Hace unos dias entraron en mi cuenta de Ebay y hicieron una compra no autorizada para mandarla a Ucrania. Me siguen apareciendo intento de entrar en mi cuenta de Ebay aun cambiando la contraseña de correo y Ebay y con sistema de doble autenticacion. Pues bueno salgo a dar una vuelta y miro el ordenador y veo el kasperkey segure conection con el mensaje: terminada conexión con ucrania.
La verdad es que me acojone bastante.Ayuda por favor
Hola @canva
Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:
1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.
2) Descarga AdwCleaner | InfoSpyware en el escritorio.
3) Descarga CCleaner
Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.
¿Cómo pegar reportes en el foro?
Un saludo
Gracias Daniela por la ayuda
Decirte que la conexión de ayer del Kaspersky secure Connection que estaba en Ucrania es la que te da por defecto al no tener la versión comprada del programa. El pc me va bien pero la verdad no se aun como consiguieron mi mail y password de Ebay.
Te dejo los reportes:
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 10/5/20
Hora del análisis: 13:31
Archivo de registro: b9ba2e6e-92b1-11ea-a4ac-00ff3be91201.json
-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.823
Versión del paquete de actualización: 1.0.23646
Licencia: Gratis
-Información del sistema-
SO: Windows 8.1
CPU: x86
Sistema de archivos: NTFS
Usuario: ALVARO\ALVARO
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 222828
Amenazas detectadas: 25
Amenazas en cuarentena: 25
Tiempo transcurrido: 5 hr, 17 min, 55 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 25
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WNET_AMD64\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WXP_AMD64\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\HARDWARELIB.DLL#B8032EBEDD3CC15B, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\JUMPLISTDLL.DLL#3CE0A2571D886FA6, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WIN10_AMD64\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WIN7_AMD64\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WNET_X86\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DISKDEFRAG.EXE#1A06B4DD0C41DF1C, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WLH_AMD64\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\XP_AMD64\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DATABASE\AUTOUPDATE.DAT#66BA31C6EF3CC7A9, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WIN10_IA64\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WIN7_IA64\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WLH_X86\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\ASCINIT.EXE#BA4A7D830EAFD9FB, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\CPUIDINTERFACE.DLL#7647E22C0EBDA773, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\FEEDBACK.EXE#878733177CD8B111, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\AUTOSWEEP.EXE#6B268D2475310A40, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WIN10_X86\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WIN7_X86\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\DRIVERS\WXP_X86\REGISTRYDEFRAGBOOTTIME.EXE#3B6905CC12F26548, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\AUTOUPDATE.EXE#D9811C24F0CBD9C6, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\ASCDOWNLOAD.EXE#AE140D6DBC2ACB73, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\SCANNER.DLL#BF51FCA8AB299979, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
PUP.Optional.AdvancedSystemCare, C:\ADWCLEANER\QUARANTINE\V1\20200509.185942\15\ADVANCED SYSTEMCARE\AUTOCARE.EXE#F1299658E33CAF02, Se eliminará al reiniciar, 3827, 396386, 1.0.23646, , ame,
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-10-2020
# Duration: 00:00:35
# OS: Windows 8.1 Pro
# Scanned: 31802
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [5352 octets] - [08/05/2020 00:35:59]
AdwCleaner[S01].txt - [5413 octets] - [09/05/2020 18:59:02]
AdwCleaner[C01].txt - [4797 octets] - [09/05/2020 19:00:21]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
Hola
Vamos a revisar, por si a caso tu equipo más a fondo.
Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus
Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. 
Como saber si Mi Windows es de 32 o 64 Bits ?.
Pon los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Un saludo
FRST
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x86) Versión: 10-05-2020 02
Ejecutado por ALVARO (administrador) sobre ALVARO (TOSHIBA Satellite Pro A200) (10-05-2020 19:39:02)
Ejecutado desde C:\Users\Alvaro\Desktop
Perfiles cargados: ALVARO
Platform: Microsoft Windows 8.1 Pro (Update) (X86) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(IObit Information Technology -> IObit) C:\Program Files\IObit\IObit Uninstaller\Pub\PubMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\avpui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.19337_x86__8wekyb3d8bbwe\glcnd.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1316136 2008-06-20] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1667072 2012-02-28] (AimerSoft) [Archivo no firmado]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\...\Run: [uTorrent] => C:\Users\Alvaro\AppData\Roaming\uTorrent\uTorrent.exe [2072816 2020-04-20] (BitTorrent Inc -> BitTorrent Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-08] (Google LLC -> Google LLC)
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {30EE7385-03F2-4FD2-91C0-046378C2C829} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20682104 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {49633CD7-5194-4AAA-ADAC-9B6377102CD1} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {63576FE0-EC3B-4B6B-A1B1-61C61054795B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4427584 2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AA291BB-05A1-4A87-8161-F87990AED806} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {6EF074EF-24E5-40B2-A3F2-20CF2EAC76A4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {846DD3EB-8288-4B1E-85DF-6EDE5DEAAB60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156104 2020-03-05] (Google LLC -> Google LLC)
Task: {848504ED-ABF1-49D5-8A9D-A398E2E42215} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [4427584 2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {9345A7C9-404E-484D-AA2A-9F3BC4F5D1B1} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [Archivo no firmado]
Task: {9F9DAD96-B877-486D-AD56-B98950673012} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [114720 2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA2A7614-8FAE-47EE-A6FC-94851E1BFD95} - System32\Tasks\Uninstaller_SkipUac_ALVARO => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [5957392 2019-12-18] (IObit Information Technology -> IObit)
Task: {BBD7401E-2BCF-48D3-9F91-6DDF3FB4F56B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5CAF37D-AC89-4D2F-8122-EB64D9B3DD1F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D9264E58-1B8C-4E04-A57E-AFF47F39AE4D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [20682104 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFE06A9C-BE00-4A5D-BACD-6316F0D181F9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [114720 2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {F213A76F-0B46-477D-8BDC-E84BA62B11C4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {F46D94E8-D32E-44A3-BB29-7D3EF88D8A67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156104 2020-03-05] (Google LLC -> Google LLC)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
ProxyEnable: [S-1-5-21-3993314501-1360276134-1310569875-1001] => Proxy está habilitado.
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{3BE91201-003D-4CE9-B39D-9F2E4D531694}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{88E063FE-A2A9-4577-9EBA-C5E044131A16}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3993314501-1360276134-1310569875-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-3993314501-1360276134-1310569875-1001 -> Sin Nombre - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - Ningún archivo
Toolbar: HKU\S-1-5-21-3993314501-1360276134-1310569875-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: tk84sjie.default
FF ProfilePath: C:\Users\Alvaro\AppData\Roaming\Mozilla\Firefox\Profiles\tk84sjie.default [2020-05-10]
FF Homepage: Mozilla\Firefox\Profiles\tk84sjie.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\tk84sjie.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-04-20 11:01:39&bName=&bitmask=0450
FF ProfilePath: C:\Users\Alvaro\AppData\Roaming\Mozilla\Firefox\Profiles\xes2l5ri.default-release [2020-05-10]
FF NewTab: Mozilla\Firefox\Profiles\xes2l5ri.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-04-20 11:01:39&bName=&bitmask=0450
FF Extension: (anonymoX) - C:\Users\Alvaro\AppData\Roaming\Mozilla\Firefox\Profiles\xes2l5ri.default-release\Extensions\[email protected] [2020-03-12]
FF Extension: (Kaspersky Protection) - C:\Users\Alvaro\AppData\Roaming\Mozilla\Firefox\Profiles\xes2l5ri.default-release\Extensions\[email protected] [2020-05-06]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-12-17]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-04-22] <==== ATENCIÓN (Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-04-22] <==== ATENCIÓN
Chrome:
=======
CHR Profile: C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default [2020-05-10]
CHR Notifications: Default -> hxxps://forospyware.com; hxxps://www.facebook.com
CHR Extension: (Presentaciones) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-05]
CHR Extension: (Documentos) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-05]
CHR Extension: (Google Drive) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-05]
CHR Extension: (YouTube) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-05]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-05]
CHR Extension: (Kaspersky Protection) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-05-06]
CHR Extension: (Hojas de cálculo) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-05]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-05]
CHR Extension: (Gmail) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-05]
CHR Extension: (Chrome Media Router) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-21]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AVP20.0; C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7418224 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
S3 GSService; C:\Windows\system32\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
R2 KSDE4.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5570712 2020-01-19] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [13216272 2020-03-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103696 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 AgereSoftModem; C:\Windows\system32\DRIVERS\AGRSM.sys [1035776 2013-06-18] (Microsoft Windows -> LSI Corp)
R3 athr; C:\Windows\system32\DRIVERS\athwb.sys [2923520 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [180352 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
S3 DrmCAudio; C:\Windows\system32\drivers\DrmCAudio.sys [23576 2014-07-28] (Private Multimedia Authority -> Windows (R) Win 7 DDK provider) [Archivo no firmado]
R3 IUFileFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [22616 2019-11-18] (IObit CO., LTD -> IObit)
R3 IUProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUProcessFilter.sys [17232 2019-07-30] (IObit CO., LTD -> IObit)
R3 IURegistryFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IURegistryFilter.sys [29784 2019-11-18] (IObit CO., LTD -> IObit)
S3 jakstaVA; C:\Windows\system32\DRIVERS\jaksta_va.sys [91784 2017-02-23] (Jaksta Technologies Pty Ltd -> e2eSoft)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [145528 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [69528 2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [118872 2020-02-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78976 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30136 2020-02-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [198552 2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [473856 2020-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [589800 2020-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [776088 2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [51536 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [66960 2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [52864 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [48768 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [42320 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [45496 2018-03-16] (AnchorFree Inc -> The OpenVPN Project)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87680 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [172648 2020-02-08] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199064 2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [65344 2019-11-02] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x86.sys [490496 2013-06-18] (Microsoft Windows -> Realtek )
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [22016 2013-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [38920 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [231256 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [85336 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WsAudio_Device(1); C:\Windows\system32\drivers\VirtualAudio1.sys [27496 2015-08-03] (Wondershare Software Co., Ltd. -> Wondershare)
S3 WUDFWpdMtp; C:\Windows\System32\drivers\WUDFRd.sys [190976 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x32.sys [X]
U4 npcap_wifi; no ImagePath
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-10 19:39 - 2020-05-10 19:40 - 000024047 _____ C:\Users\Alvaro\Desktop\FRST.txt
2020-05-10 19:38 - 2020-05-10 19:39 - 000000000 ____D C:\FRST
2020-05-10 19:36 - 2020-05-10 19:37 - 002011648 _____ (Farbar) C:\Users\Alvaro\Desktop\FRST.exe
2020-05-10 19:11 - 2020-05-10 19:11 - 000001589 _____ C:\Users\Alvaro\Desktop\AdwCleaner[S02].txt
2020-05-10 19:07 - 2020-05-10 19:07 - 008196784 _____ (Malwarebytes) C:\Users\Alvaro\Downloads\adwcleaner_8.0.4.exe
2020-05-10 19:03 - 2020-05-10 19:04 - 000000000 ____D C:\Users\Alvaro\AppData\LocalLow\uTorrent
2020-05-10 18:59 - 2020-05-10 19:00 - 000006757 _____ C:\Users\Alvaro\Desktop\Malwarebytes.txt
2020-05-09 19:10 - 2020-05-09 19:11 - 000000000 ____D C:\KVRT_Data
2020-05-08 00:34 - 2020-05-09 18:59 - 000000000 ____D C:\AdwCleaner
2020-05-07 23:18 - 2020-05-07 23:18 - 000000000 ____D C:\Users\Alvaro\AppData\Roaming\KasperskyUpgradeLogs
2020-05-06 19:12 - 2020-05-06 19:16 - 3540430722 _____ C:\Users\Alvaro\Downloads\Operacion.Swordfish.(2001).1080p.mkv
2020-05-05 16:53 - 2020-05-05 16:57 - 000161575 _____ C:\Users\Alvaro\Desktop\logo2.ai
2020-05-03 21:31 - 2020-05-03 21:31 - 005817840 _____ C:\Users\Alvaro\Desktop\keith-haring-untitled-works-on-paper-zoom-5.ai
2020-05-01 20:09 - 2020-05-01 20:09 - 000111899 _____ C:\Users\Alvaro\Desktop\3434.ai
2020-04-26 20:32 - 2020-04-26 20:47 - 000000000 ____D C:\Users\Alvaro\Downloads\Post Malone - Nirvana Tribute - 2020-04-24 - Utah, USA [1080p]
2020-04-26 20:31 - 2020-04-26 20:31 - 000000000 ____D C:\Users\Alvaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent
2020-04-26 20:31 - 2020-04-26 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\µTorrent
2020-04-26 20:31 - 2020-04-26 20:31 - 000000000 ____D C:\Program Files\uTorrent
2020-04-26 20:30 - 2020-04-26 20:30 - 000588023 _____ C:\Users\Alvaro\Downloads\utorrent16.exe
2020-04-25 22:10 - 2020-04-25 22:25 - 000076176 _____ C:\Users\Alvaro\Desktop\1341-0-medium.ai
2020-04-23 23:05 - 2020-04-23 23:05 - 003834905 _____ C:\Users\Alvaro\Desktop\letras4.ai
2020-04-22 09:07 - 2020-04-22 10:15 - 000016512 _____ C:\Windows\system32\antimalware.patch_management.product_registry.kvdb-wal
2020-04-22 09:07 - 2020-04-22 09:07 - 000032768 _____ C:\Windows\system32\antimalware.unwanted_products.browser_extension_registry.kvdb-shm
2020-04-22 09:07 - 2020-04-22 09:07 - 000032768 _____ C:\Windows\system32\antimalware.patch_management.product_registry.kvdb-shm
2020-04-22 09:07 - 2020-04-22 09:07 - 000012288 _____ C:\Windows\system32\antimalware.unwanted_products.browser_extension_registry.kvdb
2020-04-22 09:07 - 2020-04-22 09:07 - 000012288 _____ C:\Windows\system32\antimalware.patch_management.product_registry.kvdb
2020-04-22 09:07 - 2020-04-22 09:07 - 000000000 _____ C:\Windows\system32\antimalware.unwanted_products.browser_extension_registry.kvdb-wal
2020-04-22 09:06 - 2020-04-23 10:36 - 000008272 _____ C:\Windows\system32\antimalware.unwanted_products.product_registry.kvdb-wal
2020-04-22 09:06 - 2020-04-22 09:06 - 000032768 _____ C:\Windows\system32\antimalware.unwanted_products.product_registry.kvdb-shm
2020-04-22 09:06 - 2020-04-22 09:06 - 000012288 _____ C:\Windows\system32\antimalware.unwanted_products.product_registry.kvdb
2020-04-22 00:23 - 2020-04-22 00:21 - 000776088 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2020-04-22 00:23 - 2020-04-22 00:21 - 000199064 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2020-04-22 00:23 - 2020-04-22 00:21 - 000198552 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2020-04-22 00:23 - 2020-04-22 00:21 - 000069528 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupdisk.sys
2020-04-22 00:23 - 2020-04-22 00:21 - 000066960 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klkbdflt.sys
2020-04-22 00:11 - 2020-04-22 00:11 - 000000000 ____D C:\Program Files\Common Files\AV
2020-04-22 00:09 - 2020-04-22 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2020-04-22 00:08 - 2020-04-22 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2020-04-22 00:06 - 2020-05-10 19:39 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-04-22 00:06 - 2020-05-09 19:01 - 000000000 ____D C:\Program Files\Common Files\Kaspersky Lab
2020-04-22 00:06 - 2020-04-22 00:08 - 000000000 ____D C:\Program Files\Kaspersky Lab
2020-04-22 00:01 - 2020-04-22 00:02 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-04-20 22:38 - 2020-04-20 22:38 - 000002776 _____ C:\Users\Alvaro\Desktop\343434.ai
2020-04-20 22:30 - 2020-04-20 22:30 - 000004863 _____ C:\Users\Alvaro\Desktop\font_rend.ai
2020-04-20 12:57 - 2020-04-20 12:57 - 000000896 _____ C:\Users\Alvaro\Desktop\µTorrent.lnk
2020-04-20 12:57 - 2020-04-20 12:57 - 000000876 _____ C:\Users\Alvaro\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2020-04-20 00:54 - 2020-04-20 00:54 - 000235708 _____ C:\Users\Alvaro\Desktop\letras2.ai
2020-04-19 20:42 - 2020-04-19 20:42 - 000007730 _____ C:\Users\Alvaro\Desktop\letras3.ai
2020-04-19 00:55 - 2020-04-19 00:55 - 000003172 _____ C:\Users\Alvaro\Desktop\letras.ai
2020-04-18 12:13 - 2020-05-01 17:18 - 000014841 _____ C:\Users\Alvaro\Desktop\logo.ai
2020-04-17 02:30 - 2020-04-24 21:31 - 000886340 _____ C:\Users\Alvaro\Documents\COAH.odt
2020-04-16 12:14 - 2016-02-10 17:18 - 000403390 __RSH C:\bootmgr
2020-04-16 12:14 - 2013-06-18 14:18 - 000000001 ___SH C:\BOOTNXT
2020-04-16 00:58 - 2020-04-25 21:15 - 000038693 _____ C:\Users\Alvaro\Desktop\imagen-obra-radiant_baby-1000-1000-88388.ai
2020-04-15 12:26 - 2020-03-31 06:08 - 020290048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-04-15 12:26 - 2020-03-31 05:20 - 004112384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-04-15 12:26 - 2020-03-31 05:14 - 013854720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-04-15 12:26 - 2020-03-08 03:11 - 003077632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-04-15 12:25 - 2020-03-31 07:33 - 001070672 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-15 12:25 - 2020-03-31 07:07 - 005623048 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-15 12:25 - 2020-03-31 06:58 - 001118584 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-04-15 12:25 - 2020-03-31 06:50 - 001471960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-15 12:25 - 2020-03-31 05:59 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-04-15 12:25 - 2020-03-31 05:52 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-04-15 12:25 - 2020-03-31 05:43 - 000654848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-04-15 12:25 - 2020-03-31 05:22 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-04-15 12:25 - 2020-03-31 05:17 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-04-15 12:25 - 2020-03-31 05:10 - 001493504 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-04-15 12:25 - 2020-03-31 04:59 - 004387328 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-04-15 12:25 - 2020-03-31 04:56 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-04-15 12:25 - 2020-03-31 04:54 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-04-15 12:25 - 2020-03-27 15:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2020-04-15 12:25 - 2020-03-27 13:55 - 001279488 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-04-15 12:25 - 2020-03-24 02:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2020-04-15 12:25 - 2020-03-19 06:11 - 000316152 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-04-15 12:25 - 2020-03-19 05:17 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-04-15 12:25 - 2020-03-12 02:40 - 001310720 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2020-04-15 12:25 - 2020-03-10 09:22 - 001489728 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-04-15 12:25 - 2020-03-10 09:12 - 000887776 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-15 12:25 - 2020-03-10 07:47 - 003355648 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2020-04-15 12:25 - 2020-03-10 07:40 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2020-04-15 12:25 - 2020-03-10 07:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2020-04-15 12:25 - 2020-03-08 05:44 - 000166248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-04-15 12:25 - 2020-03-08 05:29 - 000128480 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-04-15 12:25 - 2020-03-08 05:22 - 000788096 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-04-15 12:25 - 2020-03-08 04:11 - 003412992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-04-15 12:25 - 2020-03-08 03:39 - 001335808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-04-15 12:25 - 2020-03-08 03:23 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\srumapi.dll
2020-04-15 12:25 - 2020-03-08 03:21 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-04-15 12:25 - 2020-03-08 03:19 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2020-04-15 12:25 - 2020-03-08 03:13 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-04-15 12:25 - 2020-03-08 01:25 - 000353792 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2020-04-15 12:25 - 2020-03-08 01:25 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2020-04-15 12:25 - 2020-02-13 08:08 - 000735992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-04-15 12:25 - 2020-02-08 20:52 - 000137304 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-04-15 12:25 - 2020-02-05 16:18 - 001465344 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-04-15 12:25 - 2020-02-05 16:18 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-04-15 12:25 - 2020-02-05 16:18 - 000599040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-04-15 12:25 - 2020-02-05 16:18 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-04-15 12:25 - 2020-02-05 16:18 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2020-04-15 12:25 - 2020-02-05 16:18 - 000366080 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-04-15 12:25 - 2020-02-05 16:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-04-15 12:25 - 2020-02-05 16:18 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-04-13 13:06 - 2020-04-09 21:32 - 000518553 _____ C:\Users\Alvaro\Documents\Doc1 - copia.odt
2020-04-12 00:13 - 2020-04-12 00:13 - 001688226 _____ C:\Users\Alvaro\Desktop\2 - copia.ai
2020-04-11 00:01 - 2020-04-11 00:01 - 002137329 _____ C:\Users\Alvaro\Desktop\4.psd
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-10 19:15 - 2020-03-26 15:43 - 000000000 ____D C:\Users\Alvaro\AppData\Roaming\TeamViewer
2020-05-10 19:15 - 2020-01-07 12:47 - 000000000 ____D C:\Users\Alvaro\AppData\Roaming\uTorrent
2020-05-10 19:15 - 2019-10-05 14:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-05-10 19:15 - 2019-10-05 14:37 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-05-10 19:14 - 2020-01-25 19:19 - 000000000 ____D C:\Windows\Minidump
2020-05-10 19:14 - 2013-08-22 08:21 - 000000000 ____D C:\Windows\inf
2020-05-10 19:02 - 2020-03-26 15:43 - 000000000 ____D C:\Program Files\TeamViewer
2020-05-10 19:02 - 2013-08-22 09:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-10 13:28 - 2019-09-23 11:41 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3993314501-1360276134-1310569875-1001
2020-05-10 13:20 - 2019-09-23 12:16 - 000003974 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{C1F243D8-7BC5-4803-AB9C-93C2CB10D079}
2020-05-10 13:18 - 2019-09-24 01:21 - 000000000 ____D C:\Users\Alvaro\AppData\Local\BitTorrentHelper
2020-05-10 00:13 - 2019-09-24 10:55 - 003401216 ___SH C:\Users\Alvaro\Desktop\Thumbs.db
2020-05-09 23:39 - 2019-12-04 18:27 - 000000000 ____D C:\Users\Alvaro\AppData\LocalLow\Mozilla
2020-05-09 19:10 - 2019-10-16 19:58 - 003326976 ___SH C:\Users\Alvaro\Downloads\Thumbs.db
2020-05-09 19:01 - 2013-08-22 08:13 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-05-09 18:59 - 2020-01-19 21:42 - 000000000 ____D C:\Users\Alvaro\AppData\LocalLow\IObit
2020-05-09 18:59 - 2020-01-19 21:42 - 000000000 ____D C:\Program Files\Common Files\IObit
2020-05-08 17:43 - 2013-08-22 08:13 - 000262144 ___SH C:\Windows\system32\config\ELAM
2020-05-08 11:23 - 2019-09-26 11:20 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-05-08 09:36 - 2020-03-05 11:09 - 000002188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-08 09:36 - 2020-03-05 11:09 - 000002147 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-08 09:36 - 2020-03-05 11:09 - 000002147 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-07 23:26 - 2020-01-19 21:42 - 000000000 ____D C:\ProgramData\ProductData
2020-05-07 23:21 - 2013-08-22 09:22 - 003825432 _____ C:\Windows\system32\FNTCACHE.DAT
2020-05-07 15:17 - 2019-09-23 11:38 - 001822472 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-07 15:17 - 2013-08-22 16:57 - 000805262 _____ C:\Windows\system32\perfh00A.dat
2020-05-07 15:17 - 2013-08-22 16:57 - 000164164 _____ C:\Windows\system32\perfc00A.dat
2020-05-06 19:10 - 2019-10-25 22:26 - 000000000 ____D C:\Users\Alvaro\AppData\Roaming\vlc
2020-05-06 19:03 - 2019-09-26 11:38 - 000000000 ____D C:\Users\Alvaro\AppData\Local\JDownloader 2.0
2020-04-22 00:54 - 2020-03-12 12:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-22 00:06 - 2013-08-22 10:17 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-04-21 20:07 - 2019-09-23 11:36 - 000000000 ____D C:\Users\Alvaro\AppData\Local\Packages
2020-04-19 19:11 - 2013-08-22 10:05 - 000000000 ____D C:\Windows\CbsTemp
2020-04-19 02:14 - 2019-09-23 11:36 - 000000000 ____D C:\Users\Alvaro
2020-04-16 12:39 - 2013-08-22 10:17 - 000000000 ____D C:\Windows\rescache
2020-04-16 01:11 - 2019-12-30 23:59 - 000000000 ___SD C:\Windows\system32\CompatTel
2020-04-14 22:41 - 2020-03-31 21:42 - 000000000 ____D C:\Users\Alvaro\Desktop\Nueva carpeta
2020-04-14 01:24 - 2020-04-03 00:54 - 000524439 _____ C:\Users\Alvaro\Documents\Doc1.odt
2020-04-12 16:44 - 2013-08-22 10:17 - 000000000 ____D C:\Windows\system32\NDF
==================== Archivos en la raíz de algunos directorios ========
2020-02-23 23:39 - 2020-02-23 23:39 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-02-23 23:40 - 2020-02-23 23:40 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2020-01-06 16:18 - 2020-01-06 16:18 - 000000171 _____ () C:\Users\Alvaro\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2020-01-06 16:18 - 2020-01-06 16:18 - 000000304 _____ () C:\Users\Alvaro\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2019-12-30 18:06 - 2019-12-30 18:06 - 000000012 _____ () C:\Users\Alvaro\AppData\Roaming\57194d7fac3eeb8711f0ca1082e7e000
2019-09-25 12:28 - 2020-01-21 12:14 - 000000132 _____ () C:\Users\Alvaro\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2020-02-04 16:57 - 2020-02-04 16:57 - 000000132 _____ () C:\Users\Alvaro\AppData\Roaming\Adobe PNG Format CS5 Prefs
2020-02-01 21:03 - 2020-02-01 21:03 - 000308523 _____ () C:\Users\Alvaro\AppData\Roaming\Bolahefo
2020-01-06 16:18 - 2020-01-06 16:18 - 000000175 _____ () C:\Users\Alvaro\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2020-02-19 01:03 - 2020-02-19 01:03 - 000293497 _____ () C:\Users\Alvaro\AppData\Roaming\Gaheho
2020-01-24 12:03 - 2020-01-24 12:03 - 000295432 _____ () C:\Users\Alvaro\AppData\Roaming\Gogab
2020-02-10 00:03 - 2020-02-10 00:03 - 000178173 _____ () C:\Users\Alvaro\AppData\Roaming\Safagesacap
2019-11-24 13:38 - 2020-01-06 16:00 - 000001057 _____ () C:\Users\Alvaro\AppData\Roaming\vso_ts_preview.xml
2020-01-15 14:03 - 2020-02-20 12:03 - 000000424 _____ () C:\Users\Alvaro\AppData\Roaming\WB.CFG
2019-09-24 01:26 - 2019-09-26 11:03 - 000005535 _____ () C:\Users\Alvaro\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2020-05-01 15:34
==================== Final de FRST.txt ========================
Addition
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x86) Versión: 10-05-2020 02
Ejecutado por ALVARO (10-05-2020 19:41:25)
Ejecutado desde C:\Users\Alvaro\Desktop
Microsoft Windows 8.1 Pro (Update) (X86) (2019-09-23 09:36:17)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-3993314501-1360276134-1310569875-500 - Administrator - Disabled)
ALVARO (S-1-5-21-3993314501-1360276134-1310569875-1001 - Administrator - Enabled) => C:\Users\Alvaro
HomeGroupUser$ (S-1-5-21-3993314501-1360276134-1310569875-1003 - Limited - Enabled)
Invitado (S-1-5-21-3993314501-1360276134-1310569875-501 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
µTorrent (HKLM\...\uTorrent) (Version: 1.6 - )
µTorrent (HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Azureus (HKLM\...\Azureus) (Version: 2.4.0.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
ConvertXtoDVD 4.1.19.365 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDFab 11.0.7.5 (21/02/2020) (HKLM\...\DVDFab 11) (Version: 11.0.7.5 - DVDFab Software Inc.)
FontForge versión 14-03-2020 (HKLM\...\{56748B9C-19AE-4689-B8C5-5A45AE0A993A}_is1) (Version: 14-03-2020 - FontForgeBuilds)
Google Chrome (HKLM\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IObit Uninstaller 9 (HKLM\...\IObitUninstall) (Version: 9.2.0.16 - IObit)
Java 8 Update 241 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Secure Connection (HKLM\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Total Security (HKLM\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Total Security (HKLM\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.12130.20272 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12130.20272 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Word 2019 - en-us (HKLM\...\Word2019Retail - en-us) (Version: 16.0.12130.20272 - Microsoft Corporation)
Microsoft Word 2019 - es-es (HKLM\...\Word2019Retail - es-es) (Version: 16.0.12130.20272 - Microsoft Corporation)
MKVToolNix 43.0.0 (32-bit) (HKLM\...\MKVToolNix) (Version: 43.0.0 - Moritz Bunkus)
Mozilla Firefox 74.0 (x86 es-ES) (HKLM\...\Mozilla Firefox 74.0 (x86 es-ES)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
Npcap (HKLM\...\NpcapInst) (Version: 0.9984 - Nmap Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Sothink Flash Downloader for Internet Explorer (HKLM\...\{7FC84AD6-D939-41A0-A3DF-FB9B511FF275}_is1) (Version: 3.4 - SourceTec Software Co., LTD)
SoulSeek 157 NS 13e (HKLM\...\Soulseek2) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.18.0 - Synaptics)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.4.4445 - TeamViewer)
Type light 3.2.050 (HKLM\...\{3CC31D3E-369B-4029-A83E-251BB58A144C}_is1) (Version: 050 - CR8 Software Solutions)
Vector Magic (HKLM\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
vs2015_redist x86 (HKLM\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.71 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Biblioteca de Microsoft Windows para JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2019-09-23] (Extensiones de plataforma de Microsoft)
Biblioteca de Microsoft Windows para JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2019-09-23] (Microsoft Platform Extensions)
Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.174_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation) [MS Ad]
Frameworkuapbase -> C:\Program Files\WindowsApps\48682KiddoTest.Frameworkuapbase_1.0.0.2_neutral__81ffpr532s7pc [2019-09-23] (KiddoTest)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation) [MS Ad]
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2019-09-23] (Microsoft Platform Extensions)
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.336_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.336_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.336_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation) [MS Ad]
MSN Salud y Bienestar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation) [MS Ad]
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
mxtest2 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.mxtest2_2.0.0.0_neutral__x35ns48czryn0 [2019-09-23] (m1df_mmengesha)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2019-09-23] (Skype) [MS Ad]
Test_Framework_BP_052015 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBP052015_1.0.0.9_neutral__x35ns48czryn0 [2019-09-23] (m1df_mmengesha)
Test_Framework_win81appxneutral_061115 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkwin81appxneutral06_4.0.0.7_neutral__x35ns48czryn0 [2019-09-23] (M1DF_Mmengesha)
Test_FrameworkBackpublish_050515 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBackpublish050515_1.0.0.0_neutral__x35ns48czryn0 [2019-09-23] (m1df_mmengesha)
Test_FrameworkProd_062215_01 -> C:\Program Files\WindowsApps\50856m1dfLL.TestFrameworkProd06221501_1.0.0.10_neutral__nwcxtg9ehxpvt [2019-09-23] (m1df_lucyll)
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x86__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation) [MS Ad]
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim.dll [2019-12-18] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\shellex.dll [2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\shellex.dll [2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\shellex.dll [2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim.dll [2019-12-18] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\shellex.dll [2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
Shortcut: C:\Users\Alvaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11\Visitar o site do DVDFab.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&v=11.0.7.5
ShortcutWithArgument: C:\Users\Alvaro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Módulos cargados (Lista blanca) =============
2019-12-18 00:00 - 2019-12-18 00:00 - 000010240 _____ () [Archivo no firmado] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\es_es\AcroTray.esp
2019-12-18 00:00 - 2019-12-18 00:00 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim.esp
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\...\localhost -> localhost
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2013-08-22 08:13 - 2013-08-22 08:13 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.
Network Binding:
=============
Wi-Fi: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)
Ethernet 2: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [TCP Query User{E8744DD0-2620-49E5-A349-5377F6339092}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{524AAD89-C31D-4610-B550-5443A9BCC193}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{232CB3C9-321E-4558-8F6F-A56DCC185DF4}C:\program files\azureus\azureus.exe] => (Allow) C:\program files\azureus\azureus.exe (Aelitis) [Archivo no firmado]
FirewallRules: [UDP Query User{4F678999-674F-48C8-A12D-FD05BE625E25}C:\program files\azureus\azureus.exe] => (Allow) C:\program files\azureus\azureus.exe (Aelitis) [Archivo no firmado]
FirewallRules: [TCP Query User{9D60C52F-6CD0-4374-BE91-C7658FCA34C3}C:\program files\soulseekns\slsk.exe] => (Allow) C:\program files\soulseekns\slsk.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{964FF0BC-A15C-467E-95F6-3B29285A050F}C:\program files\soulseekns\slsk.exe] => (Allow) C:\program files\soulseekns\slsk.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{B2F6A939-AFD4-4A87-838C-1E4DEF9EA908}C:\program files\dvdfab 11\dvdfab.exe] => (Allow) C:\program files\dvdfab 11\dvdfab.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{F0BD2A14-2184-4BBB-858E-D99E555D4A92}C:\program files\dvdfab 11\dvdfab.exe] => (Allow) C:\program files\dvdfab 11\dvdfab.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [TCP Query User{4F361269-652E-4D3D-82C0-673DB1667A2C}C:\program files\dvdfab 11\drmremoval.exe] => (Allow) C:\program files\dvdfab 11\drmremoval.exe (DVDFab Software Inc. -> )
FirewallRules: [UDP Query User{090C6DBA-25DF-41A8-89C4-7E5B2A2AAC03}C:\program files\dvdfab 11\drmremoval.exe] => (Allow) C:\program files\dvdfab 11\drmremoval.exe (DVDFab Software Inc. -> )
FirewallRules: [{1BBFB739-540B-4D86-A631-52932B6637CD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06663BD0-C19F-4F38-B765-347EFF2D101F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{58140E41-1C53-464B-9B66-2D4B26EEF226}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{133FD66B-CAFB-4065-B192-0DC4AC7D341D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DC8222EB-2328-4E21-B13F-36F8FDB71DAF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5DCAEDF4-04A7-4753-B19F-0B8095F6D840}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BCC80766-6D5C-4883-A731-C70DB8F43DC2}] => (Allow) C:\Users\Alvaro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9B0532C2-C28F-4482-8B2D-7DC651B73EE9}] => (Allow) C:\Users\Alvaro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8754A452-9FB5-4B53-A8AC-1955E3223B11}] => (Allow) C:\Program Files\uTorrent\utorrent.exe () [Archivo no firmado]
FirewallRules: [{9172727C-D7DF-4EF9-B80B-996DD89AC6FF}] => (Allow) C:\Program Files\uTorrent\utorrent.exe () [Archivo no firmado]
FirewallRules: [{BE67D032-1112-4DA5-9DDD-830B95371FC6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Puntos de Restauración =========================
22-04-2020 10:54:55 Revo Uninstaller's restore point - Web Companion
01-05-2020 15:43:59 Punto de control programado
10-05-2020 18:53:50 Punto de control programado
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: Controladora de dispositivo de almacenamiento
Description: Controladora de dispositivo de almacenamiento
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (05/10/2020 07:09:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkQuarantineRetry
Error: (05/10/2020 07:08:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (05/10/2020 07:08:40 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (05/10/2020 06:07:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: fbc
Hora de inicio: 01d626e45490bfaf
Hora de finalización: 4294967295
Ruta de acceso de la aplicación: C:\Windows\system32\backgroundTaskHost.exe
Identificador de informe: 4af24dbc-92d8-11ea-97af-001b38b1d76f
Nombre completo de paquete con errores: Microsoft.BingSports_3.0.1.174_x86__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: AppexSports
Error: (05/10/2020 04:07:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: 14e4
Hora de inicio: 01d626d38fed1e78
Hora de finalización: 4294967295
Ruta de acceso de la aplicación: C:\Windows\system32\backgroundTaskHost.exe
Identificador de informe: 851dbb76-92c7-11ea-97af-001b38b1d76f
Nombre completo de paquete con errores: Microsoft.BingSports_3.0.1.174_x86__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: AppexSports
Error: (05/10/2020 03:22:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa backgroundTaskHost.exe, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: 1760
Hora de inicio: 01d626c2cc03e375
Hora de finalización: 4294967295
Ruta de acceso de la aplicación: C:\Windows\system32\backgroundTaskHost.exe
Identificador de informe: c02690d3-92b6-11ea-97af-001b38b1d76f
Nombre completo de paquete con errores: Microsoft.BingSports_3.0.1.174_x86__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: AppexSports
Error: (05/10/2020 01:18:33 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (05/10/2020 01:18:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0x8007007B
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Errores del sistema:
=============
Error: (05/10/2020 01:29:55 PM) (Source: DCOM) (EventID: 10010) (User: ALVARO)
Description: El servidor {1B1F472E-3221-4826-97DB-2C2324D389AE} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (05/10/2020 01:29:25 PM) (Source: DCOM) (EventID: 10010) (User: ALVARO)
Description: El servidor {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (05/09/2020 06:59:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Microsoft Office Click-to-Run Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (05/09/2020 06:59:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Kaspersky Secure Connection 4.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.
Error: (05/09/2020 06:59:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Genuine Monitor Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (05/09/2020 06:59:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (05/09/2020 06:59:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Genuine Software Integrity Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (05/08/2020 08:23:21 PM) (Source: DCOM) (EventID: 10010) (User: ALVARO)
Description: El servidor {4545DEA0-2DFC-4906-A728-6D986BA399A9} no se registró con DCOM dentro del tiempo de espera requerido.
Windows Defender:
===================================
Date: 2020-01-19 13:11:17.511
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {3D65862D-13A3-47FF-A3E4-60CC4F92B42C}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2020-01-19 13:06:01.916
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {95F54616-8B93-47A0-8DF4-F1FC9202F70C}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2020-01-19 12:52:49.564
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {23D2166B-8057-4A0A-9E63-ECB543F590B0}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2020-01-17 15:18:42.876
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {0AAB97C5-9A03-48E7-81ED-5C82F3E38CFC}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2020-01-17 13:55:53.332
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {D6519F83-86A2-4B13-ADBD-C8E37020DA33}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2020-01-18 23:20:26.565
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.307.2503.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.16600.7
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2020-01-18 23:20:26.565
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.307.2503.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.16600.7
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2020-01-18 23:20:26.440
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.307.2503.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.16600.7
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2020-01-16 13:54:34.692
Description:
Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Copia de seguridad
Código de error: 0x80004004
Descripción del error: Operación anulada
Versión de firma: 1.307.2384.0;1.307.2384.0
Versión de motor: 1.1.16600.7
Date: 2020-01-16 13:54:31.067
Description:
Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Actual
Código de error: 0x80004004
Descripción del error: Operación anulada
Versión de firma: 1.307.2432.0;1.307.2432.0
Versión de motor: 1.1.16600.7
CodeIntegrity:
===================================
Date: 2020-01-19 12:05:07.889
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-17 03:08:42.291
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-10 13:02:34.122
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-07 12:32:48.013
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-12-27 20:12:18.222
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-12-27 20:12:18.072
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\Drivers\eagleGet.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Información de la memoria ===========================
BIOS: TOSHIBA V5.30 09/27/2007
Placa base: TOSHIBA ISKAA
Procesador: Intel(R) Pentium(R) Dual CPU T2370 @ 1.73GHz
Porcentaje de memoria en uso: 76%
RAM física total: 2038.43 MB
RAM física disponible: 477.16 MB
Virtual total: 3830.43 MB
Virtual disponible: 1956.96 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:53.6 GB) NTFS ==>[unidad con componentes de arranque (obtenido de BCD)]
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: FDA68CDB)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== Final Addition.txt =======================
Hola
MUY Importante 
Realiza una copia de seguridad del registro :
Para hacerlo descarga DelFix.exe( en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación 
con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\...\Run: [AdobeBridge] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-3993314501-1360276134-1310569875-1001 -> Sin Nombre - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - Ningún archivo
Toolbar: HKU\S-1-5-21-3993314501-1360276134-1310569875-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-04-22] <==== ATENCIÓN (Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-04-22] <==== ATENCIÓN
CHR Extension: (Chrome Media Router) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-21]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x32.sys [X]
U4 npcap_wifi; no ImagePath
2020-01-06 16:18 - 2020-01-06 16:18 - 000000171 _____ () C:\Users\Alvaro\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2020-01-06 16:18 - 2020-01-06 16:18 - 000000304 _____ () C:\Users\Alvaro\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2019-12-30 18:06 - 2019-12-30 18:06 - 000000012 _____ () C:\Users\Alvaro\AppData\Roaming\57194d7fac3eeb8711f0ca1082e7e000
2020-02-01 21:03 - 2020-02-01 21:03 - 000308523 _____ () C:\Users\Alvaro\AppData\Roaming\Bolahefo
2020-01-06 16:18 - 2020-01-06 16:18 - 000000175 _____ () C:\Users\Alvaro\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2020-02-19 01:03 - 2020-02-19 01:03 - 000293497 _____ () C:\Users\Alvaro\AppData\Roaming\Gaheho
2020-01-24 12:03 - 2020-01-24 12:03 - 000295432 _____ () C:\Users\Alvaro\AppData\Roaming\Gogab
2020-02-10 00:03 - 2020-02-10 00:03 - 000178173 _____ () C:\Users\Alvaro\AppData\Roaming\Safagesacap
2019-09-24 01:26 - 2019-09-26 11:03 - 000005535 _____ () C:\Users\Alvaro\AppData\Local\oobelibMkey.log
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
Resultados de la corrección de Farbar Recovery Scan Tool (x86) Versión: 11-05-2020
Ejecutado por ALVARO (12-05-2020 14:12:40) Run:1
Ejecutado desde C:\Users\Alvaro\Desktop
Perfiles cargados: ALVARO
Modo de Inicio: Safe Mode (with Networking)
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\...\Run: [AdobeBridge] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2020-04-22] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-3993314501-1360276134-1310569875-1001 -> Sin Nombre - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - Ningún archivo
Toolbar: HKU\S-1-5-21-3993314501-1360276134-1310569875-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-04-22] <==== ATENCIÓN (Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-04-22] <==== ATENCIÓN
CHR Extension: (Chrome Media Router) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-21]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x32.sys [X]
U4 npcap_wifi; no ImagePath
2020-01-06 16:18 - 2020-01-06 16:18 - 000000171 _____ () C:\Users\Alvaro\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2020-01-06 16:18 - 2020-01-06 16:18 - 000000304 _____ () C:\Users\Alvaro\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2019-12-30 18:06 - 2019-12-30 18:06 - 000000012 _____ () C:\Users\Alvaro\AppData\Roaming\57194d7fac3eeb8711f0ca1082e7e000
2020-02-01 21:03 - 2020-02-01 21:03 - 000308523 _____ () C:\Users\Alvaro\AppData\Roaming\Bolahefo
2020-01-06 16:18 - 2020-01-06 16:18 - 000000175 _____ () C:\Users\Alvaro\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2020-02-19 01:03 - 2020-02-19 01:03 - 000293497 _____ () C:\Users\Alvaro\AppData\Roaming\Gaheho
2020-01-24 12:03 - 2020-01-24 12:03 - 000295432 _____ () C:\Users\Alvaro\AppData\Roaming\Gogab
2020-02-10 00:03 - 2020-02-10 00:03 - 000178173 _____ () C:\Users\Alvaro\AppData\Roaming\Safagesacap
2019-09-24 01:26 - 2019-09-26 11:03 - 000005535 _____ () C:\Users\Alvaro\AppData\Local\oobelibMkey.log
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
"HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => eliminado correctamente
"HKLM\Software\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{EF293C5A-9F37-49FD-91C4-2B867063FC54}" => eliminado correctamente
HKLM\Software\Classes\CLSID\{EF293C5A-9F37-49FD-91C4-2B867063FC54} => eliminado correctamente
"HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2E924F4F-67F0-4BD8-9560-49F468E843D2}" => eliminado correctamente
"HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => eliminado correctamente
C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => movido correctamente
C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => movido correctamente
CHR Extension: (Chrome Media Router) - C:\Users\Alvaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-21] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\System\CurrentControlSet\Services\rpcapd => eliminado correctamente
rpcapd => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\cpuz145 => eliminado correctamente
cpuz145 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\npcap_wifi => eliminado correctamente
npcap_wifi => servicio eliminado correctamente
C:\Users\Alvaro\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f => movido correctamente
C:\Users\Alvaro\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf => movido correctamente
C:\Users\Alvaro\AppData\Roaming\57194d7fac3eeb8711f0ca1082e7e000 => movido correctamente
C:\Users\Alvaro\AppData\Roaming\Bolahefo => movido correctamente
C:\Users\Alvaro\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388 => movido correctamente
C:\Users\Alvaro\AppData\Roaming\Gaheho => movido correctamente
C:\Users\Alvaro\AppData\Roaming\Gogab => movido correctamente
C:\Users\Alvaro\AppData\Roaming\Safagesacap => movido correctamente
C:\Users\Alvaro\AppData\Local\oobelibMkey.log => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable" => eliminado correctamente
"HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3993314501-1360276134-1310569875-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24452008 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 8862467 B
Edge => 0 B
Chrome => 166456125 B
Firefox => 27025047 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 104 B
Users => 104 B
ProgramData => 104 B
Public => 104 B
systemprofile => 376444 B
LocalService => 378106 B
NetworkService => 378106 B
Alvaro => 27844372 B
RecycleBin => 34645 B
EmptyTemp: => 252 MB datos temporales Eliminados.
================================
El sistema necesita reiniciarse.
==== Final Fixlog 14:13:07 ====Hola
Como sigue el funcionamiento de tu equipo? Sigue sin problemas?
Un saludo
buenas
diria que si, había algo malicioso en los reportes que te pase?
Hola @canva
Sigue estos pasos, para eliminar las herramientas utilizadas:
Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Gracias por confiar en ForoSpyware. Ha sido un placer ayudarte 
Nos alegramos que se te haya resuelto 
Damos el tema por solucionado.
Un saludo