Auto itv3 script beta

kamy · 30 Diciembre, 2019 08:53

buenos dias

he estado buceando a ver como se puede eliminar este malware y he visto varios tutoriales diferentes. uno de ellos comenta quen alguien de la comunidad debe ayudarte con los registros del programa FRST64 y devolverlos corregidos, o eso me parecio entender. la verdad es que no estoy muy puesto en estos temas. alguien podria echarme una mano con los registros?

muchas gracias de antemano.

Daniela · 30 Diciembre, 2019 09:10

Hola @kamy

De los temas quehas visto has realizado algún paso previo a FRST?

Un saludo

kamy · 30 Diciembre, 2019 13:08

No, como te comente estoy muy verde en el tema, vi un post solucionado donde decia que habia que descargarse el frst64 y el delfix y enviar los registros al alguien que pueda ayudarte por que no valen los registros de un ordenador a otro.

Daniela · 30 Diciembre, 2019 13:38

Hola

Entonces, antes de utilizar FRST, vamos a realizar otros análisis.

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

Realiza un Análisis personalizado, actualizando si te lo pide.
Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del manual Historial de detecciones encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
Cierra también todos los programas que tengas abiertos.
Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

Instala Ccleaner
Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

kamy · 31 Diciembre, 2019 16:40

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 30/12/19
Hora del análisis: 22:50
Archivo de registro: 68d505fc-2b4e-11ea-ae34-705ab6201ecf.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.785
Versión del paquete de actualización: 1.0.16995
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: oscar-PC\oscar

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 294579
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 47 min, 12 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 1
Adware.PremierOpinion, C:\PROGRAM FILES (X86)\PREMIEROPINION, En cuarentena, 2283, 729333, 1.0.16995, , ame, 

Archivo: 1
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\shfscp.dat, En cuarentena, 2283, 729333, , , , 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 30/12/19
Hora del análisis: 22:50
Archivo de registro: 68d505fc-2b4e-11ea-ae34-705ab6201ecf.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.785
Versión del paquete de actualización: 1.0.16995
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: oscar-PC\oscar

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 294579
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 47 min, 12 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 1
Adware.PremierOpinion, C:\PROGRAM FILES (X86)\PREMIEROPINION, En cuarentena, 2283, 729333, 1.0.16995, , ame, 

Archivo: 1
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\shfscp.dat, En cuarentena, 2283, 729333, , , , 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

sigue igual de lento, el led del hdd esta encendido permanentemente.

kamy · 31 Diciembre, 2019 16:41

   # -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build:    12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-31-2019
# Duration: 00:01:04
# OS:       Windows 7 Home Premium
# Cleaned:  188
# Failed:   2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\DiskP
Deleted       C:\Program Files (x86)\LetsSee!
Deleted       C:\Users\oscar\AppData\LocalLow\.acestream
Deleted       C:\Users\oscar\AppData\Local\DriverToolkit
Deleted       C:\Users\oscar\AppData\Local\YSearchUtil
Deleted       C:\Users\oscar\AppData\Roaming\IOBIT\Driver Booster
Deleted       C:\Users\oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
Deleted       C:\Users\oscar\AppData\Roaming\Softlink
Deleted       C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Deleted       C:\Windows\System32\SSL
Deleted       C:\_acestream_cache_
Not Deleted   C:\Users\oscar\AppData\Roaming\.acestream
Not Deleted   C:\Users\oscar\AppData\Roaming\acestream

***** [ Files ] *****

Deleted       C:\Users\oscar\AppData\Roaming\Installer.dat

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\SOFTWARE\399631A5826D127E9B29919D37BB6B28
Deleted       HKCU\SOFTWARE\Classes\Applications\ace_player.exe
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{172DE8BA-14A2-46C0-9E25-C666C7E8289}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{181F639F-E261-4083-9269-E213A5C82F15}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2366FD3B-B7CF-4395-AE79-70B45A49C}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27834AE5-8F5F-4488-B161-5B1DE248CBB}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30B4DD3D-8B21-4368-A4E0-E5E11D1C56ED}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{319F9E4D-8A87-403D-85D0-FB2D3254E083}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31F6925D-1FAF-4BDC-8394-8A622AFBF628}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32C2B024-E0C2-4C19-9383-F24B918CB0DD}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38C47D19-5876-4F9A-80BA-E474412E8F65}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BC8054B-4F9A-4103-8AF1-0A723FC22B}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CD61BCC-57C8-4782-8747-9AF853D19D2C}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42A89B47-40D4-4DCB-964F-542593B3AAAA}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48C83137-2125-4EE7-824-8113E9185AD}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F8C166F-F986-4967-B2D0-ADCFB3DF1515}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55FC53BF-727C-47CF-A54A-3BDE652FC5}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63CEF99B-C03D-44F6-8DA6-D8E83B6DA25}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{671AF939-1C53-4B99-8950-D9FE7F65B552}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EFCA0B9-EA2E-419E-935-FD81E4E75A1E}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AF460C-9B05-4CEE-AFBF-C1F53FD74F4}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BA36331-E308-41C5-9B7-53EB26C59A45}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80FBDDB4-8DBC-4359-9A42-B29E17E7A03D}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{845DD59A-FE0A-4540-9694-46A015E22941}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B5F65C5-A34-46B5-BAFE-BBF7D3811063}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C64D75F-3F40-47C1-AB95-58D2DA6516A}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EF1C5D-B19F-481D-8619-DE51B699FD66}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{916ADD62-9C85-4065-B1A4-174EBE4DE4E2}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{961E73A9-4293-43D2-AE9A-97E85CBCE12}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{964931ED-79ED-46DD-9CCD-1A2DD87C56D7}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9981D139-486F-4349-9C78-71E93752E73}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A163D44B-C38E-4F66-84D8-FBE9E73DA9B}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1CBB82-98F5-4B4A-81EB-F62ECED8A279}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4086271-4085-45C6-AACC-3519F337BAD1}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A942EB5A-16F8-4511-9D3B-9ABBAF6C2D8}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC889AC-9415-44C8-844C-4ABE1E8A1238}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFE0EBA9-8CAD-42DA-9A48-7FECBDF5444}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B28075C8-3D02-4289-9244-FC1A8805410}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B34ADC28-67B2-4E9C-B629-329542C7FFC9}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7A7EEDE-C861-4D0B-B16D-E41211E9AD4A}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA1B34C9-9686-47F9-801D-6EE7C5F0E757}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBFB5990-AE59-43D0-A186-B6AEA7D5E214}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEA0D19F-62D9-410F-933A-7194E17ECF75}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4CBC894-CEEC-4FF9-9C12-939111C4A454}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C614089B-7E1A-4DB7-A41C-1F025EAFBBA}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C95529EE-68CE-42A7-925A-33CFE92B7C93}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C97BC582-57BE-4544-BC4-CA8D413EBCC8}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB183BEA-2736-4B6D-A41A-10CB8729889A}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCFFCD11-6BD4-4DEF-B51D-E2292B6D886}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF55C8F5-E526-4918-8494-A5D9DA32717}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D08AAEC8-E401-4A9D-A880-B83B8C55DEA3}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D257878B-CCF6-47ED-8E20-FD27F7C5D68C}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D55A00A-B691-4AB9-B6A0-FEC1DA7BDB}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D71D5AE3-60B3-4A39-8E78-D055C73C1769}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBE2A927-CA7B-459A-8941-9B896043AF2}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDF4909-21B5-4F96-A31B-D79C391B47A}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DECC8E02-A16A-4907-8588-433D47D45F1}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF9B82BD-3E38-4170-9352-256944B61EC}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E17C7AC8-9B16-40AC-B7C9-22759AE7BA3}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DE1C71-9FFF-45A1-828B-AB5933C8E7A1}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E85C070D-854F-4DE5-8B2D-FF69CB4EF7E}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F77C11A3-D2FF-456F-9540-D5E279EB1B22}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9CEF3C3-A360-4FC1-A43E-9330BA7D337D}
Deleted       HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBD128D1-A67F-4391-811A-1051EBFCAFF}
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Deleted       HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Deleted       HKCU\Software\AceStream
Deleted       HKCU\Software\AutoTime
Deleted       HKCU\Software\Classes\.acelive
Deleted       HKCU\Software\Classes\.acemedia
Deleted       HKCU\Software\Classes\.acestream
Deleted       HKCU\Software\Classes\.tslive
Deleted       HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream
Deleted       HKCU\Software\Classes\DVD\shell\PlayWithACEStream
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\MediaPlayerplus
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
Deleted       HKCU\Software\Classes\acestream
Deleted       HKCU\Software\DAILYPCCLEAN
Deleted       HKCU\Software\Event Monitor
Deleted       HKCU\Software\Installer
Deleted       HKCU\Software\Microsoft\Tinstalls
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Deleted       HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted       HKCU\Software\PC
Deleted       HKCU\Software\PCPRJ
Deleted       HKCU\Software\PopWnd
Deleted       HKCU\Software\RegisteredApplications|AceStream
Deleted       HKCU\Software\SNDA
Deleted       HKCU\Software\UpgSvr
Deleted       HKCU\Software\VideoBox
Deleted       HKCU\Software\Vittalia
Deleted       HKCU\Software\csastats
Deleted       HKLM\SOFTWARE\399631A5826D127E9B29919D37BB6B28
Deleted       HKLM\SOFTWARE\Classes\*\shell\Add event reminder
Deleted       HKLM\SOFTWARE\Classes\AppID\QZipShell.DLL
Deleted       HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted       HKLM\SOFTWARE\Classes\DesktopBackground\Shell\Add event reminder
Deleted       HKLM\SOFTWARE\Classes\Directory\Background\shell\Add event reminder
Deleted       HKLM\SOFTWARE\Classes\Directory\shell\Add event reminder
Deleted       HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\KuaiZipShlExt
Deleted       HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\KuaiZipShlExt
Deleted       HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted       HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted       HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{343839E3-1933-4171-BD91-F038071D906E}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterObject
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost|WINSNARE
Deleted       HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj
Deleted       HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|KuaiZip Shell Extension
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7B492B5F-2BFD-4965-9D08-723D096B1D9F}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{82F141BB-A9E0-4518-A884-BAACEE64EEBF}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{99BC8982-3E4C-48ED-9C90-F1F1DB4EE10F}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A1F1D009-2DF4-4DD5-AAAE-21ABB3D61E74}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A9F18D4F-86F3-4340-8A43-78CFCC57A82E}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AD2FCD5A-9DB0-483F-908F-0FFDC099125E}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AF687B48-4855-4CCE-9943-9220B3D31B50}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D7C84B08-5DA6-44E8-B521-0D971EFB6D23}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DDBCC70A-E593-4484-834B-4F200A285097}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DEF8597D-59E3-4511-8267-A854FA1044E6}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F4F5EFDD-7D0E-4EC3-A4D4-4211E24F58C7}
Deleted       HKLM\Software\Classes\.acestream
Deleted       HKLM\Software\Classes\AppID\{9CC34070-3A38-4C7A-89CB-EF8177EF07A1}
Deleted       HKLM\Software\Classes\Interface\{5582B980-DB2C-4894-9DC1-B9678ADD286D}
Deleted       HKLM\Software\Classes\Interface\{C8B797A0-024C-4D90-80F5-4CCC0988013A}
Deleted       HKLM\Software\Classes\Interface\{ED87E2F4-838D-46BA-BFD9-DFA28310934B}
Deleted       HKLM\Software\Classes\TypeLib\{4511A7B0-96B2-47A7-84AB-FB76078EA007}
Deleted       HKLM\Software\InterSect Alliance
Deleted       HKLM\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted       HKLM\Software\Wow6432Node\399631A5826D127E9B29919D37BB6B28
Deleted       HKLM\Software\Wow6432Node\Event Monitor
Deleted       HKLM\Software\Wow6432Node\MaxPower
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|C:\Program Files (x86)\Freeven pro\Freeven pro-nova.exe
Deleted       HKLM\Software\Wow6432Node\OtherSearch
Deleted       HKLM\Software\Wow6432Node\PC
Deleted       HKLM\Software\Wow6432Node\PCPRJ
Deleted       HKLM\Software\Wow6432Node\ScreenShot
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\QZipShell.DLL
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{9CC34070-3A38-4C7A-89CB-EF8177EF07A1}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{5582B980-DB2C-4894-9DC1-B9678ADD286D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{C8B797A0-024C-4D90-80F5-4CCC0988013A}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{ED87E2F4-838D-46BA-BFD9-DFA28310934B}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{4511A7B0-96B2-47A7-84AB-FB76078EA007}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Svchost|WinSAPSvc
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Svchost|kuaizipupdatesvc
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D}
Deleted       HKLM\Software\Wow6432Node\msServer
Deleted       HKU\.DEFAULT\Software\ByteFence
Deleted       HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\MediaPlayerplus
Deleted       HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted       HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
Deleted       HKU\.DEFAULT\Software\UpgSvr
Deleted       HKU\S-1-5-18\Software\ByteFence
Deleted       HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\MediaPlayerplus
Deleted       HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted       HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
Deleted       HKU\S-1-5-18\Software\UpgSvr
Deleted       HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Deleted       HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [23365 octets] - [31/12/2019 11:57:13]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

sigue igual

kamy · 31 Diciembre, 2019 16:45

En el inicio de windows sigo teniendo esta aplicacion Auto itv3 script beta

Daniela · 31 Diciembre, 2019 16:47

Hola

El análisis con Malwarebytes te indiqué análisis personalizado e hiciste de amenazas.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer, pulsamos Yes
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

kamy · 31 Diciembre, 2019 17:42

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 28-12-2019
Ejecutado por oscar (administrador) sobre OSCAR-PC (Packard Bell EasyNote LJ75) (31-12-2019 18:04:24)
Ejecutado desde C:\Users\oscar\Desktop
Perfiles cargados: oscar (Perfiles disponibles: oscar)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Opera)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Chicony Electronics Co., Ltd. -> ) C:\Windows\snuvcdsm.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera_crashreporter.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-06-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [27184 2017-10-11] (Chicony Electronics Co., Ltd. -> )
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2016-08-04] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [2774040 2019-12-19] (Opera Software AS -> Opera Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\Run: [AceStream] => C:\Users\oscar\AppData\Roaming\ACEStream\engine\ace_engine.exe [27960 2018-08-23] (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\Run: [eceb1442] => C:\ProgramData\Intel\Wireless\2bf01e9\dccfdjc.exe [943784 2019-12-31] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: H - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {209c3f9a-486c-11e7-9124-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {2714fd2d-711b-11e7-a203-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {2714fd46-711b-11e7-a203-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {415fbe61-27a6-11e8-939f-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {415fbe6b-27a6-11e8-939f-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {518907fd-e52d-11e8-9bd7-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {60202315-37c1-11e7-adfe-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {61ab7fde-9b00-11e7-9723-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {6455bf08-c296-11e8-b275-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {72ab1751-1985-11e8-ba24-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {7a8eeb13-b4ee-11e7-bc8f-705ab6201ecf} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {9f49f5c4-5352-11e8-a8ad-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {9f49f5d2-5352-11e8-a8ad-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {ab005065-874f-11e7-9555-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {b75db9c0-400d-11e3-b8ee-705ab6201ecf} - H:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B03 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {c339b720-408a-11e8-a8d9-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {d85e9a71-d81f-11e5-befe-705ab6201ecf} - I:\autorun.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {dd1af201-aa50-11e5-abc6-705ab6201ecf} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {df0439a0-3c20-11e8-acb5-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {e53991e1-ee23-11e6-a99c-705ab6201ecf} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {eb1f379a-a2e4-11e7-97aa-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {eb99389a-3973-11e6-b820-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {f9906010-3ce6-11e3-8183-806e6f6e6963} - D:\wubi.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-22] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{07AA0886-CC8D-4e19-A410-1C75AF686E62}] -> C:\Windows\System32\l2nacp.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{33c86cd6-705f-4ba1-9adb-67070b837775}] -> C:\Windows\System32\l2nacp.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{edd749de-2ef1-4a80-98d1-81f20e6df58e}] -> C:\Windows\System32\l2nacp.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0207C9D8-DC04-496D-B102-9B41CF8DF2B9} - \{080D7F47-7A0F-0D0F-7911-7A797E7F1109} -> Ningún archivo <==== ATENCIÓN
Task: {14200FE3-4996-416F-9603-3A81C5BB8DF1} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {143A0CF6-CF0E-42A2-B79D-2A87A49B2DDB} - System32\Tasks\Opera scheduled Autoupdate 1496964011 => C:\Program Files\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {148CCB23-F627-4D3D-9594-307480E9962E} - System32\Tasks\µTorrent® Update_1 => C:\Users\oscar\AppData\Roaming\uTorrent\uTorrent.exe [2005224 2019-11-11] (BitTorrent Inc -> BitTorrent Inc.)
Task: {27BE5358-2E27-481D-93D9-37F2443207EA} - System32\Tasks\{0AB1AE3F-1F5E-4562-A8BF-4566918940CF} => C:\Windows\system32\pcalua.exe -a C:\Users\oscar\AppData\Local\Temp\Temp2_Piano_Electronico_2.5.zip\PianoElectronico25.exe <==== ATENCIÓN
Task: {2C94A012-13C2-44D4-A90C-7CD43114FE83} - System32\Tasks\{9FBC69BA-2596-4D67-A77E-4A340A926A46} => C:\Windows\system32\pcalua.exe -a C:\Users\oscar\AppData\Local\Temp\scoped_dir7616_12615\wlsetup-web.exe -d C:\Users\oscar\AppData\Local\Temp\scoped_dir7616_12615 <==== ATENCIÓN
Task: {31DE0BF0-32F2-40F9-8AF1-351F7564F211} - System32\Tasks\{14685AA5-BD2D-4BA7-AF07-B2C59FECD20F} => C:\Users\oscar\AppData\Roaming\uTorrent\uTorrent.exe [2005224 2019-11-11] (BitTorrent Inc -> BitTorrent Inc.)
Task: {32599C5A-402C-4E25-B2D9-94E019A71438} - System32\Tasks\Chameleon Folder-oscar => "C:\Program Files (x86)\Chameleon Explorer\ChameleonFolder.exe" 
Task: {3CB32AB6-0017-4683-AE96-0D12ECDC9B22} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-10] (Adobe Inc. -> Adobe)
Task: {486A4CFA-F1F5-4BED-8858-A38C953882CF} - System32\Tasks\Opera scheduled assistant Autoupdate 1577010415 => C:\Program Files\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {59922009-3945-4191-83A8-7D3A0B31DCA4} - System32\Tasks\Coodierzary Agent => C:\Program Files (x86)\Qejisyfank\xckqsh.exe
Task: {5D05E3A6-798D-45EE-8681-FE037A2238E0} - \Nmolevuperward -> Ningún archivo <==== ATENCIÓN
Task: {739F0471-1B7B-4F20-9B8B-9B8CB60EEB0D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {73E5285B-7396-4C24-A4DE-1356A688F572} - System32\Tasks\{8FBA63B0-E869-48A4-B694-C69D791C8C41} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {7C4D31A6-4DAD-4309-A0C1-FC19BEB545BF} - System32\Tasks\{20452D70-04A6-4225-A89D-06E2AF86C15B} => C:\Windows\system32\pcalua.exe -a C:\Users\oscar\AppData\Local\Temp\Temp1_Audio_Realtek_6.0.1.6971.zip\Audio_Realtek_6.0.1.6971\Setup.exe <==== ATENCIÓN
Task: {882F433A-424A-40CD-B873-6D18BC592BA0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {8B09949A-DDCA-4FF3-B4C5-24FE580D6B92} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-10] (Adobe Inc. -> Adobe)
Task: {9669300F-EF6C-41CB-BD8E-D8028B707A01} - System32\Tasks\{CD454FF5-6DFE-4B2C-A8FE-223EAFAF0DBC} => C:\Windows\system32\pcalua.exe -a C:\Users\oscar\AppData\Roaming\awesomehp\UninstallManager.exe
Task: {AE46848D-59D2-40DF-9E2D-0F57F37D719E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-16] (Google Inc -> Google Inc.)
Task: {C06A91D1-007B-4A64-A8F5-5F4A333D3815} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-10] (Adobe Inc. -> Adobe)
Task: {D22ACF9A-5241-41F0-AFCD-B03DB6BE2AC8} - System32\Tasks\Shibusypercight Update => C:\Program Files (x86)\Reawerghtraserph\xtivigh.exe [1020960 2017-03-04] (Glarysoft LTD -> Glarysoft Ltd)
Task: {DF635F96-D738-4B51-9221-C6B2F4EDA8F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-16] (Google Inc -> Google Inc.)
Task: {F0C19836-C420-4C34-8A71-F120299306B5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{2F4013D4-A8E4-4FA3-9B09-897EB152F855}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{452F96D4-FA58-43A0-A07C-A0981604478A}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{56DF8834-799B-4BC9-9B6B-DAEDA523ADC1}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{56DF8834-799B-4BC9-9B6B-DAEDA523ADC1}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{FCCBC567-9421-446F-A193-4D1525AF4950}: [DhcpNameServer] 80.58.61.250 80.58.61.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3960760090-272548860-3204049404-1000 -> DefaultScope {778B9596-A1B3-4351-96BD-38672AAB8346} URL = 
SearchScopes: HKU\S-1-5-21-3960760090-272548860-3204049404-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
SearchScopes: HKU\S-1-5-21-3960760090-272548860-3204049404-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = 
SearchScopes: HKU\S-1-5-21-3960760090-272548860-3204049404-1000 -> {E00B2122-2F01-4D88-82ED-490C21CB3C43} URL = hxxps://es.search.yahoo.com/search?p={searchTerms}&intl=es&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\oscar\AppData\Roaming\Mozilla\Firefox\Profiles\wku027uv.default [2019-12-31]
FF Homepage: Mozilla\Firefox\Profiles\wku027uv.default -> hxxps://www.google.com
FF HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\oscar\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\oscar\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-23] (Nullsoft, Inc.) [Archivo no firmado]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-16] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-16] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3960760090-272548860-3204049404-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\oscar\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies)

Chrome: 
=======
CHR Profile: C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default [2019-12-31]
CHR Extension: (Presentaciones) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-16]
CHR Extension: (Documentos) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-16]
CHR Extension: (Google Drive) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-16]
CHR Extension: (YouTube) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-16]
CHR Extension: (Adobe Acrobat) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-12]
CHR Extension: (Hojas de cálculo) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-22]
CHR Extension: (Ace Script) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-03-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24]
CHR Extension: (Gmail) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-04]
CHR Extension: (Chrome Media Router) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-24]
CHR HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
OPR Notifications: hxxps://1337x.to; hxxps://es.priclist.com; hxxps://es.savefrom.net; hxxps://forospyware.com; hxxps://freeadult.games; hxxps://gretaith.com; hxxps://perfumeria.com; hxxps://sendmepush.com; hxxps://suaningrebtersed.info; hxxps://tmearn.com; hxxps://torrentmn.ucoz.org; hxxps://untinuedera.club; hxxps://vercanalestv1.com; hxxps://vertelevision.tv; hxxps://web.wallapop.com; hxxps://www.adslzone.net; hxxps://www.autodoc.es; hxxps://www.elcorreo.com; hxxps://www.facebook.com; hxxps://www.fulltv.com.mx; hxxps://www.labombadenavidad.es; hxxps://www.softonic.com; hxxps://www.youtube.com; hxxps://www1.bethanyharrell.pro; hxxps://www84.zippyshare.com
OPR Extension: (Magneton) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\aijploakdabpnahkgkgcinghcejgbnhe [2019-11-11]
OPR Extension: (Translator) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2019-08-22]
OPR Extension: (Flash Video Downloader (FVD)) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\neacgcjokggofibnbfapeaejhclmpple [2017-11-15]
OPR Extension: (SaveFrom.net helper) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-12-22]
OPR Extension: (Edit This Cookie) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\ppmhhincfabcahokokgpdcckmjghpian [2018-11-21]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-11-19] (Mixbyte Inc -> Freemake)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [17784 2019-05-29] (Mixbyte Inc -> Ellora Assets Corp.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-30] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-17] (Intel Corporation -> )
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-17] (Intel Corporation -> Intel® Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21622784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [665088 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2017-10-11] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-03-04] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-03-04] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 EZUSB; C:\Windows\System32\DRIVERS\ezusb64.sys [45584 2016-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Castles Technology Co.,Ltd)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [69320 2009-10-22] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [84808 2009-10-22] (Future Technology Devices International Ltd -> FTDI Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2016-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
S3 massfilter_hs; C:\Windows\System32\DRIVERS\massfilter_hs.sys [20232 2012-06-08] (ZTE CORPORATION -> HandSet Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2019-12-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2019-12-31] (Malwarebytes Inc -> Malwarebytes)
S3 MEIHII; C:\Windows\System32\DRIVERS\MEI_HII.sys [46592 2012-10-26] (MEI Inc.) [Archivo no firmado]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2006-10-02] (Padus, Inc.) [Archivo no firmado]
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [752856 2015-06-22] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [424384 2018-06-02] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31984 2013-07-30] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1801088 2009-09-10] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz134; \??\C:\Users\oscar\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATENCIÓN
S3 DSDrv4; \??\C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys [X]
S1 hvmopkzn; \??\C:\Windows\system32\drivers\hvmopkzn.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

kamy · 31 Diciembre, 2019 17:42

==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2019-12-31 18:04 - 2019-12-31 18:15 - 000032026 _____ C:\Users\oscar\Desktop\FRST.txt
2019-12-31 12:54 - 2019-12-31 17:10 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-12-31 12:51 - 2019-12-31 12:51 - 000003288 ____N C:\bootsqm.dat
2019-12-30 22:49 - 2019-12-31 11:57 - 000000000 ____D C:\AdwCleaner
2019-12-30 22:45 - 2019-12-30 22:45 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-12-30 22:45 - 2019-12-30 22:45 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-30 22:45 - 2019-12-30 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-30 22:44 - 2019-12-30 22:43 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-30 22:43 - 2019-12-30 22:44 - 008237744 _____ (Malwarebytes) C:\Users\oscar\Desktop\adwcleaner_8.0.1.exe
2019-12-22 11:27 - 2019-12-22 11:27 - 000004026 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1577010415
2019-12-18 16:51 - 2019-12-31 18:08 - 000000000 ____D C:\FRST
2019-12-17 01:34 - 2019-12-30 10:14 - 002272256 _____ (Farbar) C:\Users\oscar\Desktop\FRST64.exe
2019-12-17 01:12 - 2019-12-17 01:12 - 000797760 _____ C:\Users\oscar\Desktop\delfix.exe
2019-12-16 19:00 - 2019-12-16 19:00 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-12 22:20 - 2019-12-12 22:20 - 000000000 ____D C:\faagh
2019-12-11 16:53 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-12-11 16:53 - 2019-11-15 02:48 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-12-11 16:52 - 2019-12-06 06:27 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2019-12-11 16:52 - 2019-11-28 04:33 - 000710072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-11 16:52 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-12-11 16:52 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-12-11 16:52 - 2019-11-28 04:32 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-12-11 16:52 - 2019-11-28 04:32 - 000627664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-11 16:52 - 2019-11-28 04:32 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-12-11 16:52 - 2019-11-28 04:32 - 000155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-12-11 16:52 - 2019-11-28 04:32 - 000097208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-12-11 16:52 - 2019-11-28 04:31 - 005554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-11 16:52 - 2019-11-28 04:31 - 001671504 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-12-11 16:52 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-12-11 16:52 - 2019-11-28 04:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-12-11 16:52 - 2019-11-28 04:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-12-11 16:52 - 2019-11-28 04:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-12-11 16:52 - 2019-11-28 03:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-12-11 16:52 - 2019-11-28 03:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-12-11 16:52 - 2019-11-28 03:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-12-11 16:52 - 2019-11-28 03:58 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-12-11 16:52 - 2019-11-28 03:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-12-11 16:52 - 2019-11-28 03:57 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-12-11 16:52 - 2019-11-28 03:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-12-11 16:52 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-12-11 16:52 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-12-11 16:52 - 2019-11-28 03:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-12-11 16:52 - 2019-11-28 03:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-12-11 16:52 - 2019-11-28 03:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-12-11 16:52 - 2019-11-28 03:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-12-11 16:52 - 2019-11-28 03:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-12-11 16:52 - 2019-11-28 03:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-12-11 16:52 - 2019-11-28 03:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-12-11 16:52 - 2019-11-28 03:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-12-11 16:52 - 2019-11-28 03:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-12-11 16:52 - 2019-11-28 03:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-12-11 16:52 - 2019-11-28 03:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-12-11 16:52 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-12-11 16:52 - 2019-11-28 03:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-12-11 16:52 - 2019-11-28 03:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-12-11 16:52 - 2019-11-28 03:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-12-11 16:52 - 2019-11-23 08:48 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-12-11 16:52 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-12-11 16:52 - 2019-11-21 03:16 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-11 16:52 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-11 16:52 - 2019-11-21 01:48 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-11 16:52 - 2019-11-19 21:56 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-12-11 16:52 - 2019-11-19 21:44 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-12-11 16:52 - 2019-11-19 21:44 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-12-11 16:52 - 2019-11-19 21:31 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-12-11 16:52 - 2019-11-19 21:30 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-12-11 16:52 - 2019-11-19 21:29 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-12-11 16:52 - 2019-11-19 21:29 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-12-11 16:52 - 2019-11-19 21:29 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-12-11 16:52 - 2019-11-19 21:22 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-12-11 16:52 - 2019-11-19 21:21 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-12-11 16:52 - 2019-11-19 21:19 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-12-11 16:52 - 2019-11-19 21:18 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-12-11 16:52 - 2019-11-19 21:18 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-12-11 16:52 - 2019-11-19 21:18 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-12-11 16:52 - 2019-11-19 21:18 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-12-11 16:52 - 2019-11-19 21:17 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-12-11 16:52 - 2019-11-19 21:10 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-12-11 16:52 - 2019-11-19 21:07 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-12-11 16:52 - 2019-11-19 21:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 16:52 - 2019-11-19 21:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-12-11 16:52 - 2019-11-19 21:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-12-11 16:52 - 2019-11-19 20:56 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-12-11 16:52 - 2019-11-19 20:56 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-12-11 16:52 - 2019-11-19 20:54 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-12-11 16:52 - 2019-11-19 20:52 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-12-11 16:52 - 2019-11-19 20:43 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-12-11 16:52 - 2019-11-19 20:41 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-12-11 16:52 - 2019-11-19 20:41 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-12-11 16:52 - 2019-11-19 20:39 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-12-11 16:52 - 2019-11-19 20:39 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-12-11 16:52 - 2019-11-19 20:36 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-12-11 16:52 - 2019-11-19 20:26 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-12-11 16:52 - 2019-11-19 20:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-12-11 16:52 - 2019-11-19 20:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-12-11 16:52 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-12-11 16:52 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-12-11 16:52 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-12-11 16:52 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-12-11 16:52 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-12-11 16:52 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-12-11 16:52 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-12-11 16:52 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-12-11 16:52 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-12-11 16:52 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-12-11 16:52 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-12-11 16:52 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-12-11 16:52 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-12-11 16:52 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-12-11 16:52 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-12-11 16:52 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-12-11 16:52 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-12-11 16:52 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-12-11 16:52 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-12-11 16:52 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-12-11 16:52 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-12-11 16:52 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-12-11 16:52 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-12-11 16:52 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-12-11 16:52 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-12-11 16:52 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-12-11 16:52 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-12-11 16:52 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-12-11 16:52 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-12-11 16:52 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-12-11 16:52 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-12-11 16:52 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-12-11 16:52 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-12-11 16:52 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-11 16:52 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2019-12-11 16:52 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2019-12-11 16:52 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-11 16:52 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-11 16:52 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-12-11 16:52 - 2019-11-15 03:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-12-11 16:52 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-12-11 16:52 - 2019-11-15 03:25 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-12-11 16:52 - 2019-11-15 03:22 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-12-11 16:52 - 2019-11-15 03:22 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-12-11 16:52 - 2019-11-15 03:22 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-11 16:52 - 2019-11-15 03:22 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-12-11 16:52 - 2019-11-15 03:22 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-11 16:52 - 2019-11-15 03:22 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2019-12-11 16:52 - 2019-11-15 03:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2019-12-11 16:52 - 2019-11-15 03:22 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-12-11 16:52 - 2019-11-15 03:21 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2019-12-11 16:52 - 2019-11-15 03:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2019-12-11 16:52 - 2019-11-15 03:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-11 16:52 - 2019-11-15 03:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-12-11 16:52 - 2019-11-15 03:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-12-11 16:52 - 2019-11-15 03:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-12-11 16:52 - 2019-11-15 03:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-12-11 16:52 - 2019-11-15 03:06 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-11 16:52 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-12-11 16:52 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-12-11 16:52 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2019-12-11 16:52 - 2019-11-15 02:45 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-11 16:52 - 2019-11-14 12:34 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-11 16:52 - 2019-11-05 22:25 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-12-11 16:52 - 2019-10-26 01:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-12-06 15:28 - 2019-12-06 15:28 - 000000000 __SHD C:\found.000

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2019-12-31 17:18 - 2009-07-14 05:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-31 17:18 - 2009-07-14 05:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-31 17:08 - 2016-04-14 21:21 - 000000000 ____D C:\Users\oscar\AppData\Roaming\.ACEStream
2019-12-31 17:06 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-31 12:40 - 2009-07-14 06:08 - 000032648 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-12-31 12:38 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-12-31 11:58 - 2013-10-27 21:56 - 000000000 ____D C:\Users\oscar\AppData\Roaming\IObit
2019-12-31 00:08 - 2014-11-16 20:46 - 000000000 ____D C:\KMPlayer
2019-12-30 22:46 - 2014-02-22 18:36 - 000000000 ____D C:\Users\oscar\AppData\Local\cache
2019-12-30 22:43 - 2017-03-08 00:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-30 15:57 - 2010-11-21 08:09 - 000752320 _____ C:\Windows\system32\perfh00A.dat
2019-12-30 15:57 - 2010-11-21 08:09 - 000160828 _____ C:\Windows\system32\perfc00A.dat
2019-12-30 15:57 - 2009-07-14 06:13 - 001689382 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-22 20:36 - 2018-06-12 23:56 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-22 11:32 - 2019-03-16 17:31 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-22 11:27 - 2017-06-09 00:20 - 000003842 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1496964011
2019-12-22 11:27 - 2017-06-09 00:12 - 000000000 ____D C:\Program Files\Opera
2019-12-22 10:27 - 2015-11-09 22:13 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-16 19:07 - 2019-03-16 17:31 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-16 19:07 - 2019-03-16 17:31 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-16 19:02 - 2013-10-27 14:47 - 000000000 ____D C:\Users\oscar\AppData\Roaming\uTorrent
2019-12-16 19:00 - 2018-06-12 23:55 - 000000000 ____D C:\Program Files\CCleaner
2019-12-16 18:51 - 2019-11-11 22:56 - 000000000 ____D C:\Users\oscar\AppData\Roaming\BitTorrent Web
2019-12-16 18:30 - 2019-03-31 16:09 - 000000000 ____D C:\Users\oscar\AppData\Local\BitTorrentHelper
2019-12-13 07:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-12-12 23:57 - 2018-08-08 20:45 - 000000000 ____D C:\Users\oscar\AppData\Roaming\vlc
2019-12-12 20:56 - 2009-07-14 05:45 - 000408840 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-11 22:09 - 2013-11-03 22:59 - 001663968 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-12-11 22:04 - 2013-10-24 22:29 - 000000000 ____D C:\Windows\system32\MRT
2019-12-11 21:58 - 2013-10-24 22:29 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-10 17:33 - 2017-08-09 21:36 - 000004500 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-10 17:33 - 2014-11-28 18:02 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-12-10 17:33 - 2014-11-28 18:02 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-12-10 17:33 - 2014-11-28 18:02 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-12-10 17:33 - 2013-10-25 16:10 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-12-10 17:33 - 2013-10-25 16:10 - 000000000 ____D C:\Windows\system32\Macromed
2019-12-10 16:33 - 2018-03-13 16:33 - 000004492 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-04 09:27 - 2019-10-22 19:10 - 000000000 ____D C:\Users\oscar\.afirma
2019-12-04 09:25 - 2013-11-02 10:48 - 000000000 ____D C:\Windows\Minidump
2019-12-03 20:48 - 2019-07-12 13:36 - 000000000 ____D C:\Users\oscar\Desktop\IMAGENES BLUETHOOTH
2019-12-01 13:28 - 2019-04-11 19:51 - 000000000 ____D C:\Users\oscar\Desktop\inma

==================== Archivos en la raíz de algunos directorios ========

2018-08-23 07:18 - 2018-08-27 14:59 - 000024576 _____ () C:\Users\oscar\AppData\Roaming\cookies.sqlite
2016-04-03 11:28 - 2016-04-03 11:28 - 000283648 _____ () C:\Users\oscar\AppData\Roaming\DrjxjVBchppIcvKkIs
2016-04-03 11:28 - 2016-04-03 11:28 - 000003584 _____ () C:\Users\oscar\AppData\Roaming\PvyRLXDeE
2016-08-12 06:16 - 2016-12-12 01:38 - 000002021 _____ () C:\Users\oscar\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-03-22 22:30 - 2015-03-27 00:30 - 000000131 _____ () C:\Users\oscar\AppData\Roaming\WB.CFG
2019-10-21 19:34 - 2019-10-22 18:55 - 000535552 _____ (Dirección General de la Policía) C:\Users\oscar\AppData\Local\DNIeService.exe
2015-03-24 11:30 - 2015-03-24 11:30 - 000000001 _____ () C:\Users\oscar\AppData\Local\DSI.DAT
2016-07-28 16:23 - 2018-08-28 19:07 - 000007601 _____ () C:\Users\oscar\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2019-12-30 11:05
==================== Final de FRST.txt ========================

kamy · 31 Diciembre, 2019 18:05


Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-12-2019
Ejecutado por oscar (31-12-2019 18:16:38)
Ejecutado desde C:\Users\oscar\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-10-24 20:43:50)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3960760090-272548860-3204049404-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3960760090-272548860-3204049404-1009 - Limited - Enabled)
Invitado (S-1-5-21-3960760090-272548860-3204049404-501 - Limited - Disabled)
oscar (S-1-5-21-3960760090-272548860-3204049404-1000 - Administrator - Enabled) => C:\Users\oscar

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Aplicación para detectar Winamp (HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
BitTorrent Web (HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\btweb) (Version: 1.0.5 - BitTorrent, Inc.)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.0.2.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Freemake Video Converter versión 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.2.50.1050 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.6.1000 - Intel Corporation)
K-Lite Codec Pack 10.4.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.5 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.34 - PandoraTV)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Opera Stable 62.0.3331.116 (HKLM-x32\...\Opera 62.0.3331.116) (Version: 62.0.3331.116 - Opera Software)
Opera Stable 65.0.3467.78 (HKLM-x32\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
Paquete de compatibilidad para 2007 Office system (HKLM-x32\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
RAR File Open Knife - Free Opener (HKLM-x32\...\RAR File Open Knife - Free Opener) (Version: 3.50 - Philipp Winterberg)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.94 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8409 - Realtek Semiconductor Corp.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Switch, convertidor de audio (HKLM-x32\...\Switch) (Version: 4.69 - NCH Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.21 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ContextMenuHandlers1: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> Ningún archivo
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> Ningún archivo
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Módulos cargados (Lista blanca) =============

2019-12-12 21:59 - 2019-12-12 21:59 - 000031232 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\72a69f04223d3a51cd1e1c5f88f4035c\A4.Foundation.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000022528 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\743d56bc6320308e687648c996476ff3\AEM.Actions.CCAA.Shared.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000013312 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\5f13361d6d66bafc5a31dc540f1b140e\AEM.Plugin.EEU.Shared.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000017408 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\da9dd4bb89e5a088506717c9c461694c\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000016384 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\d344deff2eda9b9f9a6383ea22e28c9c\AEM.Plugin.DPPE.Shared.ni.dll
2019-12-13 00:16 - 2019-12-13 00:16 - 000281600 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\7825d36e249a78a9cd5e8d5986e12077\AEM.Plugin.Source.Kit.Server.ni.dll
2019-12-13 00:16 - 2019-12-13 00:16 - 000014848 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\65c4f731cec6e1e77fa0eb78fadd2d3e\AEM.Plugin.WinMessages.Shared.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000012800 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\96779eb9e9109c781928ee2d7f9f88f0\AEM.Plugin.REG.Shared.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000011776 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\02be7dd34f76a378ce42f5e64d80c443\AEM.Plugin.GD.Shared.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000013312 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\3c62043d6d92137e9668289a0dc7a48c\AEM.Server.Shared.ni.dll
2019-12-13 00:16 - 2019-12-13 00:16 - 000267776 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\8990a345e93f2a58de1518792a922fdb\AEM.Server.ni.dll
2019-12-13 00:17 - 2019-12-13 00:17 - 000055808 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\25dbe8a92cc0fa4c7f60fc8831df5fcd\APM.Foundation.ni.dll
2019-12-13 00:27 - 2019-12-13 00:27 - 000122880 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\0a861136cdeab1eaf4bfef3018b7cb76\ATICCCom.ni.dll
2019-12-13 00:17 - 2019-12-13 00:17 - 000204288 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\0e1eb42608545f61bdecf8a550e67b18\CCC.Implementation.ni.dll
2019-12-13 00:22 - 2019-12-13 00:22 - 000154112 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\6ce1cac914cb1f745e91e1d1b4686ffe\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000128000 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\3bb7d1aa2b163131b293ccb10e7514b7\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000026112 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\11f48b2e33d24a0aa663636f084ef107\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-12-13 00:26 - 2019-12-13 00:26 - 000045568 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\7bd44b81920bfab91c2c11d5c3ba13c0\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-12-13 00:23 - 2019-12-13 00:23 - 000107008 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\5b680583245b43e90074118ef409a362\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000209920 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\220dfdb869ee53088454e654ac4f4332\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-12-13 00:22 - 2019-12-13 00:22 - 000132608 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\690486c07bb19fe3f79e52e051b94cac\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2019-12-13 00:23 - 2019-12-13 00:23 - 000074752 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\7adc199c5db6a9569bf085cc301e4ded\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000037888 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\24068675d2f20ef698d023776260c416\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2019-12-13 00:22 - 2019-12-13 00:22 - 000074752 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\ee6a44f06af1cbc8d52488b052a1486b\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2019-12-13 00:27 - 2019-12-13 00:27 - 000263168 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\7a1f2f87707fa18c85a7f3de30684473\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000365056 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\9011811d2c649e869909b7593e7cfd73\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-12-13 00:23 - 2019-12-13 00:23 - 000064000 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\9baa40aa6008a8ae8704500092b4a753\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2019-12-13 00:22 - 2019-12-13 00:22 - 000678912 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\11776425d36a17b905b2675deef8bcca\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2019-12-13 00:23 - 2019-12-13 00:23 - 000745472 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\0345e2e5eefdffce0e958051cabe1963\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000449024 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\a10e97f2948a5612d88e59dd6eef7187\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000089088 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\892eeac9f02cc5e5680cfd505e65f23a\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000158208 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\ebafd91888072345e5e5818235b7cc42\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000057856 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\55d8aa5a8bc14e7f3edb716398ee4d42\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2019-12-13 00:23 - 2019-12-13 00:23 - 000082944 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\e0eea0b71ca43a70a07608f912e20f88\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000462336 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\064eb3af52efc8eae9d845178ae223b0\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000086528 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\d6b2c4237411fb41f5298845fc622f3a\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000067072 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\191a00c5f3a8cd1816c03a00faebb064\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2019-12-13 00:22 - 2019-12-13 00:22 - 000340992 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\f75fb18e795c5d10a596e95f6460ec86\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000017920 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\9ad2bfb11a274355fa0d0b454a5b667f\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-12-13 00:22 - 2019-12-13 00:22 - 000276480 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\9c2be5ddab02d28ec4f7f4ab289662c4\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2019-12-13 00:23 - 2019-12-13 00:23 - 003312640 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\fad9e4ba8129817b636b32d4ad9a970d\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000240640 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\ebe688cbae8eb5d1700e1d53e6feb1a7\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-12-13 00:23 - 2019-12-13 00:23 - 000047616 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\15643147cb999afdfd88ff1937ebcbe7\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-12-13 00:23 - 2019-12-13 00:23 - 000050688 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\cb53367dfb95bb06719c5318b9ad468b\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2019-12-13 00:24 - 2019-12-13 00:24 - 000050688 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\c13ff85b9ce32350cc7f1917de3fde82\CLI.Caste.A4.Runtime.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000044544 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\b1c0caf7a9d344fba9219db8c201b5a8\CLI.Caste.A4.Shared.ni.dll
2019-12-13 00:24 - 2019-12-13 00:24 - 000027136 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\a09fa6b3471955d42b193e69b95f0d6c\CLI.Caste.A4.Dashboard.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000044544 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\b3d0d2df7a3438fb8f6fa07230d04a30\CLI.Caste.Fuel.Shared.ni.dll
2019-12-13 00:24 - 2019-12-13 00:24 - 000311296 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\5c05a742a79387779b97c706b8e2cd68\CLI.Caste.Fuel.Runtime.ni.dll
2019-12-13 00:24 - 2019-12-13 00:24 - 000027136 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\4494fae3a825b832a97f6beff7a3e897\CLI.Caste.Fuel.Dashboard.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000037376 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\522c7e10cdac0e95e75f61cce90bde2b\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 001555456 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\895a6fdd7fac02e6ce08b757c020f714\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000587776 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\d5752dbafbef3862c19e4e13429f3718\CLI.Caste.Graphics.Dashboard.ni.dll
2019-12-13 00:25 - 2019-12-13 00:25 - 000045056 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\9698ca502c64ef8a7fd1f75f91cc179c\CLI.Caste.HydraVision.Runtime.ni.dll
2019-12-13 00:25 - 2019-12-13 00:25 - 000030720 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\a902697939896a7e16921163641b7f9b\CLI.Caste.HydraVision.Shared.ni.dll
2019-12-13 00:25 - 2019-12-13 00:25 - 000025600 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\71d72e7e2902a2a9e814d97b561ce2ba\CLI.Caste.HydraVision.Dashboard.ni.dll
2019-12-13 00:25 - 2019-12-13 00:25 - 000030720 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\083507b9eae35fb3487b36488224e586\CLI.Caste.Platform.Shared.ni.dll
2019-12-13 00:25 - 2019-12-13 00:25 - 000044032 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\fa67f8bb944d7ebd5f07b66cf530199d\CLI.Caste.Platform.Runtime.ni.dll
2019-12-13 00:25 - 2019-12-13 00:25 - 000024064 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\3fceaffb3880c9d93c75da58e43eb203\CLI.Caste.Platform.Dashboard.ni.dll
2019-12-13 00:16 - 2019-12-13 00:16 - 000012288 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\4bca7d64b66b241f28aa0ae48b2e38c2\CLI.Component.Runtime.Shared.ni.dll
2019-12-13 00:27 - 2019-12-13 00:27 - 000901632 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\796936a4b6e441b144d2c4ad5563932b\CLI.Component.Systemtray.ni.dll
2019-12-13 00:26 - 2019-12-13 00:26 - 000173568 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\8e49e736cb6d1806075ba531f98f897e\CLI.Component.Dashboard.ProfileManager2.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000151040 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\3e427f87f95d6024e43e02cf373cd6a2\CLI.Component.Runtime.Shared.Private.ni.dll
2019-12-13 00:27 - 2019-12-13 00:27 - 000017408 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\1b7fe6a514ec17abb1ec5b9dc0be173d\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-12-13 00:17 - 2019-12-13 00:17 - 001609728 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\d9320e545eaafc3ba005a705439502ea\CLI.Component.Dashboard.Shared.Private.ni.dll
2019-12-13 00:19 - 2019-12-13 00:19 - 000018432 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\4b2abce7099336334011252cb080fc5a\CLI.Component.Client.Shared.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000085504 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\f43afa13aa4f639963d3f588838e9b54\CLI.Component.Dashboard.Shared.ni.dll
2019-12-13 00:17 - 2019-12-13 00:17 - 000089600 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\2dedba26cff8b1ca5b6b2c0104b968ec\CLI.Foundation.Private.ni.dll
2019-12-13 00:27 - 2019-12-13 00:27 - 000061440 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\4d32d7711cac36b142828518735fbfc0\CLI.Foundation.XManifest.ni.dll
2019-12-13 00:16 - 2019-12-13 00:16 - 000091136 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\57b888710a7771039b1fd68c6bf54156\CLI.Foundation.CoreAudioAPI.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 001079296 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\26b5dd18d28e35bad1a14236e2b6d113\CLI.Foundation.Client.ni.dll
2019-12-13 00:16 - 2019-12-13 00:16 - 000301568 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\3fb5b9c9d5cecc87cf1c2a4bef8fd8ac\CLI.Foundation.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000025600 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\56c8bd44eabab9ab432714111c865c9b\DEM.Foundation.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000115200 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\b15546e9733fd6f37c068e4393fac2c9\DEM.Graphics.I0601.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000015360 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\99064803e34a38e15ae09a58faee983f\DEM.Graphics.ni.dll
2019-12-13 00:24 - 2019-12-13 00:24 - 000037376 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\576a2bcbfadd04a3ebd0b5ed03cd6e4a\Fuel.Foundation.ni.dll
2019-12-13 00:27 - 2019-12-13 00:27 - 000296960 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\0b26a89b8688f754bf701e8619ea9957\LOG.Foundation.Implementation.ni.dll
2019-12-12 21:59 - 2019-12-12 21:59 - 000150016 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\84ac2eed8c412d929e29f2b599399530\LOG.Foundation.Private.ni.dll
2019-12-13 00:17 - 2019-12-13 00:17 - 000087552 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\beb3f3206ba7bba2ad782d59481da02c\LOG.Foundation.Implementation.Private.ni.dll
2019-12-12 21:59 - 2019-12-12 21:59 - 000132608 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\192b385c759edcba70402afadcab6d55\LOG.Foundation.ni.dll
2019-12-13 00:17 - 2019-12-13 00:17 - 000012288 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\36471b56949ec9c0ebd1ed7d187bae4b\MOM.Foundation.ni.dll
2019-12-13 00:32 - 2019-12-13 00:32 - 000402944 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\390ffd892fe49fcc401527474694ea60\MOM.Implementation.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000055296 _____ (Advanced Micro Devices Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\5fec3db2a1569b883fa155a3ae9fc133\NEWAEM.Foundation.ni.dll
2019-12-13 00:15 - 2019-12-13 00:15 - 000897024 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\9aa72c66dec4ba195a5b0e47e72aa2c9\ADL.Foundation.ni.dll
2019-12-13 00:17 - 2019-12-13 00:17 - 000256000 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\70a87518074e00ba245af135964bfea0\APM.Server.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000298496 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\40e508123e99234dcaad3944fecb6862\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 001654272 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\3a4f3690436d2933d934eb88822106e2\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 006336512 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\4f2a110312737693405c6c916890dc9e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2019-12-13 00:26 - 2019-12-13 00:26 - 008027648 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\6c52c7d2a54276cb4984f0a704afe8db\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2019-12-13 00:26 - 2019-12-13 00:26 - 001159680 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\501118a87601ea896b1a7e6c594dfeb0\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2019-12-13 00:19 - 2019-12-13 00:19 - 000136704 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\ceded87a14da163c596b5a2c379f304e\CLI.Component.Client.Shared.Private.ni.dll
2019-12-13 00:27 - 2019-12-13 00:27 - 000234496 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\e698aa63cefc546c9e957431c8cc48a8\CLI.Component.Runtime.ni.dll
2019-12-13 00:26 - 2019-12-13 00:26 - 000929280 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\7172dfa42770a01cf94b8de4fcd1df65\CLI.Component.Dashboard.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000013312 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\90684130b4e41b9c58df5b2b8fcaf922\DEM.Graphics.I0706.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000084480 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\a7743f385fc4ed00cbfa09792f0be05d\DEM.Graphics.I0709.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000012288 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\b1c533dfb3ad253cc391c61bea99fdaf\DEM.Graphics.I0712.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000018432 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\0100f8987fdb5433efa9208bd96f630e\DEM.Graphics.I0804.ni.dll
2019-12-13 00:27 - 2019-12-13 00:27 - 000010752 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\a6a72949b04996e6292867b13f182278\DEM.Graphics.I0805.ni.dll
2019-12-13 00:27 - 2019-12-13 00:27 - 000010752 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\9f5190ecad27602d6ab04c07d306a276\DEM.Graphics.I0812.ni.dll
2019-12-13 00:25 - 2019-12-13 00:25 - 000013312 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\5529109a8a2b796bbf8f682a7de39f71\DEM.Graphics.I0906.ni.dll
2019-12-13 00:21 - 2019-12-13 00:21 - 000014336 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\7a248ea5cb4c774eff22f119403cf073\DEM.Graphics.I0912.ni.dll
2019-12-13 00:25 - 2019-12-13 00:25 - 000035840 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\0047598bb2667d04c913685a79a0b39c\DEM.Graphics.I1010.ni.dll
2019-12-13 00:17 - 2019-12-13 00:17 - 001139200 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\7262ef4b11f42019abf9463148985fb4\Localization.Foundation.Private.ni.dll
2019-12-13 00:32 - 2019-12-13 00:32 - 000244224 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\0853dee031a925724e3028227076febc\ResourceManagement.Foundation.Implementation.ni.dll
2019-12-13 00:19 - 2019-12-13 00:19 - 000023552 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\c880218027cffeaaf074ba8d10bc5081\ResourceManagement.Foundation.Private.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000091648 _____ (Advanced Mirco Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\89ec05cd2cdee155d2b0b3fb66ebae50\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2019-12-13 00:17 - 2019-12-13 00:17 - 002845696 _____ (Advanced Mirco Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\1f891e7a2e2622268a05c24e07fa0835\CLI.Caste.Graphics.Shared.ni.dll
2019-12-13 00:24 - 2019-12-13 00:24 - 003268096 _____ (Advanced Mirco Devices, Inc.) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\b77cf47eaf87bbfc5e608a80533753b8\CLI.Caste.Graphics.Runtime.ni.dll
2017-01-30 22:27 - 2013-04-17 15:01 - 001892352 _____ (Apache Software Foundation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2013-10-25 16:08 - 2010-04-24 04:00 - 000336896 _____ (CANON INC.) [Archivo no firmado] C:\Windows\System32\CNMLM9W.DLL
2013-10-25 15:45 - 2010-04-24 05:00 - 000028672 _____ (CANON INC.) [Archivo no firmado] C:\Windows\system32\spool\PRTPROCS\x64\CNMPD9W.DLL
2017-01-30 22:27 - 2013-04-17 15:01 - 000069632 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 000335360 _____ (Microsoft) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\c199abe8e5a810042f93b2b2839d40e2\Microsoft.WindowsAPICodePack.ni.dll
2019-12-13 00:20 - 2019-12-13 00:20 - 002546688 _____ (Microsoft) [Archivo no firmado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\fc26a2913b344be7556bb15872f9dbd8\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [120]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\fnmt.es%20,%20https -> hxxps://fnmt.es%20,%20https

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 03:34 - 2017-10-28 23:36 - 000000031 _____ C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\adb;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\oscar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: btweb => "C:\Users\oscar\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{B75B5679-465E-4612-8CAC-DF13EA31F432}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{733EBD4E-ACFE-4205-A333-C5F95EDE2A2C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{30A9EA8C-B794-48D5-B5BB-E860F9D5C238}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A2BDD3E1-1868-428F-95CE-D4F1B37E5F17}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB87AE99-795B-4209-A594-66469B1245AB}] => (Allow) C:\Users\oscar\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E631DC19-2A60-4F37-982A-AFD9D0B81F4F}] => (Allow) C:\Users\oscar\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{55EE69B2-186B-48B8-BB71-6AF51C95E8F0}] => (Allow) C:\Users\oscar\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6FDD04FC-5476-433E-9E92-C8941BBDE7C2}] => (Allow) C:\Users\oscar\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{EE27D3E9-A33F-4873-8EA4-9CF56472F9A6}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{814C3B30-E7E9-4685-9074-02D0C02CA4EE}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{FCC73D5C-5A5A-4E7E-AFA6-7DC018EF73CE}C:\users\oscar\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Block) C:\users\oscar\appdata\roaming\utorrent\updates\3.4.9_43295.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{4FD20A65-4A15-4C73-9936-E7DB1BFF0B74}C:\users\oscar\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Block) C:\users\oscar\appdata\roaming\utorrent\updates\3.4.9_43295.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{C0E41539-61D7-42EB-B815-9B9A550F3BF0}C:\users\oscar\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Allow) C:\users\oscar\appdata\roaming\utorrent\updates\3.4.9_43295.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{6488D7DF-587E-4AF4-A091-A4B4C8B51F05}C:\users\oscar\appdata\roaming\utorrent\updates\3.4.9_43295.exe] => (Allow) C:\users\oscar\appdata\roaming\utorrent\updates\3.4.9_43295.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{11DD2087-9740-48DC-B0FE-CCF92BE6292F}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5FEDAF90-69D1-4977-AB90-BCDB2C5B514A}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{32E89A94-D2AB-4409-8B34-36274CFC17E1}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F5A0E34D-CCCD-4479-8411-74328E7400D9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{6F0DF3E8-6599-4EDE-A1BB-5809687ED78E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{32993432-B3BB-4F5F-AB60-FEFB5DF473AD}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{DBC74DAD-F5F0-46E4-923E-71EDBAF2F0B6}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{33D22E3A-6DC1-4AC4-9ACE-2A14DCADFED1}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{045CAC86-3C11-4799-B54A-0350DDA1A4DF}C:\users\oscar\appdata\roaming\kodi\userdata\addon_data\plugin.video.quasar\bin\windows_x64\quasar.exe] => (Allow) C:\users\oscar\appdata\roaming\kodi\userdata\addon_data\plugin.video.quasar\bin\windows_x64\quasar.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{A6912606-947F-4A20-92DD-D061AD2D7E4F}C:\users\oscar\appdata\roaming\kodi\userdata\addon_data\plugin.video.quasar\bin\windows_x64\quasar.exe] => (Allow) C:\users\oscar\appdata\roaming\kodi\userdata\addon_data\plugin.video.quasar\bin\windows_x64\quasar.exe () [Archivo no firmado]
FirewallRules: [{506CA1F8-9275-4281-9CB8-ACE994CE53EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{1A848E17-26C3-4E61-BEBE-DFBE10A7BCAF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{3D6B5EDD-F334-4259-A1BC-32A16333D1F9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{3D62FD83-A482-4CEF-AD19-6C6FAA4525B0}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{FF3B8680-B747-4169-8DCF-083E450B7ECA}] => (Allow) C:\Program Files\Opera\62.0.3331.99\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{3E8E346E-F3DB-48CE-909D-47B12514F7E4}] => (Allow) C:\Users\oscar\AppData\Roaming\BitTorrent Web\btweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [Archivo no firmado]
FirewallRules: [{4B0F8B41-DC0F-40F4-BCD4-F3226617CA8E}] => (Allow) C:\Users\oscar\AppData\Roaming\BitTorrent Web\btweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{6693B11C-1349-4216-A40F-784455E484A9}C:\users\oscar\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\oscar\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{9321827D-ED6D-4862-9479-05D5F32018C6}C:\users\oscar\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\oscar\appdata\roaming\bittorrent web\btweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [Archivo no firmado]
FirewallRules: [{C6CB6A2E-7C93-4BF6-AB6F-848878A14847}] => (Allow) C:\Program Files\Opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{08EB1482-8765-45CA-AE71-56E5306BD393}] => (Allow) C:\Program Files\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{1B3FDAF8-2315-4CBC-BA3E-233660DA4CE1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{C40CAADB-C5C4-423D-BE25-358527204D72}C:\users\oscar\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\oscar\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)
FirewallRules: [UDP Query User{E62AB11A-3AFB-4175-8F67-C7BC6C5A8C98}C:\users\oscar\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\oscar\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies)

==================== Puntos de Restauración =========================

12-12-2019 21:30:41 Windows Update
12-12-2019 23:52:56 Copias de seguridad de Windows
16-12-2019 18:54:30 Windows Update
22-12-2019 10:30:11 Windows Update
30-12-2019 09:24:48 Windows Update

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Adaptador de tunelización Teredo de Microsoft
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (12/31/2019 05:10:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.457, marca de tiempo: 0x5df7bf34
Nombre del módulo con errores: Qt5Core.dll, versión: 5.13.2.0, marca de tiempo: 0x5dcd60b9
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00198d49
Id. del proceso con errores: 0xf14
Hora de inicio de la aplicación con errores: 0x01d5bff4d8aed8e2
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Id. del informe: 1d7e3b1a-2be8-11ea-a909-705ab6201ecf

Error: (12/31/2019 05:10:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 12.8.6.1000, marca de tiempo: 0x523cdbc0
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24540, marca de tiempo: 0x5ddf3fc4
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000c5af
Id. del proceso con errores: 0x1268
Hora de inicio de la aplicación con errores: 0x01d5bff4b867acda
Ruta de acceso de la aplicación con errores: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Ruta de acceso del módulo con errores: C:\Windows\syswow64\KERNELBASE.dll
Id. del informe: ffabaaaf-2be7-11ea-a909-705ab6201ecf

Error: (12/31/2019 05:09:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: IAStorDataMgrSvc.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException

Información de la excepción: System.IO.FileNotFoundException
   en IAStorDataMgr.Program.Main()

Error: (12/31/2019 05:07:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (12/31/2019 05:07:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: CaptureLibService.exe, versión: 1.0.0.0, marca de tiempo: 0x5cee66d7
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24540, marca de tiempo: 0x5ddf3fc4
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000c5af
Id. del proceso con errores: 0x9f8
Hora de inicio de la aplicación con errores: 0x01d5bff456f08040
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
Ruta de acceso del módulo con errores: C:\Windows\syswow64\KERNELBASE.dll
Id. del informe: 9d9bb4a8-2be7-11ea-a909-705ab6201ecf

Error: (12/31/2019 05:07:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: CaptureLibService.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en CaptureLibService.Program.Main(System.String[])

Error: (12/31/2019 05:06:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FreemakeUtilsService.exe, versión: 1.0.0.0, marca de tiempo: 0x5dd3a0e7
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24540, marca de tiempo: 0x5ddf3fc4
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000c5af
Id. del proceso con errores: 0x5b8
Hora de inicio de la aplicación con errores: 0x01d5bff441ae4abc
Ruta de acceso de la aplicación con errores: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Ruta de acceso del módulo con errores: C:\Windows\syswow64\KERNELBASE.dll
Id. del informe: 91656f02-2be7-11ea-a909-705ab6201ecf

Error: (12/31/2019 05:06:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: FreemakeUtilsService.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en FreemakeUtilsService.Program.Main(System.String[])


Errores del sistema:
=============
Error: (12/31/2019 06:05:11 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (12/31/2019 06:05:10 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (12/31/2019 06:05:09 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (12/31/2019 05:53:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (12/31/2019 05:53:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (12/31/2019 05:53:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (12/31/2019 05:10:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (60000 ms) para la conexión con el servicio Intel(R) Rapid Storage Technology.

Error: (12/31/2019 05:07:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HuaweiHiSuiteService64.exe no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


CodeIntegrity:
===================================

Date: 2017-10-17 22:14:53.363
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-10-17 22:14:53.123
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-07-10 22:08:36.029
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2017-07-10 22:08:35.860
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2015-12-07 02:49:39.811
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2015-12-07 02:49:39.731
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2015-12-07 02:48:31.768
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2015-12-07 02:48:31.691
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Información de la memoria =========================== 

BIOS: Packard Bell V1.05 01/05/2010
Placa base: Packard Bell EasyNote LJ75
Procesador: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Porcentaje de memoria en uso: 94%
RAM física total: 3958.77 MB
RAM física disponible: 211.04 MB
Virtual total: 9893.92 MB
Virtual disponible: 2856.46 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:200.22 GB) (Free:85.45 GB) NTFS
Drive e: (Oscar) (Fixed) (Total:265.43 GB) (Free:152.33 GB) NTFS
Drive f: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive g: (Disco fotos) (Fixed) (Total:596.07 GB) (Free:323.16 GB) NTFS
Drive i: (MICSD PC) (Removable) (Total:28.96 GB) (Free:28 GB) FAT32

\\?\Volume{f990600c-3ce6-11e3-8183-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: FF9BBA48)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.4 GB) - (Type=0F Extended)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 62CF2002)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

Daniela · 1 Enero, 2020 18:04

MUY Importante Realiza una copia de seguridad del registro :

Para hacerlo descarga DelFix.exe( en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\Run: [eceb1442] => C:\ProgramData\Intel\Wireless\2bf01e9\dccfdjc.exe [943784 2019-12-31] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: H - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {209c3f9a-486c-11e7-9124-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {2714fd2d-711b-11e7-a203-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {2714fd46-711b-11e7-a203-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {415fbe61-27a6-11e8-939f-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {415fbe6b-27a6-11e8-939f-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {518907fd-e52d-11e8-9bd7-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {60202315-37c1-11e7-adfe-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {61ab7fde-9b00-11e7-9723-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {6455bf08-c296-11e8-b275-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {72ab1751-1985-11e8-ba24-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {7a8eeb13-b4ee-11e7-bc8f-705ab6201ecf} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {9f49f5c4-5352-11e8-a8ad-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {9f49f5d2-5352-11e8-a8ad-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {ab005065-874f-11e7-9555-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {b75db9c0-400d-11e3-b8ee-705ab6201ecf} - H:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B03 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {c339b720-408a-11e8-a8d9-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {d85e9a71-d81f-11e5-befe-705ab6201ecf} - I:\autorun.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {dd1af201-aa50-11e5-abc6-705ab6201ecf} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {df0439a0-3c20-11e8-acb5-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {e53991e1-ee23-11e6-a99c-705ab6201ecf} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {eb1f379a-a2e4-11e7-97aa-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {eb99389a-3973-11e6-b820-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {f9906010-3ce6-11e3-8183-806e6f6e6963} - D:\wubi.exe
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {0207C9D8-DC04-496D-B102-9B41CF8DF2B9} - \{080D7F47-7A0F-0D0F-7911-7A797E7F1109} -> Ningún archivo <==== ATENCIÓN
Task: {27BE5358-2E27-481D-93D9-37F2443207EA} - System32\Tasks\{0AB1AE3F-1F5E-4562-A8BF-4566918940CF} => C:\Windows\system32\pcalua.exe -a C:\Users\oscar\AppData\Local\Temp\Temp2_Piano_Electronico_2.5.zip\PianoElectronico25.exe <==== ATENCIÓN
Task: {2C94A012-13C2-44D4-A90C-7CD43114FE83} - System32\Tasks\{9FBC69BA-2596-4D67-A77E-4A340A926A46} => C:\Windows\system32\pcalua.exe -a C:\Users\oscar\AppData\Local\Temp\scoped_dir7616_12615\wlsetup-web.exe -d C:\Users\oscar\AppData\Local\Temp\scoped_dir7616_12615 <==== ATENCIÓN
Task: {59922009-3945-4191-83A8-7D3A0B31DCA4} - System32\Tasks\Coodierzary Agent => C:\Program Files (x86)\Qejisyfank\xckqsh.exe
Task: {5D05E3A6-798D-45EE-8681-FE037A2238E0} - \Nmolevuperward -> Ningún archivo <==== ATENCIÓN
Task: {7C4D31A6-4DAD-4309-A0C1-FC19BEB545BF} - System32\Tasks\{20452D70-04A6-4225-A89D-06E2AF86C15B} => C:\Windows\system32\pcalua.exe -a C:\Users\oscar\AppData\Local\Temp\Temp1_Audio_Realtek_6.0.1.6971.zip\Audio_Realtek_6.0.1.6971\Setup.exe <==== ATENCIÓN
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3960760090-272548860-3204049404-1000 -> DefaultScope {778B9596-A1B3-4351-96BD-38672AAB8346} URL = 
SearchScopes: HKU\S-1-5-21-3960760090-272548860-3204049404-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
SearchScopes: HKU\S-1-5-21-3960760090-272548860-3204049404-1000 -> {E00B2122-2F01-4D88-82ED-490C21CB3C43} URL = hxxps://es.search.yahoo.com/search?p={searchTerms}&intl=es&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
FF HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\oscar\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\oscar\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin HKU\S-1-5-21-3960760090-272548860-3204049404-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\oscar\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies)
CHR Extension: (Ace Script) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-03-16]
CHR Extension: (Chrome Media Router) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-24]
CHR HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
OPR Extension: (Magneton) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\aijploakdabpnahkgkgcinghcejgbnhe [2019-11-11]
OPR Extension: (SaveFrom.net helper) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-12-22]
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 cpuz134; \??\C:\Users\oscar\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATENCIÓN
S3 DSDrv4; \??\C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys [X]
S1 hvmopkzn; \??\C:\Windows\system32\drivers\hvmopkzn.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
2019-12-31 11:58 - 2013-10-27 21:56 - 000000000 ____D C:\Users\oscar\AppData\Roaming\IObit
2016-04-03 11:28 - 2016-04-03 11:28 - 000283648 _____ () C:\Users\oscar\AppData\Roaming\DrjxjVBchppIcvKkIs
2016-04-03 11:28 - 2016-04-03 11:28 - 000003584 _____ () C:\Users\oscar\AppData\Roaming\PvyRLXDeE
ContextMenuHandlers1: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> Ningún archivo
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> Ningún archivo
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [120]
C:\ProgramData\Intel\Wireless\2bf01e9

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

kamy · 1 Enero, 2020 20:12

Perdona, no me queda claro este ultimo paso, tengo w7 home edition, tengo que iniciar el pc a prueba de errores tambien para este ultimo paso que comentas o solo se inicia a prueba de errores cuando tienes w8 y w10

Muchas gracias y perdona mi torpeza

Daniela · 1 Enero, 2020 20:52

Hola

Culpa mía, se me pasó que tienes Windows 7

Inicia en modo seguro pero como lo haces habitualmente en Windows 7.

Un saludo

kamy · 1 Enero, 2020 20:57


Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 28-12-2019
Ejecutado por oscar (01-01-2020 21:43:14) Run:1
Ejecutado desde C:\Users\oscar\Desktop
Perfiles cargados: oscar (Perfiles disponibles: oscar)
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricci�n <==== ATENCI�N
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\Run: [eceb1442] => C:\ProgramData\Intel\Wireless\2bf01e9\dccfdjc.exe [943784 2019-12-31] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: H - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {209c3f9a-486c-11e7-9124-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {2714fd2d-711b-11e7-a203-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {2714fd46-711b-11e7-a203-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {415fbe61-27a6-11e8-939f-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {415fbe6b-27a6-11e8-939f-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {518907fd-e52d-11e8-9bd7-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {60202315-37c1-11e7-adfe-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {61ab7fde-9b00-11e7-9723-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {6455bf08-c296-11e8-b275-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {72ab1751-1985-11e8-ba24-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {7a8eeb13-b4ee-11e7-bc8f-705ab6201ecf} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {9f49f5c4-5352-11e8-a8ad-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {9f49f5d2-5352-11e8-a8ad-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {ab005065-874f-11e7-9555-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {b75db9c0-400d-11e3-b8ee-705ab6201ecf} - H:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B03 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {c339b720-408a-11e8-a8d9-701a04d72c0b} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {d85e9a71-d81f-11e5-befe-705ab6201ecf} - I:\autorun.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {dd1af201-aa50-11e5-abc6-705ab6201ecf} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {df0439a0-3c20-11e8-acb5-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {e53991e1-ee23-11e6-a99c-705ab6201ecf} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {eb1f379a-a2e4-11e7-97aa-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {eb99389a-3973-11e6-b820-705ab6201ecf} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\MountPoints2: {f9906010-3ce6-11e3-8183-806e6f6e6963} - D:\wubi.exe
GroupPolicy: Restricci�n - Chrome <==== ATENCI�N
CHR HKLM\SOFTWARE\Policies\Google: Restricci�n <==== ATENCI�N
Task: {0207C9D8-DC04-496D-B102-9B41CF8DF2B9} - \{080D7F47-7A0F-0D0F-7911-7A797E7F1109} -> Ning�n archivo <==== ATENCI�N
Task: {27BE5358-2E27-481D-93D9-37F2443207EA} - System32\Tasks\{0AB1AE3F-1F5E-4562-A8BF-4566918940CF} => C:\Windows\system32\pcalua.exe -a C:\Users\oscar\AppData\Local\Temp\Temp2_Piano_Electronico_2.5.zip\PianoElectronico25.exe <==== ATENCI�N
Task: {2C94A012-13C2-44D4-A90C-7CD43114FE83} - System32\Tasks\{9FBC69BA-2596-4D67-A77E-4A340A926A46} => C:\Windows\system32\pcalua.exe -a C:\Users\oscar\AppData\Local\Temp\scoped_dir7616_12615\wlsetup-web.exe -d C:\Users\oscar\AppData\Local\Temp\scoped_dir7616_12615 <==== ATENCI�N
Task: {59922009-3945-4191-83A8-7D3A0B31DCA4} - System32\Tasks\Coodierzary Agent => C:\Program Files (x86)\Qejisyfank\xckqsh.exe
Task: {5D05E3A6-798D-45EE-8681-FE037A2238E0} - \Nmolevuperward -> Ning�n archivo <==== ATENCI�N
Task: {7C4D31A6-4DAD-4309-A0C1-FC19BEB545BF} - System32\Tasks\{20452D70-04A6-4225-A89D-06E2AF86C15B} => C:\Windows\system32\pcalua.exe -a C:\Users\oscar\AppData\Local\Temp\Temp1_Audio_Realtek_6.0.1.6971.zip\Audio_Realtek_6.0.1.6971\Setup.exe <==== ATENCI�N
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3960760090-272548860-3204049404-1000 -> DefaultScope {778B9596-A1B3-4351-96BD-38672AAB8346} URL = 
SearchScopes: HKU\S-1-5-21-3960760090-272548860-3204049404-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
SearchScopes: HKU\S-1-5-21-3960760090-272548860-3204049404-1000 -> {E00B2122-2F01-4D88-82ED-490C21CB3C43} URL = hxxps://es.search.yahoo.com/search?p={searchTerms}&intl=es&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
FF HKU\S-1-5-21-3960760090-272548860-3204049404-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\oscar\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\oscar\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @microsoft.com/GENUINE -> disabled [Ning�n archivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ning�n archivo]
FF Plugin HKU\S-1-5-21-3960760090-272548860-3204049404-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\oscar\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies -> Innovative Digital Technologies)
CHR Extension: (Ace Script) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-03-16]
CHR Extension: (Chrome Media Router) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-24]
CHR HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
OPR Extension: (Magneton) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\aijploakdabpnahkgkgcinghcejgbnhe [2019-11-11]
OPR Extension: (SaveFrom.net helper) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-12-22]
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 cpuz134; \??\C:\Users\oscar\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATENCI�N
S3 DSDrv4; \??\C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys [X]
S1 hvmopkzn; \??\C:\Windows\system32\drivers\hvmopkzn.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
2019-12-31 11:58 - 2013-10-27 21:56 - 000000000 ____D C:\Users\oscar\AppData\Roaming\IObit
2016-04-03 11:28 - 2016-04-03 11:28 - 000283648 _____ () C:\Users\oscar\AppData\Roaming\DrjxjVBchppIcvKkIs
2016-04-03 11:28 - 2016-04-03 11:28 - 000003584 _____ () C:\Users\oscar\AppData\Roaming\PvyRLXDeE
ContextMenuHandlers1: [KuaiZipShlExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> Ning�n archivo
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> Ning�n archivo
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [120]
C:\ProgramData\Intel\Wireless\2bf01e9

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
"HKU\S-1-5-21-3960760090-272548860-3204049404-1000\Software\Microsoft\Windows\CurrentVersion\Run\\eceb1442" => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{209c3f9a-486c-11e7-9124-701a04d72c0b} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2714fd2d-711b-11e7-a203-701a04d72c0b} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2714fd46-711b-11e7-a203-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{415fbe61-27a6-11e8-939f-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{415fbe6b-27a6-11e8-939f-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{518907fd-e52d-11e8-9bd7-701a04d72c0b} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60202315-37c1-11e7-adfe-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61ab7fde-9b00-11e7-9723-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6455bf08-c296-11e8-b275-701a04d72c0b} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72ab1751-1985-11e8-ba24-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a8eeb13-b4ee-11e7-bc8f-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f49f5c4-5352-11e8-a8ad-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f49f5d2-5352-11e8-a8ad-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab005065-874f-11e7-9555-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b75db9c0-400d-11e3-b8ee-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c339b720-408a-11e8-a8d9-701a04d72c0b} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d85e9a71-d81f-11e5-befe-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd1af201-aa50-11e5-abc6-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df0439a0-3c20-11e8-acb5-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e53991e1-ee23-11e6-a99c-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb1f379a-a2e4-11e7-97aa-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb99389a-3973-11e6-b820-705ab6201ecf} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f9906010-3ce6-11e3-8183-806e6f6e6963} => eliminado correctamente
C:\Windows\system32\GroupPolicy\Machine => movido correctamente
C:\Windows\system32\GroupPolicy\GPT.ini => movido correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0207C9D8-DC04-496D-B102-9B41CF8DF2B9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0207C9D8-DC04-496D-B102-9B41CF8DF2B9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{080D7F47-7A0F-0D0F-7911-7A797E7F1109}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27BE5358-2E27-481D-93D9-37F2443207EA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27BE5358-2E27-481D-93D9-37F2443207EA}" => eliminado correctamente
C:\Windows\System32\Tasks\{0AB1AE3F-1F5E-4562-A8BF-4566918940CF} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0AB1AE3F-1F5E-4562-A8BF-4566918940CF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C94A012-13C2-44D4-A90C-7CD43114FE83}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C94A012-13C2-44D4-A90C-7CD43114FE83}" => eliminado correctamente
C:\Windows\System32\Tasks\{9FBC69BA-2596-4D67-A77E-4A340A926A46} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9FBC69BA-2596-4D67-A77E-4A340A926A46}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59922009-3945-4191-83A8-7D3A0B31DCA4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59922009-3945-4191-83A8-7D3A0B31DCA4}" => eliminado correctamente
C:\Windows\System32\Tasks\Coodierzary Agent => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Coodierzary Agent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D05E3A6-798D-45EE-8681-FE037A2238E0}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D05E3A6-798D-45EE-8681-FE037A2238E0}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Nmolevuperward" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C4D31A6-4DAD-4309-A0C1-FC19BEB545BF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C4D31A6-4DAD-4309-A0C1-FC19BEB545BF}" => eliminado correctamente
C:\Windows\System32\Tasks\{20452D70-04A6-4225-A89D-06E2AF86C15B} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{20452D70-04A6-4225-A89D-06E2AF86C15B}" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2} => eliminado correctamente
"HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E00B2122-2F01-4D88-82ED-490C21CB3C43} => eliminado correctamente
"HKU\S-1-5-21-3960760090-272548860-3204049404-1000\Software\Mozilla\Firefox\Extensions\\[email protected]" => eliminado correctamente
C:\Users\oscar\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => movido correctamente
C:\Users\oscar\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => ruta eliminado correctamente
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => eliminado correctamente
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.32 => eliminado correctamente
C:\Users\oscar\AppData\Roaming\ACEStream\player\npace_plugin.dll => movido correctamente
CHR Extension: (Ace Script) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-03-16] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Chrome Media Router) - C:\Users\oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-24] => Error: Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Google\Chrome\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
OPR Extension: (Magneton) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\aijploakdabpnahkgkgcinghcejgbnhe [2019-11-11] => Error: Ninguna corrección automática encontrada para esta entrada.
OPR Extension: (SaveFrom.net helper) - C:\Users\oscar\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-12-22] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\System\CurrentControlSet\Services\HuaweiHiSuiteService64.exe => eliminado correctamente
HuaweiHiSuiteService64.exe => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\cpuz134 => eliminado correctamente
cpuz134 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\DSDrv4 => eliminado correctamente
DSDrv4 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\hvmopkzn => eliminado correctamente
hvmopkzn => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\RimUsb => eliminado correctamente
RimUsb => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VBoxNetFlt => eliminado correctamente
VBoxNetFlt => servicio eliminado correctamente
C:\Users\oscar\AppData\Roaming\IObit => movido correctamente
C:\Users\oscar\AppData\Roaming\DrjxjVBchppIcvKkIs => movido correctamente
C:\Users\oscar\AppData\Roaming\PvyRLXDeE => movido correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\KuaiZipShlExt => invalid subkey removed.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuExt => eliminado correctamente
C:\ProgramData\TEMP => ":373E1720" ADS eliminado correctamente
C:\ProgramData\Intel\Wireless\2bf01e9 => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3960760090-272548860-3204049404-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9852748 B
Java, Flash, Steam htmlcache => 1221 B
Windows/system/drivers => 3924588 B
Edge => 0 B
Chrome => 220592 B
Firefox => 21186814 B
Opera => 326766164 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33253 B
systemprofile32 => 71646 B
LocalService => 104771 B
NetworkService => 44261182 B
oscar => 45680140 B

RecycleBin => 0 B
EmptyTemp: => 439.2 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 21:44:10 ====

kamy · 1 Enero, 2020 20:59

El programa ya no aparece en el inicio de windows y aunque no siempre ha sido un cohete de pc va muchisimo mas rapido. El led del hdd ya no esta permanentemente encendido, asi que tema resuelto.

Muchas gracias por tu tiempo y feliz año

Daniela · 1 Enero, 2020 21:16

Hola @kamy

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte

Nos alegramos que se te haya resuelto Damos el tema por solucionado.

Solucionado

Feliz Año Nuevo!!!

Un saludo