Hola, ¿como están?, tanto tiempo. En esta oportunidad me encuentro tratando de eliminar un virus que me lo pesqué bajando películas y que avast lo capta cada 5 segundos (literalmente) sonando el pimpimpim característico de este antivirus, y nunca lo termina de eliminar, supuestamente lo manda al baúl de virus pero sigue apareciendo la alerta una y otra vez. En la descripción de la alerta dice crambo.exe infectado por win32:adware-gen, ubicado en C:\ProgramData\CloudPrinter. Bueno, eso sería todo, haber si me pueden dar una mano con esto. Tengo Windows 7. Agradecido de antemano. Saludos. Leo.
Buenas @leodan.
Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. 
Desactiva temporalmente el Antivirus 
[Cómo deshabilitar temporalmente su Antivirus , mientras estemos realizando TODOS los pasos.
Vamos a descargar en TU ESCRITORIO(y NO en otro lugar 
) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :
-
Malwarebytes’ Anti-Malware + Manual.
revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente. -
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo.
Como saber si Mi Windows es de 32 o 64 Bits ?.
Ejecutas las herramientas de una en una y en el orden indicado :
CCleaner.-
-
Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
-
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
-
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).
Malwarebytes.-
-
Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
-
Realiza un Análisis Personalizado.
-
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
-
En el apartado del programa
Historial de detecciones 
encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.
AdwCleaner.-
-
Ejecuta Adwcleaner.exe.
-
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
-
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt
Junkware Removal Tool.-
-
Ejecuta JRT.exe.
-
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
-
Si en algún momento te pide Reiniciar hazlo.
-
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
-
Copia y pega el contenido de JRT.txt en tu próxima respuesta.
Farbar Recovery Scan Tool.-
-
Ejecuta FRST.exe.
-
En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes
-
En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.
-
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los informes en tu próxima respuesta de :
- Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).
Y nos cuentas como funciona tu equipo en relación al problema planteado.
Saludos Javier.
Gracias por responder tan rápido. Me pondré manos a la obra pero antes tengo un par de dudas: 1- una vez que descargue todos los programas que me indicó ¿debo instalarlos y actualizarlos antes de desconectar internet? 2- ya tenia instalado previamente el cccleaner, ¿debo volver a descargarlo? parece una pregunta medio paba pero nunca se sabe. 3- por último ¿debo descargar los programas de la pagina de Forospyware o da lo mismo si los bajo de sus respectivas paginas? Aguardo su respuesta para proseguir. Muchas gracias.
Hola chicos y permiso:
@leodan Para que no pierdas tiempo debes hacer los pasos TAL CUAL te los expuso el compeñero @JavierHF
En ningún lado te menciona que desconectes Internet.
Obviamente NO, solo debes tenerlo atualizado.
Y tu que crees, para que crees que Javier se tomo la molestia de dejarte todos sus Manuales donde están los enlaces de descarga.
Vuelve a leer los pasos y realizalos tal cual te los indicaron.
Continuas con @JavierHF
Salu2
1 me gusta
Buenas noches. Termine de pasar todas las herramientas que me indicaste, y parece que el problema se solucionó, ya no salta la alerta del antivirus y por lo que vi de los informes, al final de cada escaneo, se ve que tenia re infectada la máquina. Dicho esto paso a pegar los informes solicitados.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 6/9/20
Hora del análisis: 1:19
Archivo de registro: 16ca0a72-eff8-11ea-845b-00ff41615e44.json
-Información del software-
Versión: 4.2.0.82
Versión de los componentes: 1.0.1036
Versión del paquete de actualización: 1.0.29507
Licencia: Prueba
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Leo-Jenny-PC\Leo-Jenny
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 250609
Amenazas detectadas: 117
Amenazas en cuarentena: 117
Tiempo transcurrido: 11 min, 14 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 18
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\mtQuoteex, En cuarentena, 942, 260621, 1.0.29507, , ame, , ,
PUP.Optional.Linkury, HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, En cuarentena, 263, 259313, 1.0.29507, , ame, , ,
PUP.Optional.Linkury, HKU\S-1-5-21-163027375-3699096611-532587941-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, En cuarentena, 263, 259313, 1.0.29507, , ame, , ,
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, En cuarentena, 263, 259314, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe, En cuarentena, 942, 260624, 1.0.29507, , ame, , ,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, En cuarentena, 532, 584322, 1.0.29507, , ame, , ,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, En cuarentena, 532, 518478, 1.0.29507, , ame, , ,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, En cuarentena, 532, 518476, 1.0.29507, , ame, , ,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\Speedycar, En cuarentena, 532, 518473, 1.0.29507, , ame, , ,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\TechnologyDesktopnew, En cuarentena, 532, 518479, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtQuoteex, En cuarentena, 942, 260625, 1.0.29507, , ame, , ,
Adware.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe, En cuarentena, 431, 527830, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, En cuarentena, 942, 259928, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASAPI32, En cuarentena, 942, 259705, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CloudPrinter_RASMANCS, En cuarentena, 942, 259705, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASAPI32, En cuarentena, 942, 260623, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASMANCS, En cuarentena, 942, 260623, 1.0.29507, , ame, , ,
Adware.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe, En cuarentena, 431, 527830, 1.0.29507, , ame, , ,
Valor del registro: 14
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 942, -1, 0.0.0, , action, , ,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 942, -1, 0.0.0, , action, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1001\ENVIRONMENT|SNF, En cuarentena, 942, -1, 0.0.0, , action, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1001\ENVIRONMENT|SNP, En cuarentena, 942, 259518, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1001\ENVIRONMENT|SNF, En cuarentena, 942, 259517, 1.0.29507, , ame, , ,
PUP.Optional.Linkury, HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, En cuarentena, 263, 259313, 1.0.29507, , ame, , ,
PUP.Optional.Linkury, HKU\S-1-5-21-163027375-3699096611-532587941-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, En cuarentena, 263, 259313, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, En cuarentena, 942, 259987, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, En cuarentena, 942, 259988, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, En cuarentena, 942, 259987, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, En cuarentena, 942, 259988, 1.0.29507, , ame, , ,
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, En cuarentena, 263, 259314, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, En cuarentena, 942, 259989, 1.0.29507, , ame, , ,
PUP.Optional.BazzSearch, HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|inafjghmmkmiobijhbgkfekenbfbklhb, En cuarentena, 214, 470343, , , , , ,
Datos del registro: 12
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Sustituido, 942, 293485, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Sustituido, 942, 293485, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Sustituido, 942, 293486, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Sustituido, 942, 293485, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, 942, 293485, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Sustituido, 942, 293485, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Sustituido, 942, 293485, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-163027375-3699096611-532587941-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Sustituido, 942, 293486, 1.0.29507, , ame, , ,
PUP.Optional.Linkury, HKU\S-1-5-21-163027375-3699096611-532587941-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Sustituido, 263, 293476, 1.0.29507, , ame, , ,
PUP.Optional.Linkury, HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Sustituido, 263, 293476, 1.0.29507, , ame, , ,
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Sustituido, 263, 293477, 1.0.29507, , ame, , ,
Adware.SonicSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Sustituido, 13780, 693611, 1.0.29507, , ame, , ,
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 11
Adware.Linkury, C:\ProgramData\Logic Cramble\X64, En cuarentena, 431, 431817, , , , , ,
Adware.Linkury, C:\ProgramData\Logic Cramble\X86, En cuarentena, 431, 431817, , , , , ,
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE, En cuarentena, 431, 431817, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\ondemand, En cuarentena, 942, 260620, , , , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\temp, En cuarentena, 942, 260620, , , , , ,
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX, En cuarentena, 942, 260620, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER, En cuarentena, 942, 259506, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS, En cuarentena, 198, 380106, 1.0.29507, , ame, , ,
PUP.Optional.BazzSearch, C:\USERS\LEO-JENNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\INAFJGHMMKMIOBIJHBGKFEKENBFBKLHB, En cuarentena, 214, 470343, 1.0.29507, , ame, , ,
Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\HOTSOLOTRAX, En cuarentena, 15192, 444934, 1.0.29507, , ame, , ,
PUP.Optional.BazzSearch, C:\USERS\LEO-JENNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 214, 550044, , , , , ,
Archivo: 62
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, En cuarentena, 942, 259512, 1.0.29507, , ame, , 75BEAB93F6A6AF6B6CB7F4E5844C9982, DC0BA7A6FF3A66CD537499D0895924E4B56B4637990132BAB49DC4D7E748D71C
Adware.Linkury, C:\ProgramData\Logic Cramble\X64\SQLite.Interop.dll, En cuarentena, 431, 431817, , , , , 0F3882305682D1DD5AF031CC90665880, 21D7B0087B05B51A390780FA25094AFE6F25B7CA8C5F2186439DFA80FD8607BD
Adware.Linkury, C:\ProgramData\Logic Cramble\X86\SQLite.Interop.dll, En cuarentena, 431, 431817, , , , , 969FBD4CE4F4135756BBA322261253D4, C54170C9F3FCE73CBC6C4643CA602012497F4165CF03F31B36EF66528DE739BB
Adware.Linkury, C:\ProgramData\Logic Cramble\Config.json, En cuarentena, 431, 431817, , , , , A5C8C934F83376F823F0826638DDC682, ED869F6DD5DB45203138E4CD909ED67758308A94841F45FD73E20386BD7EA6B6
Adware.Linkury, C:\ProgramData\Logic Cramble\set.exe.config, En cuarentena, 431, 431817, , , , , 353EAC273EA9C69F131E57359EA78462, 8095D5D81BD7D50F538AB8E6C52F7DDF05741F4A924A94ED4AB2F726439CEB03
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.dll, En cuarentena, 431, 431817, , , , , 8759967C3F6FFB79E60B84A5B364455D, 0AD10A3254A989CBB3A5855A951C2F416DF4815570A216FE3D728C59CDC9F655
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.Linq.dll, En cuarentena, 431, 431817, , , , , BFB6B630C409EB75ECC331C350D5538F, B7AC9B618110D4A4EE038DA7BF2AFDBE6407C64C26DFBA8A33E72CC370ED54E8
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.xml, En cuarentena, 431, 431817, , , , , 1BCF619EE70B01E642C2F7E140A7CE21, 549076194447BF90DE7B742CE55DF438BBE536D113E66DF2DA071B926D67BC22
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX\Bamtrax.bin, En cuarentena, 942, 260620, 1.0.29507, , ame, , 41DDFFA48C4FAAB775903BDBF0280E67, D44A6CCB25CBF10E39AD6B126BF91C36FA161980879D94B683858530D4A0FE0A
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Dongis.dat, En cuarentena, 942, 260620, , , , , 09EAB69315E00B74DFA2CA27A5542829, 1932EA0CDDDD375F97F990E76738FEA8D10BEB5F0107B21C9C0EE0713B429221
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Fixcore.bin, En cuarentena, 942, 260620, , , , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Geokix.exe, En cuarentena, 942, 260620, , , , , 9657BDDC6557AD6D00BEEF4C9980E961, 116A6D20629254E4E59334C8B34BB2422FF6684DD06BAB3FDACF12A8530CB144
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Geokix.exe.config, En cuarentena, 942, 260620, , , , , D0862E4FA687DFC92A3551F33977AF93, 8E7D2E5B0F17AE542DF528BDF6CADF0365FB224DF52289C3481C511465FAA066
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\md.xml, En cuarentena, 942, 260620, , , , , FFB9BF1A895AC00778EB2C27941240FB, 856E979BC8B8BDD37312FE3CA0C89AF832886591F8EAB1D0F582F89D53DAB3FC
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\mgkyl5wa.xml, En cuarentena, 942, 260620, , , , , 72AA57A836D2CD0052C51C7B595F1DBE, 2F9FC808A2F3F07ED68A0674AF60D724B2CE2FEF82778B1950A0A472B9BA18FF
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Ozer-Cof.bin, En cuarentena, 942, 260620, , , , , C58D32C71A2F0ED60E27895FD3D97A24, A2579E314755EF1EFEDDCB25D22DEAE700ECB8CC0B55D0112FA57669DD027F27
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.d.dat, En cuarentena, 942, 260620, , , , , 5D3518D2D4017999BAB19CA7503AC54C, 4812CCF99C7E5B3754EF6486031D6AC2EA96F5A96FE07F7F271B2E16498D2352
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.dat, En cuarentena, 942, 260620, , , , , F42BC392ADEF4193C7078E13DEA64355, 1A0C4FF208D74F9F2B0AA1A932008933D0081DB6DFA97BA9F5E56B12BEB7977D
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Redron.dat, En cuarentena, 942, 260620, , , , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\RonFintone.bin, En cuarentena, 942, 260620, , , , , ,
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Scotdex.exe, En cuarentena, 942, 260620, , , , , 8D2AB1ECD060EABC476E6C742AA27018, 6EE5A039B28882F46851BFAE3BAA8AD79906FB0F320418BB3FA8E2D97EFC537D
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Scotdex.exe.config, En cuarentena, 942, 260620, , , , , D0862E4FA687DFC92A3551F33977AF93, 8E7D2E5B0F17AE542DF528BDF6CADF0365FB224DF52289C3481C511465FAA066
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\SunLam.bin, En cuarentena, 942, 260620, , , , , 37D6DF8419F8026F550D8CFD09D869ED, 65C0FAF681A54AC68AE43CCA8BBE6500763620B3D4713FEE4EA319481504C45D
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Topity.dat, En cuarentena, 942, 260620, , , , , E0B082FE71D173C1235B4B497BA590C3, 6766E8368DB2C6C322F0942C6A83DAF347DE0695FA5AE34E775E846F57A54897
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Unasoncore.bin, En cuarentena, 942, 260620, , , , , 5C811C34BF4991C24036A5FC50885C39, 5D54B8A2B95AE21EC38187B4BBBDC1D5C6A3B2FC2E133FC5ADC329A43F1FA1B5
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\uninstall.dat, En cuarentena, 942, 260620, , , , , E7E55632CD88C6429E3F5FC4859BD79C, 3A60204712461328DB7666A54CB9CA792B9ACB1B550D41D03E1753DDB39490C9
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Zerlam.exe.config, En cuarentena, 942, 260620, , , , , D0862E4FA687DFC92A3551F33977AF93, 8E7D2E5B0F17AE542DF528BDF6CADF0365FB224DF52289C3481C511465FAA066
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX\BlueTip.bin, En cuarentena, 942, 260620, 1.0.29507, , ame, , ,
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX\conf.config, En cuarentena, 942, 260620, 1.0.29507, , ame, , 430FDC68C7E41DC19E245EAA11E3884D, 660287F99D2EAE1450B410CD29786FBFF5E9B10FCAA78422C56B2129DE8EE5B2
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\CLOUDPRINTER\CLOUDPRINTER.DAT, En cuarentena, 942, 259506, 1.0.29507, , ame, , 5AB28D7118C2B3780DB51863DCC491A3, 8DDF556F125FA9E1ABC47E8BF4A6E95D12748EE817D342E0EAA8365759DDACB7
PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\Config.xml, En cuarentena, 942, 259506, , , , , E6297CEC27E90CFD98BE622D6580A230, 8A369602189E47C4F9F8E9CE22BD6040FC9C496E5D16091698AD43CEA3A7CFC2
Adware.Linkury.Generic, C:\USERS\LEO-JENNY\APPDATA\LOCAL\NOAH.DAT, En cuarentena, 3764, 404865, 1.0.29507, , ame, , E7E55632CD88C6429E3F5FC4859BD79C, 3A60204712461328DB7666A54CB9CA792B9ACB1B550D41D03E1753DDB39490C9
Adware.Linkury.Generic, C:\USERS\LEO-JENNY\APPDATA\LOCAL\BioCof.tst, En cuarentena, 3764, 404871, 1.0.29507, , ame, , C0D2AD1C068EE5D33F257FDB8EE453A4, F26D6C995B7F7FBB40A96CD796EC04720B2D5A03DD1575493D990D3F33045DB3
Adware.Linkury.Generic, C:\USERS\LEO-JENNY\APPDATA\LOCAL\Quading.tst, En cuarentena, 3764, 404871, 1.0.29507, , ame, , 45ED44E31192C55659E0903343CF08A0, BC14CDC7DC37E3A20B0C02AA65FA873F0E19C1ED3143A43777270046ABCA45BF
Adware.Linkury.Generic, C:\USERS\LEO-JENNY\APPDATA\LOCAL\MAIN.DAT, En cuarentena, 3764, 442900, 1.0.29507, , ame, , F42BC392ADEF4193C7078E13DEA64355, 1A0C4FF208D74F9F2B0AA1A932008933D0081DB6DFA97BA9F5E56B12BEB7977D
Adware.Linkury.Generic, C:\USERS\LEO-JENNY\APPDATA\LOCAL\MD.XML, En cuarentena, 3764, 404866, 1.0.29507, , ame, , FFB9BF1A895AC00778EB2C27941240FB, 856E979BC8B8BDD37312FE3CA0C89AF832886591F8EAB1D0F582F89D53DAB3FC
Adware.Linkury.Generic, C:\USERS\LEO-JENNY\APPDATA\LOCAL\AGENT.DAT, En cuarentena, 3764, 404872, 1.0.29507, , ame, , 5D3518D2D4017999BAB19CA7503AC54C, 4812CCF99C7E5B3754EF6486031D6AC2EA96F5A96FE07F7F271B2E16498D2352
Trojan.Agent, C:\USERS\LEO-JENNY\APPDATA\LOCAL\LOBBY.DAT, En cuarentena, 501, 712637, 1.0.29507, , ame, , E7E55632CD88C6429E3F5FC4859BD79C, 3A60204712461328DB7666A54CB9CA792B9ACB1B550D41D03E1753DDB39490C9
Adware.Linkury, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\installer.dat, En cuarentena, 431, 715618, 1.0.29507, , ame, , 2494B1EAC57D75D16B7A7A8A03E4D46A, 1AD90F52F2D2CA61AD7CFFE21C7AB5A45F55B40711765179904D753AD8E27CF7
Adware.Linkury, C:\USERS\LEO-JENNY\APPDATA\LOCAL\installer.dat, En cuarentena, 431, 715618, 1.0.29507, , ame, , 2494B1EAC57D75D16B7A7A8A03E4D46A, 1AD90F52F2D2CA61AD7CFFE21C7AB5A45F55B40711765179904D753AD8E27CF7
Trojan.Agent, C:\USERS\LEO-JENNY\APPDATA\LOCAL\APPLICATIONHOSTING.DAT, En cuarentena, 501, 712640, 1.0.29507, , ame, , 5AB28D7118C2B3780DB51863DCC491A3, 8DDF556F125FA9E1ABC47E8BF4A6E95D12748EE817D342E0EAA8365759DDACB7
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En cuarentena, 15192, 444922, 1.0.29507, , ame, , 4453F09795BC472CB0B0213E51E746AB, 6F4AD71C0D17B62E980BE243E87215FA5683A96BE2FE591F60BC115F7689DBA5
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS\FF.HP, En cuarentena, 198, 380106, 1.0.29507, , ame, , 50AF62F4DD4CAD15122C04A38DFB0BFB, 4B05009EC98357BE2A1EF070E31760F73062F04D5D40EABC5C863B0B71271B50
PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\ff.NT, En cuarentena, 198, 380106, , , , , 4064FF4EAF9061B43FDB8E9CA49B2901, 0CEC20B303B879FADB003CCD00A939007B2353358DC29E2A824F44CCDBA57A35
PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\snp.sc, En cuarentena, 198, 380106, , , , , 9C7BBA9318BB1F7D1E120AD2DB13F4EC, 4C29248911A507EDE38BE920BA886365D985F70C10D685E2F9662CED54D7F672
Adware.Linkury.TskLnk, C:\USERS\LEO-JENNY\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En cuarentena, 15192, 444923, 1.0.29507, , ame, , 1C68646A65D71BEC9BF8470529ECE486, A3C391C35813C8B9D69D0A63E39FC7BF85F51955F6E07DBEF320E2E135ECB373
PUP.Optional.BazzSearch, C:\USERS\LEO-JENNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 214, 470343, , , , , 278994BF8F088AD1D9D33ADD9AB59449, 44B1E4E68DFA06FB06606F926290F177B944C28CBF74B55581039FA8633F6E80
PUP.Optional.BazzSearch, C:\USERS\LEO-JENNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, 214, 470343, , , , , 78A722457BF4EC8117F0E266013BC469, 668EBBAC58CE963E1D71382D6AC88E1BBCF0DEF48BF3094A2B19DC7CACF80681
PUP.Optional.BazzSearch, C:\USERS\LEO-JENNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\INAFJGHMMKMIOBIJHBGKFEKENBFBKLHB\2.0.2_0\MANIFEST.JSON, En cuarentena, 214, 470343, 1.0.29507, , ame, , 582F7A5437F3ABD47FE53312E21A8D49, BD39AE8CEF0B6BE920149BBF337510D077FF5383F4632C859AF9FB8341197EDF
Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\HOTSOLOTRAX\INSTALLATIONCONFIGURATION.XML, En cuarentena, 15192, 444934, 1.0.29507, , ame, , 1C68646A65D71BEC9BF8470529ECE486, A3C391C35813C8B9D69D0A63E39FC7BF85F51955F6E07DBEF320E2E135ECB373
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\HotSolotrax\uninstall.dat, En cuarentena, 15192, 444934, , , , , 2494B1EAC57D75D16B7A7A8A03E4D46A, 1AD90F52F2D2CA61AD7CFFE21C7AB5A45F55B40711765179904D753AD8E27CF7
Adware.Linkury.Generic, C:\USERS\LEO-JENNY\APPDATA\LOCAL\CONFIG.XML, En cuarentena, 3764, 404859, 1.0.29507, , ame, , 3C1059989B0E249AF6E00E2A567A41EB, 691D449973F93B46CE1DF12554EA28657021848EEE803D8A56AAEA2EC2DBBE00
PUP.Optional.BazzSearch, C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 214, 550044, , , , , CCC0C97578377FA3C4AD2C947355D4FB, E213B700E543A72986DDCCC9E880321EEEE4D7F821158B87F7AD744E9EB3D217
PUP.Optional.BazzSearch, C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000155.log, En cuarentena, 214, 550044, , , , , EBE6B9ABA1A12E8B9DC7F485A81B642E, 4EF7542979A30E0A2820FE1F60CB6E209B4CE966D227A4A76660C3DCB1BA4246
PUP.Optional.BazzSearch, C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000157.ldb, En cuarentena, 214, 550044, , , , , 13E04AFD4A315D42B9DACFB26E92ADBE, 4004A70285A72D0DDB777B125FFEE75FA952D1E56BBB5936F25C9976444DA0D4
PUP.Optional.BazzSearch, C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 214, 550044, , , , , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.BazzSearch, C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 214, 550044, , , , , ,
PUP.Optional.BazzSearch, C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 214, 550044, , , , , A061FF300A9359E7B53374DB8438F28B, 246F74B1F9E0346971B43D9FCFE688AEA1F1C53E789BB21CDC9BAF52E9336F03
PUP.Optional.BazzSearch, C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 214, 550044, , , , , 4536CD89E5CCA0813FEF9749E8321A5A, 3BB22B66671242D841B7369691BA8335919B213AF678923DFA907C5EBA982280
PUP.Optional.BazzSearch, C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 214, 550044, , , , , 7406A3789373B37D6C48805A4ED06008, 373FB224A9E34FD923CBBFEEC554455856E60CF00FFAC216A9AB4ADC1994C20E
PUP.Optional.BazzSearch, C:\USERS\LEO-JENNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 214, 550044, 1.0.29507, , ame, , 278994BF8F088AD1D9D33ADD9AB59449, 44B1E4E68DFA06FB06606F926290F177B944C28CBF74B55581039FA8633F6E80
Adware.DownloadAssistant, D:\USERS\LEO-JENNY\DOWNLOADS\ULTRASURFBYINFORMACIONLIBRE.RAR, En cuarentena, 1194, 650123, 1.0.29507, A85A1A1D8FBB201893A147EE, dds, 00884350, EBB5577515C7744C0F91ABCDC817B857, 4FDA32DCBD6D34719A97D275E3A06925AFC69555DC6120B2668A8318DEEB0733
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-06-2020
# Duration: 00:01:15
# OS: Windows 7 Home Basic
# Scanned: 31837
# Detected: 69
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Legacy C:\Program Files (x86)\mipony
PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mipony
PUP.Optional.Legacy C:\Users\Leo-Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mipony
PUP.Optional.Legacy C:\Users\Leo-Jenny\AppData\Roaming\mipony
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
***** [ Files ] *****
PUP.Optional.Legacy C:\Users\Leo-Jenny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
PUP.Optional.Legacy C:\Users\Leo-Jenny\Desktop\MiPony.lnk
PUP.Optional.Legacy C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
PUP.Optional.Legacy C:\Users\UpdatusUser\Desktop\MiPony.lnk
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
PUP.Optional.Legacy HKLM\Software\Classes\mipony
PUP.Optional.Legacy HKLM\Software\Classes\mpybrowser
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\MiPony
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\WebCompanion.exe
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}
Preinstalled.SamsungEasyBatteryManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD7756F6-58C7-43B3-A5E4-B1F0790A0748}
Preinstalled.SamsungEasyBatteryManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasyBatteryManager
Preinstalled.SamsungEasyBatteryManager Task C:\Windows\System32\Tasks\EASYBATTERYMANAGER
Preinstalled.SamsungEasyDisplayManager Folder C:\ProgramData\SAMSUNG\EASY DISPLAY MANAGER
Preinstalled.SamsungEasyDisplayManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22C0AD8A-377B-49F7-B68B-96210D26A9EE}
Preinstalled.SamsungEasyDisplayManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasyDisplayMgr
Preinstalled.SamsungEasyDisplayManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{17283B95-21A8-4996-97DA-547A48DB266F}
Preinstalled.SamsungEasyDisplayManager Task C:\Windows\System32\Tasks\EASYDISPLAYMGR
Preinstalled.SamsungEasySettings Folder C:\Program Files (x86)\SAMSUNG\EASY SETTINGS
Preinstalled.SamsungEasySettings Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\EASY SETTINGS
Preinstalled.SamsungEasySoftwareManager Folder C:\Program Files (x86)\SAMSUNG\EASY SOFTWARE MANAGER
Preinstalled.SamsungEasySoftwareManager Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\EASY SOFTWARE MANAGER
Preinstalled.SamsungEasySoftwareManager Folder C:\ProgramData\SAMSUNG\EASY SOFTWARE MANAGER
Preinstalled.SamsungEasySoftwareManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DE256D8B-D971-456D-BC02-CB64DA24F115}
Preinstalled.SamsungSupportCenter1.0 Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD8F89EF-9D82-4E10-B0CB-A746E8232728}
Preinstalled.SamsungSupportCenter1.0 Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SamsungSupportCenter
Preinstalled.SamsungSupportCenter1.0 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{F687E657-F636-44DF-8125-9FEEA2C362F5}
Preinstalled.SamsungSupportCenter1.0 Task C:\Windows\System32\Tasks\SAMSUNGSUPPORTCENTER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\AGATHA CHRISTIE - DEATH ON THE NILE
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BUILD-A-LOT
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\CHUZZLE DELUXE
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\FARM FRENZY
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PEGGLE
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PENGUINS!
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR GOLFER
Preinstalled.WildTangentGamesBundle Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Game Console - WildGames
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT085559
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT085567
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT085580
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT085583
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT085587
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT085597
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT085618
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT085622
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT085663
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT085669
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT089285
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WT089286
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-wildgames-main
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-06-2020
# Duration: 00:00:04
# OS: Windows 7 Home Basic
# Cleaned: 23
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\mipony
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mipony
Deleted C:\Users\Leo-Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mipony
Deleted C:\Users\Leo-Jenny\AppData\Roaming\mipony
***** [ Files ] *****
Deleted C:\Users\Leo-Jenny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
Deleted C:\Users\Leo-Jenny\Desktop\MiPony.lnk
Deleted C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
Deleted C:\Users\UpdatusUser\Desktop\MiPony.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\WebCompanion.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
Deleted HKLM\Software\Classes\mipony
Deleted HKLM\Software\Classes\mpybrowser
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\MiPony
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [9432 octets] - [06/09/2020 01:49:08]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Basic x64
Ran by Leo-Jenny (Administrator) on 06/09/2020 at 1:58:34,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 55
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{202655CF-F1B1-4E50-B8F6-9A29F320E5C3} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{36806E8C-22ED-41DA-8265-9B9A24CA2383} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{3864AD6D-4DAD-4A44-9747-A66865489432} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{38CBF01B-CE11-4581-8ABE-C4F531A21671} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{600FF5C6-7485-4C75-A37B-5465436324EC} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{7BEC0638-230B-480E-960C-00278A6FA303} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{82A15628-2AA2-48A7-A3EF-634D18E94993} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{880FC578-7175-4005-89AE-3BE20835F13A} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{96B1A572-4A6B-41D1-9C33-316ED4118977} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{A0B8F718-25EE-4E7F-A273-6AB2A9062140} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{A13B2D1D-5C45-4CFA-A343-07BBF9BD56E6} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{B710D920-3710-4A0F-9CBE-F92BD122C129} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{D56BB947-B317-4695-8027-8B095A8846DE} (Empty Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\{F4B3A571-22E6-4A9D-820A-524D34B0B8B8} (Empty Folder)
Successfully deleted: C:\windows\system32\Tasks\EasySpeedUpManager (Task)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\07PQWURE (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36Q21WY5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\956BUD4E (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AL3MV379 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BK5Z40CV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DN3EXXXA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FLZKZRIF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FPTWI6H3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2A4AY4E (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXUC6HO8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LHHFQ6MS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0EOTYAA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PHE30YQA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PLF6O285 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKUJO7S6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Leo-Jenny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y2U2B3P9 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\07PQWURE (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36Q21WY5 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\956BUD4E (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AL3MV379 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BK5Z40CV (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DN3EXXXA (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FLZKZRIF (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FPTWI6H3 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J2A4AY4E (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KXUC6HO8 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LHHFQ6MS (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N0EOTYAA (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PHE30YQA (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PLF6O285 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKUJO7S6 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y2U2B3P9 (Temporary Internet Files Folder)
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4b75f94b-6db8-4698-8471-86d9626275e2} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4b75f94b-6db8-4698-8471-86d9626275e2} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/09/2020 at 2:04:04,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 03-09-2020
Ejecutado por Leo-Jenny (06-09-2020 02:10:29)
Ejecutado desde C:\Users\Leo-Jenny\Desktop
Windows 7 Home Basic Service Pack 1 (X64) (2016-12-26 15:51:31)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-163027375-3699096611-532587941-500 - Administrator - Disabled)
Invitado (S-1-5-21-163027375-3699096611-532587941-501 - Limited - Disabled)
Leo-Jenny (S-1-5-21-163027375-3699096611-532587941-1001 - Administrator - Enabled) => C:\Users\Leo-Jenny
UpdatusUser (S-1-5-21-163027375-3699096611-532587941-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (HKLM-x32\...\{539A0CEA-17E4-4FE4-A5E8-EC5D40610A79}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Agatha Christie - Death on the Nile (HKLM-x32\...\WT085587) (Version: 2.2.0.82 - WildTangent) Hidden
Argente - Registry Cleaner 3.1.1.0 (HKLM-x32\...\Argente - Registry Cleaner_is1) (Version: 3.1.1.0 - Raúl Argente)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Avidemux 2.7 - 32 bits (32-bit) (HKLM-x32\...\Avidemux 2.7 - 32 bits) (Version: 2.7.1.180604 - )
Bejeweled 2 Deluxe (HKLM-x32\...\WT089286) (Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot (HKLM-x32\...\WT085597) (Version: 2.2.0.82 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT085567) (Version: 2.2.0.82 - WildTangent) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{39AB9389-ABC5-4603-AFB6-071BB35225E4}) (Version: 21.0.0.581 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{39AB9389-ABC5-4603-AFB6-071BB35225E4}) (Version: 21.0.581 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{95555783-E5F3-40B2-99C7-7345C39EFF76}) (Version: 21.0.581 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{2945B729-98C9-4A18-A24E-AD5D84BB9A8E}) (Version: 2.10.442 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2019 - BR (x64) (HKLM\...\{2FE926AD-01D6-4A84-BFB0-BE6ACF5CF6C6}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Capture (x64) (HKLM\...\{3834C5F6-5079-4C23-B8B1-F0884A02690F}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Common (x64) (HKLM\...\{E26C03B7-3DCF-46FD-9432-B8DAB1C34AEF}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Connect (x64) (HKLM\...\{B850B42F-249D-4C94-8536-B08205EB5C77}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Custom Data (x64) (HKLM\...\{FD08312C-7147-4417-9C0A-DE3C45DB56B5}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - DE (x64) (HKLM\...\{1675BBEB-CD1D-443E-A8E1-DFCDF2C5B401}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Draw (x64) (HKLM\...\{0A15F4D7-3B53-45C1-BB67-23F27FF8B75B}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - EN (x64) (HKLM\...\{43EBAA78-1F47-4627-8F0D-5DA8630B4056}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - ES (x64) (HKLM\...\{504E61BD-1A7A-4629-89FB-960E2D15F072}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Filters (x64) (HKLM\...\{DB0939C5-03D1-474D-8F60-2EFEE40EA114}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Font Manager (x64) (HKLM\...\{CEE73B7E-2900-4C8B-BEF8-8E6B05C7703C}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - FR (x64) (HKLM\...\{959BF271-7FEC-4C97-B20B-1E54B8EC807B}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM (x64) (HKLM\...\{A3BA4B57-A263-476E-B787-B5267F35201F}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content BR (x64) (HKLM\...\{F3F8F532-0F11-49C7-8D49-967F4581C30A}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content DE (x64) (HKLM\...\{DD666FC6-8807-45EA-B769-56475447DF80}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content EN (x64) (HKLM\...\{E5A6F812-B03B-4054-BDC9-E92B1BC6B052}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content ES (x64) (HKLM\...\{1F8D0F23-5574-4A2A-B580-CCCBD2F5FCDA}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content FR (x64) (HKLM\...\{E1CB786C-4E64-48C0-8EC3-A7E7265FD42E}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content IT (x64) (HKLM\...\{935C5EA6-B78E-4AE0-A72B-3FB5C0DA9487}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content NL (x64) (HKLM\...\{9AD4C3CA-5968-44E0-B0B0-443A378FA67D}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IT (x64) (HKLM\...\{23AAF608-B935-43F6-A1DE-876FDCD433DF}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - NL (x64) (HKLM\...\{9800FB54-97EF-4444-B636-184891F7CF45}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - PHOTO-PAINT (x64) (HKLM\...\{E1DB8CE4-D01D-48AF-B0C3-189B9000756C}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Setup Files (x64) (HKLM\...\{E82C45F0-2C79-47A5-B90B-C514724B1C48}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - VBA (x64) (HKLM\...\{E633140C-B07F-4EF6-8316-BEA221E359EF}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Workspaces (x64) (HKLM\...\{CBF86165-DBBB-4DA7-9070-3AFC86EA4745}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Writing Tools (x64) (HKLM\...\{F37A71D2-9B69-45E5-B6B1-DE9D98C197FC}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 (64-Bit) (HKLM\...\_{E82C45F0-2C79-47A5-B90B-C514724B1C48}) (Version: 21.0.0.593 - Corel Corporation)
CorelDRAW Graphics Suite 2019 (HKLM\...\{DC01BBC9-8212-45F7-A89B-FBDD4BC2B6B7}) (Version: 21.0 - Corel Corporation) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT085559) (Version: 2.2.0.82 - WildTangent) Hidden
Easy File Share (HKLM-x32\...\{95BB7324-77D3-4BF3-8CF6-29F0857AC175}) (Version: 1.1.1699 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics Co., Ltd.)
Easy Software Manager (HKLM-x32\...\{DE256D8B-D971-456D-BC02-CB64DA24F115}) (Version: 1.1.16.14 - Samsung Electronics Co., Ltd.)
Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.36 - Samsung)
ETDWare PS/2-X64 10.0.7.2_WHQL (HKLM\...\Elantech) (Version: 10.0.7.2 - ELAN Microelectronic Corp.)
Farm Frenzy (HKLM-x32\...\WT085618) (Version: 2.2.0.82 - WildTangent) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.83 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Insaniquarium Deluxe (HKLM-x32\...\WT085622) (Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2266 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
John Deere Drive Green (HKLM-x32\...\WT085580) (Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )
NVIDIA Graphics Driver 268.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.83 - NVIDIA Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Peggle (HKLM-x32\...\WT085663) (Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (HKLM-x32\...\WT085669) (Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Golfer (HKLM-x32\...\WT085583) (Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.5 - Samsung)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
WildTangent ORB Game Console (HKLM-x32\...\Game Console - WildGames) (Version: - WildTangent) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Zuma Deluxe (HKLM-x32\...\WT089285) (Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Leo-Jenny\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Leo-Jenny\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Leo-Jenny\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-06-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-06-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Leo-Jenny\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Leo-Jenny\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Leo-Jenny\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-05] (Mega Limited -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-06-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BTMSentToExt] -> {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30] (Intel Corporation - Mobile Wireless Group -> Intel Corporation)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Leo-Jenny\AppData\Local\MEGAsync\ShellExtX64.dll [2020-09-05] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-06-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-06] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2010-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2011-06-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-06-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-09-06] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.scg726] => C:\windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Archivo no firmado]
HKLM\...\Drivers32: [msacm.lame] => C:\windows\system32\lame.ax [245760 2005-08-01] () [Archivo no firmado]
HKLM\...\Drivers32: [vidc.dvsd] => C:\windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.mpg4] => C:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.mp42] => C:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.mp43] => C:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.xvid] => C:\windows\system32\xvidvfw.dll [139264 2004-07-03] () [Archivo no firmado]
HKLM\...\Drivers32: [vidc.DIVX] => C:\windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.VP62] => C:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.LAGS] => C:\windows\system32\lagarith.dll [216064 2011-12-07] () [Archivo no firmado]
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Módulos cargados (Lista blanca) =============
2011-10-11 10:53 - 2011-05-05 09:11 - 001892352 _____ (Apache Software Foundation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2011-03-22 17:41 - 2011-03-22 17:41 - 002790912 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Bluetooth\Resources\esn.dll
2011-10-11 10:53 - 2011-05-05 09:05 - 000069632 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-163027375-3699096611-532587941-1001\...\localhost -> localhost
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2009-07-13 23:34 - 2020-09-03 11:32 - 000001345 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1 iws.corel.com
127.0.0.1 mc.corel.com
127.0.0.1 apps.corel.com
127.0.0.1 deploy.akamaitechnologies.com
127.0.0.1 compute-1.amazonaws.com
127.0.0.1 origin-mc.corel.com
127.0.0.1 ultramediaburner.com
127.0.0.1 pro-zipper.com
127.0.0.1 productsdetails.online
127.0.0.1 post-back-url.com
127.0.0.1 rothsideadome.pw
127.0.0.1 room1.360dev.info
127.0.0.1 telechargini.com
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-163027375-3699096611-532587941-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: kss => 2
MSCONFIG\Services: ksu => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^Users^Leo-Jenny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Speech Recognition => "C:\windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{61C1DAEF-CC33-406F-BD5D-87E75BBEC2A3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DBD17777-534E-4416-8E03-42E8C6D05BBC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8E886396-45DA-4543-82A9-9BEDC5825908}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59B17BED-90C3-4296-9584-A3FF4BF64EC5}] => (Allow) LPort=2869
FirewallRules: [{80ADB865-6409-4E7F-A729-8512FE56F403}] => (Allow) LPort=1900
FirewallRules: [{B1761706-A3FA-480E-A677-D1D4BBF1C634}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A317E46-50CC-4E65-AC17-A60D97270CC8}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B783C3B-92A6-4C5C-A9B0-D5D65A941992}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{D27818AC-DA62-4382-9507-0B8B0EED7262}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{04211D30-37A0-4941-AF64-570A20D9BB79}] => (Allow) LPort=57083
FirewallRules: [{BA4AE836-A229-4BA7-8351-562A53E3F893}] => (Allow) LPort=56185
FirewallRules: [TCP Query User{57E7F6B6-888D-4500-9992-AB8E3393FCCE}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B94C7F86-6379-482F-9968-8C925EFCABE5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C0467FEB-F69A-467B-889D-9C07A28368A5}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{E6CC5DD7-50BF-4E6C-8DD1-25F14A670493}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [TCP Query User{F30C05C7-A8BE-40B3-8672-772F9C6FE89E}C:\program files (x86)\mipony\mipony.exe] => (Allow) C:\program files (x86)\mipony\mipony.exe => Ningún archivo
FirewallRules: [UDP Query User{266D20AD-3674-49CC-A698-F83D3BECAF0C}C:\program files (x86)\mipony\mipony.exe] => (Allow) C:\program files (x86)\mipony\mipony.exe => Ningún archivo
FirewallRules: [{958A09FA-AF21-4106-A7FC-7DC94EB72565}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D878FA11-5B6F-4D80-990A-A81820A31262}C:\users\leo-jenny\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\leo-jenny\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{022C94D7-F605-4A72-8198-7D3D15D013BB}C:\users\leo-jenny\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\leo-jenny\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
==================== Puntos de Restauración =========================
03-09-2020 02:11:13 Removed Microsoft Office Professional Plus 2010
03-09-2020 11:44:38 Installed Microsoft Office Professional Plus 2010
06-09-2020 01:58:37 JRT Pre-Junkware Removal
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (09/06/2020 01:54:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (09/06/2020 01:37:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (09/03/2020 11:49:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (09/03/2020 12:10:37 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft Word: Rejected Safe Mode action : Word no se inició correctamente la última vez. Iniciar Word en modo a prueba de errores ayuda a corregir o aislar el problema para iniciar correctamente el programa. La funcionalidad puede quedar parcialmente deshabilitada en este modo.
¿Desea iniciar Word en el modo a prueba de errores?.
Rejected Safe Mode action : Microsoft Word.
Error: (09/03/2020 12:01:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (09/03/2020 11:08:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (09/03/2020 02:33:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (09/03/2020 02:25:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Errores del sistema:
=============
Error: (09/06/2020 01:51:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Management and Security Application User Notification Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/06/2020 01:51:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NVIDIA Update Service Daemon se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/06/2020 01:51:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Corel License Validation Service V2, Powered by arvato se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/06/2020 01:51:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/06/2020 01:51:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de estado de ASP.NET terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (09/06/2020 01:51:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio NVIDIA Driver Helper Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (09/05/2020 10:52:02 PM) (Source: cdrom) (EventID: 7) (User: )
Description: El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.
Error: (09/05/2020 10:51:55 PM) (Source: cdrom) (EventID: 7) (User: )
Description: El dispositivo, \Device\CdRom0, tiene un bloque defectuoso.
==================== Información de la memoria ===========================
BIOS: Phoenix Technologies Ltd. 09QA 11/02/2012
Placa base: SAMSUNG ELECTRONICS CO., LTD. 300E4A/300E5A/300E7A/3430EA/3530EA
Procesador: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Porcentaje de memoria en uso: 96%
RAM física total: 1961.55 MB
RAM física disponible: 67.73 MB
Virtual total: 3923.09 MB
Virtual disponible: 1496.97 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:178 GB) (Free:101.92 GB) NTFS
Drive d: () (Fixed) (Total:265.79 GB) (Free:214.64 GB) NTFS
Drive e: (Disc) (CDROM) (Total:2.75 GB) (Free:0 GB) CDFS
Drive f: (KINGSTON) (Removable) (Total:0.93 GB) (Free:0.09 GB) FAT
\\?\Volume{a36d5a32-f495-11e0-90c8-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{accd3ac6-cb1d-11e6-811c-806e6f6e6963}\ (SAMSUNG_REC) (Fixed) (Total:21.87 GB) (Free:0.97 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1122C677)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=178 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.8 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=21.9 GB) - (Type=27)
==========================================================
Disk: 1 (Protective MBR) (Size: 962 MB) (Disk ID: 00000000)
Partition: GPT.
==================== Final de Addition.txt =======================Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 03-09-2020
Ejecutado por Leo-Jenny (administrador) sobre LEO-JENNY-PC (SAMSUNG ELECTRONICS CO., LTD. 300E4A/300E5A/300E7A/3430EA/3530EA) (06-09-2020 02:07:06)
Ejecutado desde C:\Users\Leo-Jenny\Desktop
Perfiles cargados: UpdatusUser & Leo-Jenny
Platform: Windows 7 Home Basic Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2721576 2011-06-17] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108136 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-163027375-3699096611-532587941-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe [2020-09-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Leo-Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-09-05]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Leo-Jenny\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {1B076272-9F8F-4F64-BA88-FB7F1AC598E6} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {22BCAD09-B307-4316-9E37-AFDAC9752D1B} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [3468880 2011-08-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {22C0AD8A-377B-49F7-B68B-96210D26A9EE} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [1087056 2011-09-06] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {2C66BE01-BCCA-4E0F-946B-EB135F36963C} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-163027375-3699096611-532587941-1001 => C:\Users\Leo-Jenny\AppData\Local\MEGAsync\MEGAupdater.exe [615672 2020-09-05] (Mega Limited -> Mega Limited)
Task: {466D9F97-EB5E-4876-9113-A0571005F391} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2275408 2011-09-06] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {48E2147C-D9C0-4E60-9274-2573DC401AF7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {54E533F4-07EA-4760-B600-794F2EB1923C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3313760 2020-09-03] (Avast Software s.r.o. -> AVAST Software)
Task: {5DC332C8-CCCA-4006-8423-2EAA149537F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-17] (Google Inc -> Google LLC)
Task: {6383DF62-0380-4D92-B37B-D6E4B95EA440} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-17] (Google Inc -> Google LLC)
Task: {7EA28D98-817E-478E-8CDB-B27B4909B686} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {82841148-D38E-4A27-92FE-9BE0E0D3702D} - System32\Tasks\Easy Software Manager Agent => C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2784336 2011-09-14] (Samsung Electronics CO., LTD. -> Samsung)
Task: {857AF5DA-4225-499A-A39A-68BC3AD183CA} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [784976 2011-08-19] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {AD8F89EF-9D82-4E10-B0CB-A746E8232728} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [3395664 2011-07-29] (Samsung Electronics CO., LTD. -> SAMSUNG Electronics)
Task: {B072AAA5-1A36-4032-BCA4-1DE1577995C9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [1346024 2015-08-06] (Symantec Corporation -> Symantec Corporation)
Task: {BC5E99B7-43D9-4A2B-BF8D-81B3283479CB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {BD7756F6-58C7-43B3-A5E4-B1F0790A0748} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [369232 2011-08-19] (Samsung Electronics CO., LTD. -> SAMSUNG Electronics co., LTD.)
Task: {CCC6217A-D8D0-4CD0-9B61-37D099976E74} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4403280 2011-06-24] (Samsung Electronics CO., LTD. -> SEC)
Task: {D639EB03-53C2-4FDC-9BCE-C7D19841C331} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-03-05] (Avast Software s.r.o. -> Avast Software)
Task: {DC2D1F1F-671D-4F56-9B41-AEECB58E243F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1901768 2018-04-17] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {DCC2F128-75A8-4C58-A4AC-14C66B14617C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-16] (Adobe Inc. -> Adobe)
Task: {E8431EE3-2C17-469F-B577-66BA6126535F} - System32\Tasks\{4DA657D2-42F8-495B-8549-28DA63189A1D} => C:\windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {E9069086-593B-4809-B229-63B50BB103F3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EADC3B7D-135F-4C9A-90EE-2518D3F1A3C8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\..\Interfaces\{1E2EAA81-6D61-4113-8FDE-88771D7012A3}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{5164239D-2A08-44EA-A711-82F24DB1D509}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{A2927FA8-5246-4F9E-83C8-54E487DC5F64}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://inicio.lalibrenoticia.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://inicio.lalibrenoticia.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://inicio.lalibrenoticia.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://inicio.lalibrenoticia.com/
HKU\S-1-5-21-163027375-3699096611-532587941-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-163027375-3699096611-532587941-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-163027375-3699096611-532587941-1001 -> Sin Nombre - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Ningún archivo
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [Archivo no firmado]
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default [2020-09-06]
CHR Extension: (Presentaciones) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-17]
CHR Extension: (Documentos) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-17]
CHR Extension: (Google Drive) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-17]
CHR Extension: (YouTube) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-05]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-09-03]
CHR Extension: (Hojas de cálculo) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-17]
CHR Extension: (Avira Navegación segura) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-05-20]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-03]
CHR Extension: (DocsWork Editor de documentos DOC & DOCX) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnmngcgmijhkamopfhmnkgpebgjbpbja [2020-03-17]
CHR Extension: (DotVPN — a Better way to VPN) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2020-03-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Leo-Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-16] (Adobe Inc. -> Adobe)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6392728 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-09-06] (Malwarebytes Inc -> Malwarebytes)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] (CyberLink -> ) [Archivo no firmado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S4 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 AMPPAL; C:\windows\System32\DRIVERS\AMPPAL.sys [294912 2011-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\windows\System32\DRIVERS\amppal.sys [294912 2011-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37152 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205896 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [235088 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [178768 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [60496 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42784 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175208 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [506152 2020-09-03] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [109280 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84856 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [851608 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [462592 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216824 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [322256 2020-06-19] (Avast Software s.r.o. -> AVAST Software)
R3 clwvd; C:\windows\System32\DRIVERS\clwvd.sys [31216 2011-08-17] (CyberLink -> CyberLink Corporation)
S0 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-09-06] (Malwarebytes Inc -> Malwarebytes)
R1 SABI; C:\windows\system32\Drivers\SABI.sys [13824 2011-07-29] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
R2 SGDrv; C:\windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Phoenix Technologies Ltd.)
R3 tap0901; C:\windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-09-06 02:07 - 2020-09-06 02:09 - 000022155 _____ C:\Users\Leo-Jenny\Desktop\FRST.txt
2020-09-06 02:06 - 2020-09-06 02:08 - 000000000 ____D C:\FRST
2020-09-06 02:04 - 2020-09-06 02:04 - 000009268 _____ C:\Users\Leo-Jenny\Desktop\JRT.txt
2020-09-06 01:47 - 2020-09-06 01:51 - 000000000 ____D C:\AdwCleaner
2020-09-06 00:48 - 2020-09-06 00:49 - 000000000 ____D C:\Users\Leo-Jenny\Desktop\Nueva carpeta
2020-09-06 00:47 - 2020-09-06 00:47 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2020-09-06 00:47 - 2020-09-06 00:47 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-06 00:47 - 2020-09-06 00:47 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-06 00:47 - 2020-09-06 00:47 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-09-06 00:46 - 2020-09-06 00:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-06 00:46 - 2020-09-06 00:45 - 000153312 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2020-09-06 00:42 - 2020-09-06 00:42 - 000000000 ____D C:\Program Files\Malwarebytes
2020-09-06 00:38 - 2020-09-06 00:38 - 002299392 _____ (Farbar) C:\Users\Leo-Jenny\Desktop\FRST64.exe
2020-09-06 00:38 - 2020-09-06 00:38 - 000224425 _____ C:\Users\Leo-Jenny\Desktop\¿Como ejecutar Farbar Recovery Scan Tool_ - Guías, manuales, tutoriales y más - ForoSpyware.pdf
2020-09-06 00:35 - 2020-09-06 00:35 - 000840985 _____ C:\Users\Leo-Jenny\Desktop\Manual de Malwarebytes Anti-Malware - Guías, manuales, tutoriales y más - ForoSpyware.pdf
2020-09-06 00:34 - 2020-09-06 00:34 - 000882226 _____ C:\Users\Leo-Jenny\Desktop\CCleaner. Manual de uso simple y avanzado - Guías, manuales, tutoriales y más - ForoSpyware.pdf
2020-09-06 00:30 - 2020-09-06 00:30 - 000741839 _____ C:\Users\Leo-Jenny\Desktop\Manual de AdwCleaner - Guías, manuales, tutoriales y más - ForoSpyware.pdf
2020-09-06 00:26 - 2020-09-06 00:27 - 001790024 _____ (Malwarebytes) C:\Users\Leo-Jenny\Desktop\JRT.exe
2020-09-06 00:17 - 2020-09-06 00:17 - 008414384 _____ (Malwarebytes) C:\Users\Leo-Jenny\Desktop\adwcleaner_8.0.7.exe
2020-09-05 23:40 - 2020-09-05 23:42 - 002040904 _____ (Malwarebytes) C:\Users\Leo-Jenny\Desktop\MBSetup.exe
2020-09-05 15:42 - 2020-09-05 15:46 - 000001680 _____ C:\Users\Leo-Jenny\Desktop\Rkill.txt
2020-09-05 15:40 - 2020-09-05 15:40 - 000014105 _____ C:\Users\Leo-Jenny\Desktop\chrome.exe - Acceso directo.lnk
2020-09-05 11:36 - 2020-09-05 11:36 - 000000000 ___HD C:\$AV_ASW
2020-09-04 16:19 - 2020-09-05 00:34 - 000000000 ____D C:\Users\Leo-Jenny\Downloads\ADDAMS 2019 1080p LAT Www Hackstore Net
2020-09-04 12:32 - 2020-09-04 15:33 - 000000000 ____D C:\Users\Leo-Jenny\Downloads\LEGO SHAZAM 1080p LAT Www Hackstore Net
2020-09-04 12:12 - 2020-09-04 12:12 - 000002103 _____ C:\Users\Leo-Jenny\Desktop\JDownloader 2.lnk
2020-09-04 12:12 - 2020-09-04 12:12 - 000000000 ____D C:\Users\Leo-Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2020-09-04 12:08 - 2020-09-05 01:38 - 000000000 ____D C:\Users\Leo-Jenny\AppData\Local\JDownloader 2.0
2020-09-04 12:08 - 2020-09-04 12:08 - 000000000 ____D C:\ProgramData\Oracle
2020-09-04 12:04 - 2020-09-04 12:05 - 045513416 _____ (AppWork GmbH) C:\Users\Leo-Jenny\Desktop\JDownloaderSetup.exe
2020-09-03 11:56 - 2020-09-03 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2020-09-03 11:56 - 2020-09-03 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-09-03 11:55 - 2020-09-03 11:55 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-09-03 11:53 - 2020-09-03 11:53 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
2020-09-03 11:52 - 2020-09-03 11:52 - 000000000 ____D C:\Program Files\Microsoft Sync Framework
2020-09-03 11:52 - 2020-09-03 11:52 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2020-09-03 11:47 - 2020-09-03 11:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2020-09-03 11:46 - 2020-09-03 11:55 - 000000000 ____D C:\windows\SHELLNEW
2020-09-03 11:46 - 2020-09-03 11:46 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2020-09-03 11:46 - 2020-09-03 11:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2020-09-03 11:45 - 2020-09-03 11:52 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-03 11:45 - 2020-09-03 11:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-09-03 11:33 - 2020-09-03 11:33 - 000000000 ____D C:\Users\Leo-Jenny\AppData\Roaming\Mozilla
2020-09-03 11:33 - 2020-09-03 11:33 - 000000000 ____D C:\Users\Leo-Jenny\AppData\Local\app
2020-09-03 11:31 - 2020-09-03 23:52 - 000000000 ____D C:\Program Files (x86)\afsx
2020-09-03 02:36 - 2020-09-03 02:36 - 000000390 _____ C:\Users\Leo-Jenny\Desktop\Disco extraíble (F) - Acceso directo.lnk
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-09-06 02:03 - 2009-07-14 01:45 - 000022624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-09-06 02:03 - 2009-07-14 01:45 - 000022624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-09-06 01:58 - 2019-04-16 01:35 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-09-06 01:57 - 2019-04-17 20:11 - 000004128 _____ C:\windows\system32\Tasks\CCleaner Update
2020-09-06 01:53 - 2009-07-14 02:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-09-06 01:51 - 2017-11-10 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-09-06 01:33 - 2017-03-03 11:39 - 000000000 ____D C:\ProgramData\AVAST Software
2020-09-06 01:33 - 2009-07-14 00:20 - 000000000 ____D C:\windows\inf
2020-09-05 23:34 - 2017-09-21 16:14 - 000000000 ____D C:\windows\AutoKMS
2020-09-05 14:15 - 2019-04-17 23:31 - 000003472 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-09-05 14:15 - 2019-04-17 23:31 - 000003344 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-09-05 14:15 - 2019-04-17 20:10 - 000002824 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2020-09-05 14:15 - 2019-04-16 02:04 - 000004290 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-09-05 14:15 - 2017-05-18 20:28 - 000002760 _____ C:\windows\system32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2020-09-05 14:15 - 2017-03-03 12:07 - 000000000 ____D C:\windows\system32\Tasks\AVAST Software
2020-09-05 14:15 - 2017-01-08 17:48 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-09-05 01:42 - 2016-12-29 12:53 - 000000000 ____D C:\Users\Leo-Jenny\AppData\Local\MEGAsync
2020-09-04 12:32 - 2016-12-26 12:51 - 000000000 ____D C:\Users\Leo-Jenny
2020-09-03 23:47 - 2009-07-14 01:45 - 000525200 _____ C:\windows\system32\FNTCACHE.DAT
2020-09-03 12:08 - 2016-12-26 14:18 - 000144744 _____ C:\Users\Leo-Jenny\AppData\Local\GDIPFONTCACHEV1.DAT
2020-09-03 11:55 - 2009-07-14 00:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-09-03 11:53 - 2009-07-14 02:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-09-03 11:46 - 2009-07-14 00:20 - 000000000 ____D C:\Program Files\Common Files\System
2020-09-03 11:46 - 2009-07-13 23:34 - 000000478 _____ C:\windows\win.ini
2020-09-03 11:21 - 2019-04-17 20:10 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-09-03 11:21 - 2019-04-17 20:10 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-09-03 01:44 - 2017-01-08 17:47 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-03 01:31 - 2020-04-14 12:59 - 000506152 _____ (AVAST Software) C:\windows\system32\Drivers\aswNetHub.sys
2020-09-03 01:22 - 2019-04-16 01:38 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-09-03 01:22 - 2019-04-16 01:38 - 000002003 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
==================== Archivos en la raíz de algunos directorios ========
2019-11-18 13:46 - 2019-11-18 14:49 - 000008418 _____ () C:\Users\Leo-Jenny\AppData\Local\krita.log
2019-11-18 14:49 - 2019-11-18 14:49 - 000000039 _____ () C:\Users\Leo-Jenny\AppData\Local\kritadisplayrc
2019-11-18 14:18 - 2019-11-18 14:48 - 000016472 _____ () C:\Users\Leo-Jenny\AppData\Local\kritarc
2016-12-27 15:04 - 2017-12-12 00:14 - 000007619 _____ () C:\Users\Leo-Jenny\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2020-09-03 12:30
==================== Final de FRST.txt ========================Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe(en tu escritorio). -
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla
Create registry backup, las demás casillas NO. -
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe [2020-09-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {1B076272-9F8F-4F64-BA88-FB7F1AC598E6} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {B072AAA5-1A36-4032-BCA4-1DE1577995C9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [1346024 2015-08-06] (Symantec Corporation -> Symantec Corporation)
Task: {DC2D1F1F-671D-4F56-9B41-AEECB58E243F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1901768 2018-04-17] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {E8431EE3-2C17-469F-B577-66BA6126535F} - System32\Tasks\{4DA657D2-42F8-495B-8549-28DA63189A1D} => C:\windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Toolbar: HKU\S-1-5-21-163027375-3699096611-532587941-1001 -> Sin Nombre - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Ningún archivo
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
U1 aswbdisk; no ImagePath
2020-09-05 14:15 - 2017-05-18 20:28 - 000002760 _____ C:\windows\system32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
C:\Program Files (x86)\Kaspersky Lab
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora inicia tu equipo desde el Modo Seguro – con funciones de Red, de Windows
-
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
-
Presionar el botón FIX/Corregir y aguardar a que termine.
-
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Buenas noches. Hice lo que me pediste, la máquina anda bien, no mas que eso porque ya está viejita pobre pero anda mejor que antes de iniciar todo este proceso sin dudas. Si esto llegara a ser lo último te agradezco infinitamente por toda la ayuda y a todo el staff de InfoSpayware por siempre tener tan buena predisposición para atender nuestros problemas, sin mas a continuación pego el reporte del FRST.exe. Saludos.
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 06-09-2020
Ejecutado por Leo-Jenny (07-09-2020 22:45:44) Run:1
Ejecutado desde C:\Users\Leo-Jenny\Desktop
Perfiles cargados: Leo-Jenny
Modo de Inicio: Safe Mode (with Networking)
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ning�n archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ning�n archivo
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe [2020-09-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricci�n <==== ATENCI�N
CHR HKLM\SOFTWARE\Policies\Google: Restricci�n <==== ATENCI�N
Task: {1B076272-9F8F-4F64-BA88-FB7F1AC598E6} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {B072AAA5-1A36-4032-BCA4-1DE1577995C9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [1346024 2015-08-06] (Symantec Corporation -> Symantec Corporation)
Task: {DC2D1F1F-671D-4F56-9B41-AEECB58E243F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1901768 2018-04-17] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {E8431EE3-2C17-469F-B577-66BA6126535F} - System32\Tasks\{4DA657D2-42F8-495B-8549-28DA63189A1D} => C:\windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Toolbar: HKU\S-1-5-21-163027375-3699096611-532587941-1001 -> Sin Nombre - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Ning�n archivo
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
U1 aswbdisk; no ImagePath
2020-09-05 14:15 - 2017-05-18 20:28 - 000002760 _____ C:\windows\system32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
C:\Program Files (x86)\Kaspersky Lab
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\KSS" => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{2D46B6DC-2207-486B-B523-A557E6D54B47} => eliminado correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B076272-9F8F-4F64-BA88-FB7F1AC598E6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B076272-9F8F-4F64-BA88-FB7F1AC598E6}" => eliminado correctamente
C:\windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B072AAA5-1A36-4032-BCA4-1DE1577995C9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B072AAA5-1A36-4032-BCA4-1DE1577995C9}" => eliminado correctamente
C:\windows\System32\Tasks\Remediation\AntimalwareMigrationTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Remediation\AntimalwareMigrationTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC2D1F1F-671D-4F56-9B41-AEECB58E243F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC2D1F1F-671D-4F56-9B41-AEECB58E243F}" => eliminado correctamente
C:\windows\System32\Tasks\AVG\Overseer => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8431EE3-2C17-469F-B577-66BA6126535F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8431EE3-2C17-469F-B577-66BA6126535F}" => eliminado correctamente
C:\windows\System32\Tasks\{4DA657D2-42F8-495B-8549-28DA63189A1D} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4DA657D2-42F8-495B-8549-28DA63189A1D}" => eliminado correctamente
"HKU\S-1-5-21-163027375-3699096611-532587941-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => eliminado correctamente
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => eliminado correctamente
HKLM\System\CurrentControlSet\Services\aswbdisk => eliminado correctamente
aswbdisk => servicio eliminado correctamente
"C:\windows\system32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance" => no encontrado
"C:\Program Files (x86)\Kaspersky Lab" => no encontrado
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-163027375-3699096611-532587941-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local mientras los medios
est‚n desconectados.
Adaptador de Ethernet Conexi¢n de rea local 3:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::10bf:cec4:a3a5:bbc1%16
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.36
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : fe80::8278:71ff:fe5a:e135%16
192.168.1.1
Adaptador de Ethernet Conexi¢n de rea local:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{54276833-9A83-4733-BC9F-5888D7BB1788}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{1E2EAA81-6D61-4113-8FDE-88771D7012A3}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{5164239D-2A08-44EA-A711-82F24DB1D509}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{2369CEFF-BF25-4E11-B562-84CE07D4444A}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de t£nel isatap.{41615E44-46A3-42E8-B3B0-AC47562D5AB8}:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9009176 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 97330 B
Edge => 0 B
Chrome => 75859392 B
Firefox => 14645157 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 60221424 B
systemprofile32 => 60291866 B
LocalService => 60291866 B
NetworkService => 60291866 B
UpdatusUser => 60291866 B
Leo-Jenny => 63529272 B
RecycleBin => 47568815 B
EmptyTemp: => 496.4 MB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 22:46:20 ====Perfecto @leodan excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.
Para hacerlo descarga DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos.
Tema Solucionado.
Saludos, Javier.