Aviso Trojan:Win32/Wacatac.A!ml

Buenas tardes. Hace unos días que noto que mi pc está lento, por momentos y da pantalla negra. Hoy apareció un mensaje de seguridad de windows que dice: Amenaza detectada:Trojan:Win32/Wacatac.A!ml Nivel de alerta:Grave Categoria: Caballo de troya al mirar la ubicación veo que está ubicado en un juego y yo no uso el pc para jugar. Mi hermano instaló el age of empires 2 hd en mi pc. Realmente no sé que hacer. Espero puedan ayudarme.

Datos: Windows 10 Pro 64 bit. Intel Core i5-7400 CPU @3.00GHz, 8GB RAM, Intel HD Graphics 630

Informes del malwarebytes y adwcleaner:

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.785
Versión del paquete de actualización: 1.0.16586
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 18362.535)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESK\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 275949
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 min, 26 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build:    12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    12-22-2019
# Duration: 00:00:11
# OS:       Windows 10 Pro
# Scanned:  35232
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Hola @Laura y Bienvenida al Foro.!!!

Cuando te aparece la pantalla negra que comentas…??

Los informes que has puesto NO presentan infecciones o al menos NO se ven… :face_with_raised_eyebrow:

Hola. muchas gracias. Cuando estoy haciendo una búsqueda en google a veces la pantalla desaparece unos segundos y después vuelve aparecer, cuando encontré el mensaje de seguridad de windows pensé que el problema sea el juego ese. Consulta si elimino el juego, no va aparecer mas eso del mensaje del troyano?.

Perfecto, :clap: entendido. :+1:

Y ahora Veamos…si tenemos algo escondido. :roll_eyes:

Descarga y descomprime esta herramienta en tu escritorio :arrow_right: Manual de Malwarebytes Anti-Rootkits Beta, y sigues los pasos que se indican para revisar el equipo :

  • Abre la carpeta Mbar, haces doble clic en el archivo Mbar.exe.
  • En la ventana que saldrá pulsas en Next.
  • Pulsar en Update, y cuando termine en Next.
  • Ahora inicias el análisis pulsando en el botón Scan.
  • Al terminar, si existe infección pulsamos en CleanUp y si no hay infección pulsamos en Exit.

Al terminar busca en la carpeta Mbar, y abres los archivos mbar-log.txt y system-log.txt, nos copias el contenido en la siguiente respuesta y comentas resultados.

Saludos.

1 me gusta

Hola, Malwarebytes Anti-Rootkits Beta, no encontró infección. Acà están los archivos: *mbar-log.txt

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2019.12.22.06
  rootkit: v2019.12.22.06

Windows 10 x64 NTFS
Internet Explorer 11.535.18362.0
Usuario :: DESK [administrator]

22/12/2019 20:21:09
mbar-log-2019-12-22 (20-21-09).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 176521
Time elapsed: 11 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

y system-log.txt:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.535.18362.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, G:\ DRIVE_FIXED
CPU speed: 3.000000 GHz
Memory total: 8498110464, free: 4915347456

Downloaded database version: v2019.12.22.06
Downloaded database version: v2019.12.22.06
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     12/22/2019 20:21:00
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\mssecflt.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\wd\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys
\SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\bam.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\Vid.sys
\SystemRoot\System32\drivers\winhvr.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_43ac632006e874bb\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys
\SystemRoot\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_11c26d8a23bff2a5\igdkmd64.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys
\SystemRoot\System32\drivers\rt640x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_1c567926e5b29133\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\DriverStore\FileRepository\intcdaud.inf_amd64_4cd2f01cfbce3160\IntcDAud.sys
\SystemRoot\System32\drivers\rtwlanu.sys
\SystemRoot\system32\DRIVERS\wdiwifi.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\cldflt.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\winquic.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\drivers\vwifimp.sys
\SystemRoot\System32\drivers\rassstp.sys
\SystemRoot\System32\DRIVERS\NDProxy.sys
\SystemRoot\System32\drivers\AgileVpn.sys
\SystemRoot\System32\drivers\rasl2tp.sys
\SystemRoot\System32\drivers\raspptp.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\drivers\ndiswan.sys
\SystemRoot\system32\drivers\wd\WdNisDrv.sys
\SystemRoot\System32\Drivers\mbamswissarmy.sys
\SystemRoot\System32\Drivers\MbamChameleon.sys
\SystemRoot\system32\DRIVERS\mwac.sys
\??\C:\Windows\system32\drivers\mbae64.sys
\SystemRoot\system32\DRIVERS\farflt.sys
\??\C:\Windows\system32\DRIVERS\mbam.sys
\??\C:\Windows\system32\drivers\17172313.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2019.12.22.06
  rootkit: v2019.12.22.06

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffcd0b775cb060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffcd0b77596940, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffcd0b775cb060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffcd0b772b1dd0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffcd0b77344060, DeviceName: \Device\00000033\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2BF1B162

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1185792
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1187840  Numsec = 1952333824
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffcd0b775cc060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffcd0b773e9910, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffcd0b775cc060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffcd0b772afa60, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffcd0b772ab060, DeviceName: \Device\00000034\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1549F232

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 625137664
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Done!
File "C:\ProgramData\Microsoft\Network\Downloader\qmgr.db" is sparse (flags = 32768)
File "C:\Users\DESK\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-1187840-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished

Hola.

Parece que TU equipo NO tiene infecciones o al menos ninguna grave, lo normal es que lo que fue detectado anteriormente "Trojan:Win32/Wacatac.A!ml" ya fue eliminado o puesto en cuarentena. :face_with_raised_eyebrow:

De todas maneras vamos a ver más en profundidad tu equipo, ahora realiza estos pasos :

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:)

:two: Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los dos informes en tu próxima respuesta.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Saludos.

1 me gusta

Muchas gracias, JavierHF! :clap: Informe FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2019
Ran by Desk (administrator) on DESK (Gigabyte Technology Co., Ltd. H110M-H) (23-12-2019 12:39:47)
Running from C:\Users\Desk\Desktop
Loaded Profiles: Desk (Available Profiles: Desk)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_11c26d8a23bff2a5\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_11c26d8a23bff2a5\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Desk\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-165515872-560560262-2892136512-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-12-22] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-165515872-560560262-2892136512-1001\...\MountPoints2: {7fd72d23-e912-11e9-855a-1c1b0da52c46} - "D:\LaunchU3.exe" -a
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {138C9C24-88F6-4E96-9EBE-29642DFE65ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {390A2DAE-C954-43D3-BDD7-ED5BA1FC56F7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {39B005E0-3B99-4DBF-99F7-486BA06DFB05} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {41D4BFE7-C7EE-4579-95B5-3C5A8C070CD2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BDFFCA6-83C9-4A52-81F9-106F75C2582B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {51C536C7-0909-4204-BAA4-27BBF42098F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BC0AFF0-81D2-4988-87A1-E21378A24AE3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6FC45B42-6488-40E3-926D-420ED0748AB6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-12-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {78A8638F-793F-447F-B68D-5646303EC931} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-12-22] (Piriform Software Ltd -> Piriform Ltd)
Task: {836F5654-298A-4B8D-84E9-61C1F2AF4E51} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E0A5BA9-E3BE-4485-912A-1734A250F8E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-20] (Google Inc -> Google LLC)
Task: {9A7B6FAE-88D5-4DB7-8D41-8378BBD6A18A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE2B0BF1-236D-4DB6-8BDD-F1312C0C19E3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1FBF23E-D2E9-4802-8DD2-2DEF15E5B47A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8D77343-6876-4AD6-89DA-1628CA91FECB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8768720-7C63-4695-B20C-728FA5A201EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-20] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.42.4.207 200.49.130.47 200.49.130.47
Tcpip\..\Interfaces\{46d0306e-34cb-4a8a-9e22-73fab7be0676}: [DhcpNameServer] 200.42.4.207 200.49.130.47 200.49.130.47
Tcpip\..\Interfaces\{a05aa0ad-6259-4274-8b90-6b3fae4e32aa}: [DhcpNameServer] 200.42.4.207 200.49.130.41

Internet Explorer:
==================
HKU\S-1-5-21-165515872-560560262-2892136512-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\Desk\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-165515872-560560262-2892136512-1001 -> hxxps://www.google.com.ar/

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Notifications: Default -> hxxps://asepurch.pro; hxxps://checking-your-browser.com; hxxps://eadingenered.pro; hxxps://maranhesduve.club; hxxps://notification-list.com; hxxps://tmearn.com; hxxps://www1.bethanyharrell.pro; hxxps://www1.lucienmann.pro; hxxps://www1.ramirocampos.pro
CHR Profile: C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default [2019-12-23]
CHR Extension: (Presentaciones) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-20]
CHR Extension: (Documentos) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-20]
CHR Extension: (Google Drive) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-09-20]
CHR Extension: (YouTube) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-20]
CHR Extension: (Hojas de cálculo) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-20]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-20]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (IE Tab) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-11-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-20]
CHR Extension: (Chrome Media Router) - C:\Users\Desk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR Profile: C:\Users\Desk\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-22] (Malwarebytes Inc -> Malwarebytes)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-10-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [135520 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-18] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-18] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-18] (Hewlett-Packard Company -> Microsoft Corporation)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-17] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [8206848 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-23 12:36 - 2019-12-23 12:37 - 000031516 _____ C:\Users\Desk\Desktop\Addition.txt
2019-12-23 12:35 - 2019-12-23 12:40 - 000017157 _____ C:\Users\Desk\Desktop\FRST.txt
2019-12-23 12:34 - 2019-12-23 12:40 - 000000000 ____D C:\FRST
2019-12-23 12:31 - 2019-12-23 12:31 - 002260480 _____ (Farbar) C:\Users\Desk\Desktop\FRST64.exe
2019-12-22 22:39 - 2019-12-22 22:39 - 000174387 _____ C:\Users\Desk\Desktop\CONETIVOS25.jpeg
2019-12-22 22:39 - 2019-12-22 22:39 - 000059329 _____ C:\Users\Desk\Desktop\CONETIVOS4.jpeg
2019-12-22 22:39 - 2019-12-22 22:39 - 000055787 _____ C:\Users\Desk\Desktop\CONETIVOS3.jpeg
2019-12-22 22:38 - 2019-12-22 22:38 - 000149070 _____ C:\Users\Desk\Desktop\CONETIVOS.jpeg
2019-12-22 22:38 - 2019-12-22 22:38 - 000148244 _____ C:\Users\Desk\Desktop\CONETIVOS2.jpeg
2019-12-22 22:03 - 2019-12-22 23:18 - 000001559 _____ C:\Users\Desk\Desktop\TEMASS.txt
2019-12-22 20:21 - 2019-12-22 20:21 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\17172313.sys
2019-12-22 20:20 - 2019-12-22 20:56 - 000000000 ____D C:\Users\Desk\Desktop\mbar
2019-12-22 20:20 - 2019-12-22 20:56 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-12-22 20:19 - 2019-12-22 20:19 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Desk\Desktop\mbar-1.10.3.1001.exe
2019-12-22 20:16 - 2019-12-22 20:16 - 000001551 _____ C:\Users\Desk\Desktop\analisis pers.txt
2019-12-22 17:56 - 2019-12-22 17:56 - 000001553 _____ C:\Users\Desk\Desktop\08.txt
2019-12-22 17:55 - 2019-12-22 17:55 - 008162616 _____ (ESET spol. s r.o.) C:\Users\Desk\Downloads\esetonlinescanner_esn.exe
2019-12-22 17:08 - 2019-12-22 17:08 - 001883976 _____ (Malwarebytes) C:\Users\Desk\Downloads\MBSetup.exe
2019-12-22 17:03 - 2019-12-22 17:03 - 000001550 _____ C:\Users\Desk\Desktop\010.txt
2019-12-22 16:27 - 2019-12-22 16:27 - 000001550 _____ C:\Users\Desk\Desktop\malbt.txt
2019-12-22 16:16 - 2019-12-22 16:16 - 000000000 ____D C:\Users\Desk\Desktop\tdd
2019-12-22 16:15 - 2019-12-22 16:51 - 000001862 _____ C:\Users\Desk\Desktop\10.txt
2019-12-22 16:11 - 2019-12-22 16:11 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-22 16:11 - 2019-12-22 16:11 - 000002892 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-12-22 16:11 - 2019-12-22 16:11 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-22 16:11 - 2019-12-22 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-22 16:10 - 2019-12-22 16:57 - 000000000 ____D C:\Program Files\CCleaner
2019-12-22 16:06 - 2019-12-22 16:22 - 000000000 ____D C:\AdwCleaner
2019-12-22 16:06 - 2019-12-22 16:07 - 025441808 _____ (Piriform Software Ltd) C:\Users\Desk\Downloads\ccsetup562.exe
2019-12-22 16:05 - 2019-12-22 16:05 - 008237744 _____ (Malwarebytes) C:\Users\Desk\Desktop\adwcleaner_8.0.1.exe
2019-12-16 12:12 - 2019-12-16 12:12 - 000449842 _____ C:\Users\Desk\Downloads\Dialnet-EstacionCentralDeBrasil-2039690.pdf
2019-12-16 10:19 - 2019-12-16 10:19 - 000000000 ____D C:\Users\Desk\AppData\Local\cache
2019-12-12 00:25 - 2019-12-12 00:25 - 025443840 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 018020352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 009927992 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 007905000 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 007754240 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 007600448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 006516648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 006083832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 005943296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 005914112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-12-12 00:25 - 2019-12-12 00:25 - 002800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-12-12 00:25 - 2019-12-12 00:25 - 002762296 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 002698768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-12-12 00:25 - 2019-12-12 00:25 - 002494432 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 002188816 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 002147328 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 002082208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001757304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-12 00:25 - 2019-12-12 00:25 - 001743888 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001697280 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001664904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001656600 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001610752 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001539584 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001512528 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 001496080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001451520 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 001413840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001399312 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 001366128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-12 00:25 - 2019-12-12 00:25 - 001261464 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 001098928 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001072952 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 001066496 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 001054864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000986936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-12-12 00:25 - 2019-12-12 00:25 - 000921600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000842552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000822416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 000797112 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000774456 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000674280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 000673456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 000646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000598016 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000593128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2019-12-12 00:25 - 2019-12-12 00:25 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-12-12 00:25 - 2019-12-12 00:25 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000530944 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-12-12 00:25 - 2019-12-12 00:25 - 000511000 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-12-12 00:25 - 2019-12-12 00:25 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-12-12 00:25 - 2019-12-12 00:25 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2019-12-12 00:25 - 2019-12-12 00:25 - 000210744 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000127272 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-12-12 00:25 - 2019-12-12 00:25 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000097080 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000089536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000032056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2019-12-12 00:25 - 2019-12-12 00:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-12-12 00:25 - 2019-12-12 00:25 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-12-12 00:24 - 2019-12-12 00:25 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-12-12 00:24 - 2019-12-12 00:24 - 007278592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 003703296 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 002284544 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 001748480 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-12-12 00:24 - 2019-12-12 00:24 - 001006904 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-12 00:24 - 2019-12-12 00:24 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 000422712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-12-12 00:24 - 2019-12-12 00:24 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-12-12 00:24 - 2019-12-12 00:24 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2019-12-12 00:24 - 2019-12-12 00:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 000067112 _____ (Microsoft Corporation) C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\DevQueryBroker.dll
2019-12-12 00:24 - 2019-12-12 00:24 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\autopilotdiag.dll
2019-12-09 23:26 - 2019-12-09 23:26 - 000000028 _____ C:\Users\Desk\Downloads\7406-16502638.pdf
2019-12-06 10:14 - 2019-12-06 10:14 - 000182561 _____ C:\Users\Desk\Downloads\boleta nuevaa.pdf
2019-12-05 18:26 - 2019-12-05 18:26 - 000436382 _____ C:\Users\Desk\Downloads\ListadoAlumnos-PortuguesT-Vespertino_02Dic2019.xlsx
2019-12-04 12:08 - 2019-12-04 12:08 - 000026801 _____ C:\Users\Desk\Desktop\mmmmmmmmmmm.pdf
2019-12-03 20:41 - 2019-12-03 20:42 - 000000000 ____D C:\Users\Desk\Desktop\matildaa
2019-12-03 18:16 - 2019-12-03 18:16 - 000108786 _____ C:\Users\Desk\Downloads\Certificado.pdf
2019-12-01 22:52 - 2019-12-01 22:52 - 000191363 _____ C:\Users\Desk\Downloads\INFO ÚTIL NIVELACION TERCIARIO AENS.pdf
2019-12-01 22:36 - 2019-12-01 22:36 - 000436382 _____ C:\Users\Desk\Downloads\ListadoAlumnos-PortuguesT-Vespertino (1).xlsx
2019-11-26 20:18 - 2019-11-26 20:18 - 000199726 _____ C:\Users\Desk\Desktop\04111222.psd
2019-11-26 11:47 - 2019-11-26 11:47 - 153384930 _____ C:\Users\Desk\Downloads\banda sonora gladiador.mp4
2019-11-26 11:45 - 2019-11-26 11:45 - 028904622 _____ C:\Users\Desk\Downloads\resumen de la pelicula gladiador.mp4
2019-11-26 11:33 - 2019-11-26 11:33 - 002779832 _____ C:\Users\Desk\Downloads\videoplayback.mp4
2019-11-26 11:04 - 2019-11-26 11:04 - 000000000 ____D C:\Users\Desk\Desktop\20199
2019-11-25 14:27 - 2019-11-25 14:27 - 000075186 _____ C:\Users\Desk\Downloads\Questionário 1 (13_9).pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-23 12:37 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2019-12-23 12:22 - 2019-09-26 18:19 - 000004220 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{5138A5C9-2C92-4A3F-846C-506AFC9AA1BA}
2019-12-23 12:19 - 2019-09-20 10:28 - 000000000 __SHD C:\Users\Desk\IntelGraphicsProfiles
2019-12-23 12:19 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-22 23:35 - 2019-09-20 09:52 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-12-22 21:22 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-22 21:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2019-12-22 20:21 - 2019-09-23 11:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-22 17:10 - 2019-09-23 11:10 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-22 17:09 - 2019-09-23 11:10 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-22 17:09 - 2019-09-23 11:10 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-12-22 17:03 - 2019-09-20 10:03 - 001684180 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-22 17:03 - 2019-03-19 08:59 - 000752490 _____ C:\Windows\system32\perfh00A.dat
2019-12-22 17:03 - 2019-03-19 08:59 - 000148070 _____ C:\Windows\system32\perfc00A.dat
2019-12-22 16:57 - 2019-09-20 09:52 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-22 16:57 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI
2019-12-22 16:20 - 2019-09-20 05:51 - 000000000 ____D C:\Windows\Panther
2019-12-22 15:18 - 2019-11-17 18:49 - 000000000 ____D C:\Program Files (x86)\Age of Empires II HD
2019-12-19 23:45 - 2019-09-20 10:00 - 000000000 ____D C:\Users\Desk\AppData\Local\Packages
2019-12-18 23:25 - 2019-09-20 10:25 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 23:25 - 2019-09-20 10:25 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-14 15:19 - 2019-09-20 10:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-14 04:45 - 2019-09-20 10:24 - 000003622 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 04:45 - 2019-09-20 10:24 - 000003498 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 19:57 - 2019-09-20 10:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-12 19:57 - 2019-09-20 10:00 - 000000000 ___RD C:\Users\Desk\3D Objects
2019-12-12 19:56 - 2019-09-20 09:52 - 005157432 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-12 01:01 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SystemResources
2019-12-12 01:01 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ShellExperiences
2019-12-12 01:01 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\bcastdvr
2019-12-12 00:29 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2019-12-12 00:28 - 2019-09-23 01:09 - 000000000 ____D C:\Windows\system32\MRT
2019-12-12 00:27 - 2019-09-23 01:09 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-10 21:42 - 2019-09-20 10:00 - 000000000 ____D C:\Users\Desk
2019-12-07 10:42 - 2019-09-20 09:52 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-12-03 21:10 - 2019-11-14 00:19 - 000000000 ____D C:\Users\Desk\Desktop\cmpl
2019-11-25 21:15 - 2019-09-20 14:32 - 000000000 ____D C:\Users\Desk\AppData\Local\ElevatedDiagnostics
2019-11-25 14:54 - 2019-11-20 18:12 - 000000000 ____D C:\Users\Desk\Desktop\09 - Didact esp 1 - ayudas
2019-11-25 03:17 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories ========

2007-10-04 12:00 - 2007-10-04 12:00 - 000003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Informe Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2019
Ran by Desk (23-12-2019 12:40:29)
Running from C:\Users\Desk\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-09-20 12:57:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-165515872-560560262-2892136512-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-165515872-560560262-2892136512-503 - Limited - Disabled)
Invitado (S-1-5-21-165515872-560560262-2892136512-501 - Limited - Disabled)
Desk (S-1-5-21-165515872-560560262-2892136512-1001 - Administrator - Enabled) => C:\Users\Desk
WDAGUtilityAccount (S-1-5-21-165515872-560560262-2892136512-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.05 - Ilya Morozov)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.6.0.25114 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Java 2 Runtime Environment, SE v1.4.2_06 (HKLM-x32\...\{7148F0A8-6813-11D6-A77B-00B0D0142060}) (Version: 1.4.2_06 - Sun Microsystems, Inc.)
Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo)
Loquendo TTS 7 Felipe Multimedia High Quality (HKLM-x32\...\{A1614B8B-E966-4512-BEA9-13A4779983FF}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Fernanda Multimedia High Quality (HKLM-x32\...\{975D7450-C0A7-4AD7-8903-3957B0F92B42}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Portuguese (HKLM-x32\...\{C278A74A-707D-49B5-B847-651B4B80EDED}) (Version: 7.4.0 - Loquendo)
Loquendo TTS Eusebio 6.5.0 (HKLM-x32\...\{8CA82F29-336D-4986-BBC1-2B03C3D4DB4A}) (Version: 6.5.0 - Loquendo)
Loquendo TTS SDK 6.5.4 (HKLM-x32\...\{2A203EFC-1B75-40A3-B5B5-F2C94C4DDFFA}) (Version: 6.5.4 - Loquendo)
Loquendo TTS: Amalia (Portuguese) (HKLM-x32\...\LoqTTS-Amalia_is1) (Version:  - )
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-165515872-560560262-2892136512-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.4.0_x86__kgqvnymyfvs32 [2019-12-11] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.27.6.0_x86__kgqvnymyfvs32 [2019-12-13] (king.com)
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1725.0_x64__8j3eq9eme6ctt [2019-10-25] (INTEL CORP) [Startup Task]
Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-16] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-09-20] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-11-21] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0 [2019-12-20] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll [2012-04-06] (Ilya Morozov) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Desk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2012-04-06 15:36 - 2012-04-06 15:36 - 000360720 _____ (Ilya Morozov) [File not signed] C:\Program Files (x86)\Balabolka\BFileExt.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2019-10-18 11:32 - 2019-10-18 17:05 - 000000445 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-165515872-560560262-2892136512-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Desk\Pictures\wallpapaers\red_floweraa2.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{85899F1C-E2EB-4B42-B462-DB2C911F2ED6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{47AD2432-416C-4F7E-8296-02828B1926E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{004FD39B-97E7-4F22-819F-CB8F75A58F63}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{035201AE-6348-4CEB-A4CB-4C9BB1AF8853}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6538E66-5ABE-4A52-AA70-7385DA780296}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{D391A8B4-8109-4FB8-807C-6B59466D697F}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{094F470F-C74B-4CEB-9198-6FE52DECA9F9}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{71F3FE37-A5E5-41C3-9235-9A09A93E8B21}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{430224C9-D9BE-4E81-BBE3-C583CEA630AF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DBB626B4-FB2E-4DB0-B544-69ECE48CCF8A}C:\users\Desk\desktop\age of empire ii\empires2.exe] => (Block) C:\users\Desk\desktop\age of empire ii\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{7FB4F058-62BC-4A00-8C07-C470B7E3848A}C:\users\Desk\desktop\age of empire ii\empires2.exe] => (Block) C:\users\Desk\desktop\age of empire ii\empires2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{6DCB1F24-8043-4B49-85D2-9DDB7CFE4B3A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{50A681D3-6662-4690-9D44-78DE0960A299}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BFD395D-07DF-43FF-B32E-8EF0C432C711}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AD00EEF0-CCC4-4DB2-8938-9D7019BA6750}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B2B649FA-05C6-44A8-9B50-8DF09D461A57}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6DE54E6-94A7-4AE6-8F88-D62B627493C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FA609C10-2862-4670-B56D-AF71A9DE6D9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{08A3399A-1D03-4A34-AF35-91CDB8E8561A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{75690EF7-3BD5-46DD-A58A-D1DC83992E61}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

04-12-2019 16:52:26 Punto de control programado
11-12-2019 18:19:00 Punto de control programado
19-12-2019 12:44:11 Punto de control programado

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/13/2019 08:58:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x000d437b
Identificador del proceso con errores: 0x1a70
Hora de inicio de la aplicación con errores: 0x01d5b1fcfda3cb53
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: a5fc5747-35fb-4f7a-9b51-5567075bd379
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/13/2019 08:58:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000d437b
Identificador del proceso con errores: 0x1a70
Hora de inicio de la aplicación con errores: 0x01d5b1fcfda3cb53
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: 6e440cec-c895-4def-b7b0-5e92ec6e21c2
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/13/2019 06:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x000d437b
Identificador del proceso con errores: 0x1624
Hora de inicio de la aplicación con errores: 0x01d5b1fcd53e71f2
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: 4cfcc2cf-fed3-4ef6-9f8c-5e8bc238e612
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/13/2019 06:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000d437b
Identificador del proceso con errores: 0x1624
Hora de inicio de la aplicación con errores: 0x01d5b1fcd53e71f2
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: 582cfc2a-2be7-45ce-a40f-8ed5c6126be2
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/12/2019 12:07:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (12/12/2019 12:07:41 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (12/11/2019 04:22:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc000000d
Desplazamiento de errores: 0x003238db
Identificador del proceso con errores: 0x1f8
Hora de inicio de la aplicación con errores: 0x01d5b058285cf336
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: 20c8d02c-3ba4-4b34-a515-d721ea4e78f9
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/06/2019 03:53:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Nombre del módulo con errores: AoK HD.exe, versión: 4.2.1748.4401, marca de tiempo: 0x515c8781
Código de excepción: 0xc000000d
Desplazamiento de errores: 0x003238db
Identificador del proceso con errores: 0x1fc8
Hora de inicio de la aplicación con errores: 0x01d5ac63b78a34d2
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Identificador del informe: e3dee752-a086-410d-9674-166fe67bcdee
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (12/22/2019 04:57:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN no se pudo iniciar.

Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll
Código de error: 126

Error: (12/22/2019 04:57:00 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.

Error: (12/22/2019 03:13:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN no se pudo iniciar.

Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll
Código de error: 126

Error: (12/22/2019 03:13:18 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Error irrecuperable al procesar los datos de restauración.

Error: (12/22/2019 03:13:45 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 20:01:25 del ‎20/‎12/‎2019 resultó inesperado.

Error: (12/19/2019 11:44:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN no se pudo iniciar.

Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll
Código de error: 126

Error: (12/19/2019 11:43:35 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Error irrecuperable al procesar los datos de restauración.

Error: (12/19/2019 11:44:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 19:44:00 del ‎19/‎12/‎2019 resultó inesperado.


Windows Defender:
===================================
Date: 2019-12-22 16:03:09.390
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C377E073-A8B9-45C1-AC10-3FF3DCC15180}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Desk: NT AUTHORITY\SYSTEM

Date: 2019-12-22 15:51:18.802
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {0A7CB5F9-8D89-4F0B-8321-139E8F9AA673}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Desk: NT AUTHORITY\SYSTEM

Date: 2019-12-22 15:18:35.468
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.A!ml&threatid=2147735504&enterprise=0
Nombre: Trojan:Win32/Wacatac.A!ml
Id.: 2147735504
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\Age of Empires II HD\steam_api.dll
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Desk: DESKTOP-EI6KTDO\Desk
Nombre de proceso: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Versión de inteligencia de seguridad: AV: 1.307.955.0, AS: 1.307.955.0, NIS: 1.307.955.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2019-12-22 15:18:24.566
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.A!ml&threatid=2147735504&enterprise=0
Nombre: Trojan:Win32/Wacatac.A!ml
Id.: 2147735504
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\Age of Empires II HD\steam_api.dll
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Desk: DESKTOP-EI6KTDO\Desk
Nombre de proceso: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Versión de inteligencia de seguridad: AV: 1.307.955.0, AS: 1.307.955.0, NIS: 1.307.955.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2019-12-22 15:18:19.109
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.A!ml&threatid=2147735504&enterprise=0
Nombre: Trojan:Win32/Wacatac.A!ml
Id.: 2147735504
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\Age of Empires II HD\steam_api.dll
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Desk: DESKTOP-EI6KTDO\Desk
Nombre de proceso: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe
Versión de inteligencia de seguridad: AV: 1.307.955.0, AS: 1.307.955.0, NIS: 1.307.955.0
Versión de motor: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2019-11-25 01:05:41.790
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.305.2700.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Desk: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16500.1
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-12-23 12:26:04.545
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-23 12:25:47.328
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-23 12:24:40.166
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-23 12:24:39.313
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-23 12:24:36.793
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-23 12:23:34.154
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-23 12:23:33.554
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-23 12:23:32.195
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. F20 11/16/2016
Motherboard: Gigabyte Technology Co., Ltd. H110M-H-CF
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 36%
Total physical RAM: 8104.43 MB
Available physical RAM: 5163.93 MB
Total Virtual: 9384.43 MB
Available Virtual: 6442.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.95 GB) (Free:870.28 GB) NTFS
Drive g: () (Fixed) (Total:298.09 GB) (Free:261.81 GB) NTFS

\\?\Volume{2bf1b162-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.57 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BF1B162)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-165515872-560560262-2892136512-1001\...\MountPoints2: {7fd72d23-e912-11e9-855a-1c1b0da52c46} - "D:\LaunchU3.exe" -a
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
CHR Notifications: Default -> hxxps://asepurch.pro; hxxps://checking-your-browser.com; hxxps://eadingenered.pro; hxxps://maranhesduve.club; hxxps://notification-list.com; hxxps://tmearn.com; hxxps://www1.bethanyharrell.pro; hxxps://www1.lucienmann.pro; hxxps://www1.ramirocampos.pro
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

1 me gusta

@JavierHF yo volví a activar el antivirus. Consulta para hacer este paso, tengo que volver a desactivarlo o no influye en el resultado del examen?

Hola.

Mejor desactivarlo, para que NO entorpezca en las acciones de corrección que tenga que realizar FRST. :+1:

Hola, @JavierHF disculpa la demora, con las fiestas no pude realizar ningún test. Felices fiestas para todos.

Te dejó el informe:Tarde pero seguro. :upside_down_face:

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-12-2019
Ran by Desk (25-12-2019 21:53:50) Run:1
Running from C:\Users\Desk\Desktop
Loaded Profiles: Desk (Available Profiles: Desk)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-165515872-560560262-2892136512-1001\...\MountPoints2: {7fd72d23-e912-11e9-855a-1c1b0da52c46} - "D:\LaunchU3.exe" -a
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
CHR Notifications: Default -> hxxps://asepurch.pro; hxxps://checking-your-browser.com; hxxps://eadingenered.pro; hxxps://maranhesduve.club; hxxps://notification-list.com; hxxps://tmearn.com; hxxps://www1.bethanyharrell.pro; hxxps://www1.lucienmann.pro; hxxps://www1.ramirocampos.pro
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKU\S-1-5-21-165515872-560560262-2892136512-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7fd72d23-e912-11e9-855a-1c1b0da52c46} => removed successfully
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC" => not found
C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll => moved successfully
"Chrome Notifications" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-165515872-560560262-2892136512-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-165515872-560560262-2892136512-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 56891284 B
Java, Flash, Steam htmlcache => 510 B
Windows/system/drivers => 3287743 B
Edge => 256205 B
Chrome => 135881152 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 13124 B
Desk => 14500991 B

RecycleBin => 0 B
EmptyTemp: => 208.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:54:34 ====

Hola.

Perfecto. :clap:

Y como notas el equipo en relación al problema planteado inicialmente. :thinking:

FELICES FIESTAS para ti también. :champagne: :clinking_glasses:

Saludos.

Hola @JavierHF

El equipo está mucho mejor, ya no está lento, no se congela y no hay más pantalla negra.

Quería agradecerte por tu ayuda y paciencia. Mis mejores deseos para todos los integrantes de este foro, estoy muy contenta de ser parte. Muchas felicidades. :champagne:

1 me gusta

Perfecto @Laura :+1: excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Solucionado.

Saludos, Javier.