop\CPUID CPU-Z.lnk
2020-05-20 23:17 - 2011-04-12 06:10 - 000702282 _____ C:\Windows\system32\perfh00A.dat
2020-05-20 23:17 - 2011-04-12 06:10 - 000142150 _____ C:\Windows\system32\perfc00A.dat
2020-05-20 23:17 - 2009-07-14 02:13 - 001594636 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Archivos en la raíz de algunos directorios ========

2019-05-11 07:55 - 2019-02-11 08:56 - 005494976 _____ (COMODO) C:\ProgramData\cisC1A9.exe
2014-11-06 22:49 - 2015-05-16 18:14 - 000000096 _____ () C:\Users\Juan\AppData\Roaming\Camdata.ini
2014-11-06 22:49 - 2015-05-16 18:14 - 000000408 _____ () C:\Users\Juan\AppData\Roaming\CamLayout.ini
2014-11-06 22:49 - 2015-05-16 18:14 - 000000408 _____ () C:\Users\Juan\AppData\Roaming\CamShapes.ini
2014-11-06 22:49 - 2015-05-16 18:14 - 000004535 _____ () C:\Users\Juan\AppData\Roaming\CamStudio.cfg
2014-11-20 00:27 - 2014-11-20 00:27 - 000000000 _____ () C:\Users\Juan\AppData\Roaming\CamStudio.Producer.Data.ini
2014-11-20 00:27 - 2014-11-20 00:27 - 000001206 _____ () C:\Users\Juan\AppData\Roaming\CamStudio.Producer.ini
2014-11-06 22:49 - 2015-05-16 18:14 - 000000096 _____ () C:\Users\Juan\AppData\Roaming\version2.xml
2015-04-21 09:56 - 2015-04-21 09:58 - 000000513 _____ () C:\Users\Juan\AppData\Roaming\Weather Monitor_Settings.ini
2020-06-12 11:43 - 2020-06-12 11:43 - 000005144 _____ () C:\Users\Juan\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-06-16 14:40
==================== Final de FRST.txt ========================

Acá, va el Addition ( 1 )…

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-06-2020
Ejecutado por Juan (19-06-2020 19:51:57)
Ejecutado desde C:\Users\Juan\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-10-07 15:21:10)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-492065729-501448629-2822315028-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-492065729-501448629-2822315028-1006 - Limited - Enabled)
Invitado (S-1-5-21-492065729-501448629-2822315028-501 - Limited - Disabled)
Juan (S-1-5-21-492065729-501448629-2822315028-1000 - Administrator - Enabled) => C:\Users\Juan

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: COMODO Cloud Antivirus (Disabled - Up to date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106}
AS: COMODO Advanced Protection (Enabled - Up to date) {255FE707-DEDA-33CA-1986-80AAD408CE05}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Sandbox (Disabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}
FW: COMODO Firewall (Disabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7GIF (HKLM\...\{D27A1E28-51AD-4CB7-9AAD-11D8DDA3B619}_is1) (Version: 1.2.2.1298 - Xtreme-LAb®)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
ATI Catalyst Install Manager (HKLM\...\{2A13EF26-4D68-B2D7-A486-DBBD2FDE366B}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
BitTorrent (HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\BitTorrent) (Version: 7.10.3.44397 - BitTorrent Inc.)
Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation)
ccc-core-static (HKLM-x32\...\{8ADE5280-35CA-CF98-A456-F66B98C77244}) (Version: 2010.0210.2206.39615 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
COMODO Cloud Antivirus (HKLM-x32\...\{9E04F23D-3E2E-4A62-AEBF-8BC952465847}) (Version: 1.21.842.0 - COMODO) Hidden
COMODO Cloud Antivirus (HKLM-x32\...\COMODO Cloud Antivirus_list_uninstall) (Version: 1.21.465847.842 - COMODO)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 80.0.3987.163 - Comodo)
COMODO Firewall (HKLM\...\{E6B0FD8D-8799-441B-8734-B8A266C0C303}) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 65.0.2.15 - COMODO)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
FlashPeak Slimjet 64bit (HKLM\...\Slimjet) (Version: 26.0.4.0 - FlashPeak Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeekBuddy (HKLM\...\{3DA2EB59-FB68-4383-9A3B-B348521367C7}) (Version: 4.19.137 - Comodo Security Solutions Inc)
GIMP 2.10.20 (HKLM\...\GIMP-2_is1) (Version: 2.10.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HL-1210W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.3.438464.135 - Comodo)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Kinza (HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\Kinza) (Version: 6.3.2 - Los creadores de Kinza)
LibreOffice 6.4.4.2 (HKLM\...\{F00C391B-6092-40E7-9ECD-144933865571}) (Version: 6.4.4.2 - The Document Foundation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Encarta 2009 Biblioteca Premium (HKLM-x32\...\{09140081-2C94-4A67-8E55-8483C019C7D2}) (Version: 2009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Opera Stable 68.0.3618.165 (HKLM-x32\...\Opera 68.0.3618.165) (Version: 68.0.3618.165 - Opera Software)
Pale Moon 28.10.0 (x64 en-US) (HKLM\...\Pale Moon 28.10.0 (x64 en-US)) (Version: 28.10.0 - Moonchild Productions)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros Ethernet Utility (HKLM-x32\...\{FB686487-C637-4EEF-BCB1-C92463F2CC05}) (Version: 1.1.0.11 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vivaldi (HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\Vivaldi) (Version: 3.1.1929.34 - Vivaldi Technologies AS.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Waterfox Classic 56.3 (x64 en-US) (HKLM\...\Waterfox Classic 56.3 (x64 en-US)) (Version: 56.3 - Waterfox Ltd)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Yabasic (HKLM-x32\...\Yabasic) (Version: 2.86.8 - Marc Ihm)
Yandex (HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\YandexBrowser) (Version: 20.6.1.151 - YANDEX)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-492065729-501448629-2822315028-1000_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\Juan\AppData\Local\Kinza\Application\83.0.4103.106\notification_helper.exe (Dayz Inc.) [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-492065729-501448629-2822315028-1000_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> C:\Users\Juan\AppData\Local\Vivaldi\Application\3.1.1929.34\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
CustomCLSID: HKU\S-1-5-21-492065729-501448629-2822315028-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () [Archivo no firmado]
SSODL: EldosMountNotificator-cbfs6 - {03BE4784-AA33-4B3E-A449-750EB4E3BFF0} - C:\Windows\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {03BE4784-AA33-4B3E-A449-750EB4E3BFF0} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {03BE4784-AA33-4B3E-A449-750EB4E3BFF0} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {03BE4784-AA33-4B3E-A449-750EB4E3BFF0} => C:\Windows\SysWOW64\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {F6A46E65-4B74-4C96-9029-7BF8AA7010DF} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {F6A46E65-4B74-4C96-9029-7BF8AA7010DF} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-02-24] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Ningún archivo
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-02-10] (Advanced Micro Devices, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2017-03-03] (Fox Magic Software) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Simple EPUB Reader.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ojhbgcchcbdjdenibfmjofobklkkhofc
ShortcutWithArgument: C:\Users\Juan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4242a155fcc27c2b\FlashPeak Slimjet (64 bit).lnk -> C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Juan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\199cd564bdca96dc\FlashPeak Slimjet (64 bit).lnk -> C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2020-03-14 01:30 - 2009-02-27 16:38 - 000139264 ____R () [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2020-03-14 01:31 - 2018-01-18 15:39 - 000519168 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\BrMonitor.dll
2020-03-14 01:31 - 2017-12-22 12:53 - 000180224 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\BroSNMP.dll
2020-03-14 01:31 - 2018-01-18 15:39 - 000208896 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2020-03-14 01:31 - 2018-01-18 15:39 - 001720832 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2001-06-20 13:14 - 2001-06-20 13:14 - 000188416 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\itircl54.dll
2001-06-20 13:26 - 2001-06-20 13:26 - 000221184 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
2008-06-06 04:23 - 2008-06-06 04:23 - 000033792 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 Biblioteca Premium DVD\custsat.dll
2006-03-04 13:47 - 2006-03-04 13:47 - 000086016 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 Biblioteca Premium DVD\MSSPELL3.DLL
2013-11-18 00:00 - 2013-11-18 00:00 - 001093632 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiedu64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coinst.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpprefcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\gpscript.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IPSECSVC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pku2u.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\WLXPGSS.SCR:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ati2edxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10level9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fmcodec.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpprefcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpscript.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\olepro32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [32]
AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pku2u.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tbs.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\CFRMD.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\disk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [131]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 23:34 - 2019-04-04 14:21 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-492065729-501448629-2822315028-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.26.56.26 - 8.20.247.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall de Windows está deshabilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: Vivaldi Update Notifier => "C:\Users\Juan\AppData\Local\Vivaldi\Application\update_notifier.exe"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{968B54D6-76AF-49FF-B94F-EEA297E29C3C}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
FirewallRules: [{95B5C3AE-8BD2-47A3-8B8D-4BC0440B1073}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
FirewallRules: [{6D326E8F-6602-4BF8-A079-9F380C41F971}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
FirewallRules: [{519E0CBE-158B-415C-83AE-DD815A790884}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
FirewallRules: [{373D7BFA-BFAA-4D43-A602-6E0EBFFFC7F4}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
FirewallRules: [{F11C93B8-F06C-4F66-A4C4-21929278651E}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
FirewallRules: [{EAE4CBD4-9EC6-4C9A-AE81-2D3FD77C84D1}] => (Allow) C:\Users\Juan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC -> YANDEX LLC)
FirewallRules: [{5ADE2C06-F269-4BB6-A411-CD7371195CD5}] => (Allow) C:\Program Files\Opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{140A1082-DF71-48AD-B462-C2BED68710C6}] => (Allow) C:\Users\Juan\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [{C6EAC239-FC6E-436E-A6DC-0275D1283A6C}] => (Allow) C:\Program Files\Opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{753F9439-B946-482B-BE11-988CAB410328}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D21FC8CC-E4A3-41E6-BEC8-1A1F1700B4FC}] => (Allow) C:\Users\Juan\AppData\Local\Kinza\Application\kinza.exe (Dayz Corporation -> Dayz Inc.)
FirewallRules: [{7BA97E8D-9435-4874-BC83-5DAF68D1FF7A}] => (Allow) C:\Users\Juan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC -> YANDEX LLC)

==================== Puntos de Restauración =========================

16-06-2020 14:47:48 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/19/2020 10:14:03 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia   debido al siguiente error: La operación se completó correctamente.   0x0.

Error: (06/19/2020 10:13:58 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: No se puede inicializar la supervisión de rendimiento para el objeto Recopilador; no se cargaron los contadores o no se pudo abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Contexto: aplicación , catálogo SystemIndex

Error: (06/19/2020 10:13:57 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: No se puede inicializar la supervisión del rendimiento para el servicio Recopilador; no se cargaron los contadores o no se puede abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Error: (06/19/2020 08:35:27 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia   debido al siguiente error: La operación se completó correctamente.   0x0.

Error: (06/19/2020 08:35:15 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: No se puede inicializar la supervisión de rendimiento para el objeto Recopilador; no se cargaron los contadores o no se pudo abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Contexto: aplicación , catálogo SystemIndex

Error: (06/19/2020 08:35:14 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: No se puede inicializar la supervisión del rendimiento para el servicio Recopilador; no se cargaron los contadores o no se puede abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Error: (06/18/2020 08:05:17 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia   debido al siguiente error: La operación se completó correctamente.   0x0.

Error: (06/18/2020 08:05:09 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: No se puede inicializar la supervisión de rendimiento para el objeto Recopilador; no se cargaron los contadores o no se pudo abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Contexto: aplicación , catálogo SystemIndex


Errores del sistema:
=============
Error: (06/19/2020 10:09:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio isesrv se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/19/2020 10:09:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio COMODO IceDragon Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/19/2020 10:09:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Live ID Sign-in Assistant terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (06/19/2020 10:09:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio BrYNSvc se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/19/2020 10:09:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD External Events Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/19/2020 10:09:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio COMODO Dragon Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/19/2020 08:36:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Yandex.Browser Update Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (06/19/2020 08:36:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Yandex.Browser Update Service.


CodeIntegrity:
===================================

Date: 2019-12-01 11:18:22.013
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x86\.svn\text-base\lci_proxywddm.sys.svn-base porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:21.970
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x86\.svn\text-base\lci_proxywddm.sys.svn-base porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:21.918
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x64\.svn\text-base\lci_proxywddm.sys.svn-base porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:21.894
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x64\.svn\text-base\lci_proxywddm.sys.svn-base porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:16.455
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x86\lci_proxywddm.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:16.423
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x86\lci_proxywddm.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:16.323
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x64\lci_proxywddm.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:16.251
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x64\lci_proxywddm.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 1101 01/17/2013
Placa base: ASUSTeK Computer INC. M5A78L-M LX3
Procesador: AMD Athlon(tm) II X2 270 Processor
Porcentaje de memoria en uso: 66%
RAM física total: 3838.12 MB
RAM física disponible: 1301.57 MB
Virtual total: 7674.38 MB
Virtual disponible: 4416.16 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:278.09 GB) NTFS

\\?\Volume{ad258d42-2f38-11e3-af71-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 46678705)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Y, acá, va el otro Addition ( 2 )…

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-06-2020
Ejecutado por Juan (19-06-2020 19:55:09)
Ejecutado desde C:\Users\Juan\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-10-07 15:21:10)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-492065729-501448629-2822315028-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-492065729-501448629-2822315028-1006 - Limited - Enabled)
Invitado (S-1-5-21-492065729-501448629-2822315028-501 - Limited - Disabled)
Juan (S-1-5-21-492065729-501448629-2822315028-1000 - Administrator - Enabled) => C:\Users\Juan

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: COMODO Cloud Antivirus (Disabled - Up to date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106}
AS: COMODO Advanced Protection (Enabled - Up to date) {255FE707-DEDA-33CA-1986-80AAD408CE05}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Sandbox (Disabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}
FW: COMODO Firewall (Disabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7GIF (HKLM\...\{D27A1E28-51AD-4CB7-9AAD-11D8DDA3B619}_is1) (Version: 1.2.2.1298 - Xtreme-LAb®)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
ATI Catalyst Install Manager (HKLM\...\{2A13EF26-4D68-B2D7-A486-DBBD2FDE366B}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
BitTorrent (HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\BitTorrent) (Version: 7.10.3.44397 - BitTorrent Inc.)
Blender (HKLM\...\{B1DF3793-1651-4AE5-9CA0-E845DD8B526B}) (Version: 2.79.0 - Blender Foundation)
ccc-core-static (HKLM-x32\...\{8ADE5280-35CA-CF98-A456-F66B98C77244}) (Version: 2010.0210.2206.39615 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
COMODO Cloud Antivirus (HKLM-x32\...\{9E04F23D-3E2E-4A62-AEBF-8BC952465847}) (Version: 1.21.842.0 - COMODO) Hidden
COMODO Cloud Antivirus (HKLM-x32\...\COMODO Cloud Antivirus_list_uninstall) (Version: 1.21.465847.842 - COMODO)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 80.0.3987.163 - Comodo)
COMODO Firewall (HKLM\...\{E6B0FD8D-8799-441B-8734-B8A266C0C303}) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 65.0.2.15 - COMODO)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
FlashPeak Slimjet 64bit (HKLM\...\Slimjet) (Version: 26.0.4.0 - FlashPeak Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeekBuddy (HKLM\...\{3DA2EB59-FB68-4383-9A3B-B348521367C7}) (Version: 4.19.137 - Comodo Security Solutions Inc)
GIMP 2.10.20 (HKLM\...\GIMP-2_is1) (Version: 2.10.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HL-1210W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.3.438464.135 - Comodo)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Kinza (HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\Kinza) (Version: 6.3.2 - Los creadores de Kinza)
LibreOffice 6.4.4.2 (HKLM\...\{F00C391B-6092-40E7-9ECD-144933865571}) (Version: 6.4.4.2 - The Document Foundation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Encarta 2009 Biblioteca Premium (HKLM-x32\...\{09140081-2C94-4A67-8E55-8483C019C7D2}) (Version: 2009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Opera Stable 68.0.3618.165 (HKLM-x32\...\Opera 68.0.3618.165) (Version: 68.0.3618.165 - Opera Software)
Pale Moon 28.10.0 (x64 en-US) (HKLM\...\Pale Moon 28.10.0 (x64 en-US)) (Version: 28.10.0 - Moonchild Productions)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros Ethernet Utility (HKLM-x32\...\{FB686487-C637-4EEF-BCB1-C92463F2CC05}) (Version: 1.1.0.11 - Qualcomm Atheros Communications Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vivaldi (HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\Vivaldi) (Version: 3.1.1929.34 - Vivaldi Technologies AS.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Waterfox Classic 56.3 (x64 en-US) (HKLM\...\Waterfox Classic 56.3 (x64 en-US)) (Version: 56.3 - Waterfox Ltd)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Yabasic (HKLM-x32\...\Yabasic) (Version: 2.86.8 - Marc Ihm)
Yandex (HKU\S-1-5-21-492065729-501448629-2822315028-1000\...\YandexBrowser) (Version: 20.6.1.151 - YANDEX)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-492065729-501448629-2822315028-1000_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\Juan\AppData\Local\Kinza\Application\83.0.4103.106\notification_helper.exe (Dayz Inc.) [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-492065729-501448629-2822315028-1000_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> C:\Users\Juan\AppData\Local\Vivaldi\Application\3.1.1929.34\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
CustomCLSID: HKU\S-1-5-21-492065729-501448629-2822315028-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () [Archivo no firmado]
SSODL: EldosMountNotificator-cbfs6 - {03BE4784-AA33-4B3E-A449-750EB4E3BFF0} - C:\Windows\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {03BE4784-AA33-4B3E-A449-750EB4E3BFF0} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {03BE4784-AA33-4B3E-A449-750EB4E3BFF0} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {03BE4784-AA33-4B3E-A449-750EB4E3BFF0} => C:\Windows\SysWOW64\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {F6A46E65-4B74-4C96-9029-7BF8AA7010DF} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {F6A46E65-4B74-4C96-9029-7BF8AA7010DF} => C:\Windows\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-02-24] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Ningún archivo
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-02-10] (Advanced Micro Devices, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2017-03-03] (Fox Magic Software) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Simple EPUB Reader.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ojhbgcchcbdjdenibfmjofobklkkhofc
ShortcutWithArgument: C:\Users\Juan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4242a155fcc27c2b\FlashPeak Slimjet (64 bit).lnk -> C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Juan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\199cd564bdca96dc\FlashPeak Slimjet (64 bit).lnk -> C:\Program Files\Slimjet\slimjet.exe (FlashPeak Inc.) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2020-03-14 01:30 - 2009-02-27 16:38 - 000139264 ____R () [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2020-03-14 01:31 - 2018-01-18 15:39 - 000519168 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\BrMonitor.dll
2020-03-14 01:31 - 2017-12-22 12:53 - 000180224 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\BroSNMP.dll
2020-03-14 01:31 - 2018-01-18 15:39 - 000208896 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2020-03-14 01:31 - 2018-01-18 15:39 - 001720832 _____ () [Archivo no firmado] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2001-06-20 13:14 - 2001-06-20 13:14 - 000188416 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\itircl54.dll
2001-06-20 13:26 - 2001-06-20 13:26 - 000221184 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
2008-06-06 04:23 - 2008-06-06 04:23 - 000033792 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 Biblioteca Premium DVD\custsat.dll
2006-03-04 13:47 - 2006-03-04 13:47 - 000086016 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 Biblioteca Premium DVD\MSSPELL3.DLL
2013-11-18 00:00 - 2013-11-18 00:00 - 001093632 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiedu64.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\coinst.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpprefcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\gpscript.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IPSECSVC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pku2u.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\WLXPGSS.SCR:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ati2edxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10level9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fmcodec.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpprefcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpscript.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\olepro32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [32]
AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pku2u.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tbs.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\CFRMD.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\disk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [131]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 23:34 - 2019-04-04 14:21 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-492065729-501448629-2822315028-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Juan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.26.56.26 - 8.20.247.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall de Windows está deshabilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: Vivaldi Update Notifier => "C:\Users\Juan\AppData\Local\Vivaldi\Application\update_notifier.exe"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{968B54D6-76AF-49FF-B94F-EEA297E29C3C}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
FirewallRules: [{95B5C3AE-8BD2-47A3-8B8D-4BC0440B1073}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
FirewallRules: [{6D326E8F-6602-4BF8-A079-9F380C41F971}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
FirewallRules: [{519E0CBE-158B-415C-83AE-DD815A790884}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
FirewallRules: [{373D7BFA-BFAA-4D43-A602-6E0EBFFFC7F4}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
FirewallRules: [{F11C93B8-F06C-4F66-A4C4-21929278651E}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
FirewallRules: [{EAE4CBD4-9EC6-4C9A-AE81-2D3FD77C84D1}] => (Allow) C:\Users\Juan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC -> YANDEX LLC)
FirewallRules: [{5ADE2C06-F269-4BB6-A411-CD7371195CD5}] => (Allow) C:\Program Files\Opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{140A1082-DF71-48AD-B462-C2BED68710C6}] => (Allow) C:\Users\Juan\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [{C6EAC239-FC6E-436E-A6DC-0275D1283A6C}] => (Allow) C:\Program Files\Opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{753F9439-B946-482B-BE11-988CAB410328}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D21FC8CC-E4A3-41E6-BEC8-1A1F1700B4FC}] => (Allow) C:\Users\Juan\AppData\Local\Kinza\Application\kinza.exe (Dayz Corporation -> Dayz Inc.)
FirewallRules: [{7BA97E8D-9435-4874-BC83-5DAF68D1FF7A}] => (Allow) C:\Users\Juan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC -> YANDEX LLC)

==================== Puntos de Restauración =========================

16-06-2020 14:47:48 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/19/2020 10:14:03 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia   debido al siguiente error: La operación se completó correctamente.   0x0.

Error: (06/19/2020 10:13:58 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: No se puede inicializar la supervisión de rendimiento para el objeto Recopilador; no se cargaron los contadores o no se pudo abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Contexto: aplicación , catálogo SystemIndex

Error: (06/19/2020 10:13:57 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: No se puede inicializar la supervisión del rendimiento para el servicio Recopilador; no se cargaron los contadores o no se puede abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Error: (06/19/2020 08:35:27 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia   debido al siguiente error: La operación se completó correctamente.   0x0.

Error: (06/19/2020 08:35:15 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: No se puede inicializar la supervisión de rendimiento para el objeto Recopilador; no se cargaron los contadores o no se pudo abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Contexto: aplicación , catálogo SystemIndex

Error: (06/19/2020 08:35:14 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: No se puede inicializar la supervisión del rendimiento para el servicio Recopilador; no se cargaron los contadores o no se puede abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Error: (06/18/2020 08:05:17 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: No se pudo obtener la información del Registro del contador de rendimiento de WSearchIdxPi para la instancia   debido al siguiente error: La operación se completó correctamente.   0x0.

Error: (06/18/2020 08:05:09 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: No se puede inicializar la supervisión de rendimiento para el objeto Recopilador; no se cargaron los contadores o no se pudo abrir el objeto de memoria compartida. Esto sólo afecta a la disponibilidad de contadores del rendimiento. Reinicie el equipo.

Contexto: aplicación , catálogo SystemIndex


Errores del sistema:
=============
Error: (06/19/2020 10:09:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio isesrv se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/19/2020 10:09:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio COMODO IceDragon Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/19/2020 10:09:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Live ID Sign-in Assistant terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (06/19/2020 10:09:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio BrYNSvc se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/19/2020 10:09:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD External Events Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/19/2020 10:09:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio COMODO Dragon Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/19/2020 08:36:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Yandex.Browser Update Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (06/19/2020 08:36:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Yandex.Browser Update Service.


CodeIntegrity:
===================================

Date: 2019-12-01 11:18:22.013
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x86\.svn\text-base\lci_proxywddm.sys.svn-base porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:21.970
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x86\.svn\text-base\lci_proxywddm.sys.svn-base porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:21.918
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x64\.svn\text-base\lci_proxywddm.sys.svn-base porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:21.894
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x64\.svn\text-base\lci_proxywddm.sys.svn-base porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:16.455
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x86\lci_proxywddm.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:16.423
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x86\lci_proxywddm.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:16.323
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x64\lci_proxywddm.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2019-12-01 11:18:16.251
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files (x86)\Splashtop\Splashtop Wired XDisplay\Agent\Driver\win10\x64\lci_proxywddm.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 1101 01/17/2013
Placa base: ASUSTeK Computer INC. M5A78L-M LX3
Procesador: AMD Athlon(tm) II X2 270 Processor
Porcentaje de memoria en uso: 96%
RAM física total: 3838.12 MB
RAM física disponible: 142.19 MB
Virtual total: 7674.38 MB
Virtual disponible: 3128.9 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:278.1 GB) NTFS

\\?\Volume{ad258d42-2f38-11e3-af71-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 46678705)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Este proceso es del Yandex navegador, que tienes instalado y aparece en tus programas…lo instalaste tu??

Los otros procesos que mencionaste, son de Comodo como te dije y el otro de la impresora Brother

Ese navegador, si no lo quieres, lo desinstalas y esta…puedes usar Revo

Descarga e instalas >> Revo Uninstaller | InfoSpyware

Luego, segun manual de Revo >> http://www.forospyware.com/t243205.html, desinstalas el / los programas indicados, seleccionando cuando lo indique Revo, el Modo Avanzado

Marcas NOMBRE PROGRAMA y pulsas desinstalar en el menu de Revo, en Modo Avanzado

Cuando lo hagas, se iniciara el desinstalador de NOMBRE DE PROGRAMA y al finalizar (si alguno te pide reiniciar, pulsas en NO o Cancelar y continuas con Revo), realizas:

  • Pulsas Analizar en Revo, para que analice los restos del programa

  • Pulsas seleccionar todo, para eliminar restos del registro

  • Pulsas borrar todo

  • Pulsas siguiente

  • Pulsas seleccionar todo, para eliminar, si hay, carpetas

  • Pulsas borrar todo

  • Pulsas finalizar

Alguna duda mas?

Ahh… Así, que, era del Yandex. Sí, ese navegador lo instalé yo mismo. Lo que pasa es que nunca lo había visto ese proceso. Bueno, voy a ver qué voy a hacer, porque, este navegador es uno de los mejorcitos.

Entonces, damos por terminado.

Muchas gracias, Miguel, por tu tiempo. Será hasta la próxima.

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.