Captura buscador Home ar


#1

Hola, supongo que tengo alguno de estos malwares porque cuando clikeo en Chrime google me aparece en la barra www home ar com que de inmediato me lleva a google.

Bajé el Malwarebytes y el CCleaner y no aparece nada significativo en apariencia. Sigue derivando a esa página y después a google.

Agradezco la ayuda que me puedan dar

P


#2

Hola

Realizas en orden y me pegas los logs comentado como va todo:

1- Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward:Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • Si no encuentra nada, pulsamos “Omitir Reparación

  • El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

2- Descarga la aplicación ZhpCleaner a Tu escritorio, pulsando en el boton Telecharger de la página.

  • Cierra todos los navegadores
  • Doble clic para ejecutarlo y Presiona el Botón Scánner. Espera a que termine.
  • Se va a generar un reporte en el escritorio llamado ZHPcleaner.
  • Presiona el Botón Reparar.
  • Cuando termine, cierra todos los programas y reinicia el ordenador.
  • copias y pegas en Tu próxima respuesta el contenido del reporte que se había generado.

Manual ZhpCleaner


#3

ok, gracias. Vuelvo con este tema. Se me rompió la compu y la mandé a arreglar. Recién la recupero. Hago esto y te digo. Gracias.


#4

Hola, listo. El Adwcleaner no encontró nada. El otro sí. Reparé. Todo como dice ahí. Pero, al reiniciar sigue capturado. Aparece el home. Este es el reporte que se habìa generado antes de reparar:

~ ZHPCleaner v2019.1.28.13 by Nicolas Coolman (2019/01/28)
~ Run by Silvia (Administrator)  (28/01/2019 14:51:25)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\Silvia\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Silvia\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit  (Build 17134)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (22)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (76)
MOVIDO carpeta: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta^: C:\Users\Silvia\AppData\Local\Temp\aria-debug-10068.log    =>.SUP.Temporary.OneDrive
MOVIDO carpeta^: C:\Users\Silvia\AppData\Local\Temp\aria-debug-6064.log    =>.SUP.Temporary.OneDrive
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\sa.A5BBC526-3335-9747-BCF9-D2CE47A60FBD_5__.Public.AppUpdate.dat    =>.SUP.Temporary.WindowsApps
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct1EE6.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct22F5.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct2A11.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct323F.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct3975.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct3AEC.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct3BAA.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct4FE5.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct940D.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct95EB.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct9734.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct9B23.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct9BBF.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctA0CD.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctA4D1.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctA510.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctBD17.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctC145.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctC146.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctC853.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctC863.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctD3CA.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctEF39.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{0C77CE23-85DB-4056-B5A9-0D9CB61A0BA6} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{158652F1-2A36-42F2-9837-03A158F39B7D} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{23318007-C81E-4543-9C03-AE6E9F48563C}.png    =>.SUP.Temporary.Picture
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{2693337F-76F5-483A-95AE-EDB288238C4D} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{5DFA1BDB-BE06-43CC-92FE-7FDB0C47E1E1} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{5F3CE17A-E827-46F4-99B6-7F481B583F1E} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{6CEFB63A-D04E-43BC-8F01-1D41BFA4FA6A} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{712C8051-C46B-43F3-8B0E-FC5858AA5C47} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{7A5819B0-2AFD-4297-9A19-0C7043C8EF26}.png    =>.SUP.Temporary.Picture
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{80116796-B71D-4719-AA64-0608A9DA6F94} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{81247587-64E9-44ED-9648-EC618216F1F0} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{A4B6A1D2-EB90-4E98-931C-AB46F46089EB} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{A6D1767C-84F1-4CF5-B22A-4A4E3116364B} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{B043DAC6-CD1A-44B8-AC9D-2A89D174C6E8} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{B1035AAC-9F54-43CB-9217-73A898429B80} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{B12FD60A-0A43-4D12-B76C-8352089B48D0} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{B4F088EF-C15F-4781-B8CB-8DA31F3EC168} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{C43C89CE-F9C6-41ED-8755-BDCB67529665} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{CB464E7A-82D6-4EBF-BF9D-A8D79CF1F0C3} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{CFBFF629-9B78-4230-942E-CC587DA29980}.png    =>.SUP.Temporary.Picture
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\000  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\001  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\002  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\003  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\004  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\005  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\006  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\007  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\009  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\010  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\011  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\012  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\013  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\014  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\015  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\016  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\017  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\018  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\019  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\020  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\021  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\022  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\023  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\024  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\025  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\026  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\027  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\OneDrive  =>PUP.Optional.Y2Go


---\\  Registro ( Claves, Valores, Datos) (1)
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\DAEMON Tools Lite Automount [0x020000000000000000000000]  =>Heuristic.Suspect


---\\  Resumen de elementos en su estación de trabajo (9)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.OneDrive
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.WindowsApps
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Office
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Picture
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Chrome
https://nicolascoolman.eu/2017/04/08/pup-optional-y2go/  =>PUP.Optional.Y2Go
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect


---\\ Limpieza adicional. (6)
~ Clave de registro Tracing borrados (6)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ falta este navegador! (Mozilla Firefox)
~ falta este navegador! (Opera Software)
~ El sistema ha sido reiniciado.


---\\ STATISTIQUES
~ Items escaneado : 434
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 12/12
~ Ahorro de espacio (bytes) : 28717422


~ End of clean in 00h00mn43s

---\\  Reporte (2)
ZHPCleaner-[S]-28012019-14_48_44.txt
ZHPCleaner-[R]-28012019-14_52_08.txt

#5

Y esto es lo que apareció en el bloc de notas luego:

~ ZHPCleaner v2019.1.28.13 by Nicolas Coolman (2019/01/28)
~ Run by Silvia (Administrator)  (28/01/2019 14:51:25)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\Silvia\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Silvia\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit  (Build 17134)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (22)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (76)
MOVIDO carpeta: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi    =>.SUP.Empty
MOVIDO carpeta^: C:\Users\Silvia\AppData\Local\Temp\aria-debug-10068.log    =>.SUP.Temporary.OneDrive
MOVIDO carpeta^: C:\Users\Silvia\AppData\Local\Temp\aria-debug-6064.log    =>.SUP.Temporary.OneDrive
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\sa.A5BBC526-3335-9747-BCF9-D2CE47A60FBD_5__.Public.AppUpdate.dat    =>.SUP.Temporary.WindowsApps
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct1EE6.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct22F5.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct2A11.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct323F.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct3975.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct3AEC.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct3BAA.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct4FE5.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct940D.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct95EB.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct9734.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct9B23.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wct9BBF.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctA0CD.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctA4D1.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctA510.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctBD17.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctC145.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctC146.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctC853.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctC863.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctD3CA.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\wctEF39.tmp    =>.SUP.Temporary.Office
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{0C77CE23-85DB-4056-B5A9-0D9CB61A0BA6} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{158652F1-2A36-42F2-9837-03A158F39B7D} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{23318007-C81E-4543-9C03-AE6E9F48563C}.png    =>.SUP.Temporary.Picture
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{2693337F-76F5-483A-95AE-EDB288238C4D} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{5DFA1BDB-BE06-43CC-92FE-7FDB0C47E1E1} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{5F3CE17A-E827-46F4-99B6-7F481B583F1E} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{6CEFB63A-D04E-43BC-8F01-1D41BFA4FA6A} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{712C8051-C46B-43F3-8B0E-FC5858AA5C47} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{7A5819B0-2AFD-4297-9A19-0C7043C8EF26}.png    =>.SUP.Temporary.Picture
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{80116796-B71D-4719-AA64-0608A9DA6F94} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{81247587-64E9-44ED-9648-EC618216F1F0} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{A4B6A1D2-EB90-4E98-931C-AB46F46089EB} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{A6D1767C-84F1-4CF5-B22A-4A4E3116364B} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{B043DAC6-CD1A-44B8-AC9D-2A89D174C6E8} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{B1035AAC-9F54-43CB-9217-73A898429B80} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{B12FD60A-0A43-4D12-B76C-8352089B48D0} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{B4F088EF-C15F-4781-B8CB-8DA31F3EC168} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{C43C89CE-F9C6-41ED-8755-BDCB67529665} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{CB464E7A-82D6-4EBF-BF9D-A8D79CF1F0C3} - OProcSessId.dat    =>.SUP.Temporary.Empty
MOVIDO carpeta: C:\Users\Silvia\AppData\Local\Temp\{CFBFF629-9B78-4230-942E-CC587DA29980}.png    =>.SUP.Temporary.Picture
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\000  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\001  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\002  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\003  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\004  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\005  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\006  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\007  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\009  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\010  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\011  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\012  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\013  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\014  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\015  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\016  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\017  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\018  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\019  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\020  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\021  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\022  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\023  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\024  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\025  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\026  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\File System\027  =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Silvia\AppData\Local\OneDrive  =>PUP.Optional.Y2Go


---\\  Registro ( Claves, Valores, Datos) (1)
BORRADOS valor: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\DAEMON Tools Lite Automount [0x020000000000000000000000]  =>Heuristic.Suspect


---\\  Resumen de elementos en su estación de trabajo (9)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.OneDrive
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.WindowsApps
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Office
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Picture
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Chrome
https://nicolascoolman.eu/2017/04/08/pup-optional-y2go/  =>PUP.Optional.Y2Go
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/  =>Heuristic.Suspect


---\\ Limpieza adicional. (6)
~ Clave de registro Tracing borrados (6)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ falta este navegador! (Mozilla Firefox)
~ falta este navegador! (Opera Software)
~ El sistema ha sido reiniciado.


---\\ STATISTIQUES
~ Items escaneado : 434
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 12/12
~ Ahorro de espacio (bytes) : 28717422


~ End of clean in 00h00mn43s

---\\  Reporte (2)
ZHPCleaner-[S]-28012019-14_48_44.txt
ZHPCleaner-[R]-28012019-14_52_08.txt
Gracias

#6
  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.


#7
texto preformateado precedido por 4 espacios

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2019
Ran by Silvia (administrator) on DESKTOP-SF3O3S4 (28-01-2019 16:55:56)
Running from C:\Users\Silvia\Desktop
Loaded Profiles: Silvia (Available Profiles: Silvia)
Platform: Windows 10 Home Single Language Version 1803 17134.472 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Spotify Ltd) C:\Users\Silvia\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Silvia\AppData\Roaming\Spotify\Spotify.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Spotify Ltd) C:\Users\Silvia\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Spotify Ltd) C:\Users\Silvia\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4090176 2019-01-22] (Dropbox, Inc.)
HKU\S-1-5-21-3349553428-783536504-1463937965-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] ()
HKU\S-1-5-21-3349553428-783536504-1463937965-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-19] (Disc Soft Ltd)
HKU\S-1-5-21-3349553428-783536504-1463937965-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-3349553428-783536504-1463937965-1001\...\Run: [Spotify] => C:\Users\Silvia\AppData\Roaming\Spotify\Spotify.exe [25941224 2019-01-28] (Spotify Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc.)
Startup: C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-09-24]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 186.130.128.91 200.63.155.70
Tcpip\..\Interfaces\{69214804-62d3-4110-8189-77bc3de46cdb}: [DhcpNameServer] 186.130.128.91 200.63.155.70

Internet Explorer:
==================
HKU\S-1-5-21-3349553428-783536504-1463937965-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.home-ar.com/
SearchScopes: HKU\S-1-5-21-3349553428-783536504-1463937965-1001 -> DefaultScope {3BC2EA78-17C8-409D-883B-2B0795BF44D0} URL = hxxp://www.home-ar.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3349553428-783536504-1463937965-1001 -> {3BC2EA78-17C8-409D-883B-2B0795BF44D0} URL = hxxp://www.home-ar.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-28] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-19] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-28] (Microsoft Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-3349553428-783536504-1463937965-1001 -> hxxp://www.home-ar.com/

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.home-ar.com/"
CHR Profile: C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default [2019-01-28]
CHR Extension: (Presentaciones) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-24]
CHR Extension: (Documentos) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-24]
CHR Extension: (Google Drive) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-19]
CHR Extension: (YouTube) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-24]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-28]
CHR Extension: (Dropbox para Gmail) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2018-09-24]
CHR Extension: (Zotero Connector) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2019-01-28]
CHR Extension: (Hojas de cálculo) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-24]
CHR Extension: (AdBlock) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-28]
CHR Extension: (Google Keep: notas y listas) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2019-01-28]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2018-09-24]
CHR Extension: (Botón de Google Académico) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2018-09-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-09-24]
CHR Extension: (Extensión de Google Keep para Chrome) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2019-01-28]
CHR Extension: (LinkedIn Extension) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\meajfmicibjppdgbjfkpdikfjcflabpk [2018-09-24]
CHR Extension: (Office Online) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2018-12-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-24]
CHR Extension: (Tablas dinámicas (experimental)) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfoeakahkgllhkommkfeehmkfcloagkl [2018-09-24]
CHR Extension: (Gmail) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-24]
CHR Extension: (Chrome Media Router) - C:\Users\Silvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07]
CHR HKU\S-1-5-21-3349553428-783536504-1463937965-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-24] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-01-22] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-10-19] (Disc Soft Ltd)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-11-05] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-11-05] (Disc Soft Ltd)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [51128 2015-10-29] (Intel Corporation)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [41464 2015-11-19] (Intel(R) Corporation)
S3 pelmouse; C:\WINDOWS\System32\drivers\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\System32\drivers\pelusblf.sys [35328 2016-01-14] (TPMX Electronics Ltd.)
S3 pelvendr; C:\WINDOWS\System32\drivers\pelvendr.sys [11776 2009-11-02] (TPMX Electronics Ltd.)
S3 phidmice; C:\WINDOWS\System32\drivers\phidmice.sys [35328 2015-12-17] (TPMX Electronics Ltd.)
S3 pmouself; C:\WINDOWS\System32\drivers\pmouself.sys [23040 2013-03-26] (TPMX Electronics Ltd.)
S3 pvendrlf; C:\WINDOWS\System32\drivers\pvendrlf.sys [12288 2013-03-26] (TPMX Electronics Ltd.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2018-04-11] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-28 16:55 - 2019-01-28 16:57 - 000016738 _____ C:\Users\Silvia\Desktop\FRST.txt
2019-01-28 16:55 - 2019-01-28 16:55 - 000000000 ____D C:\FRST
2019-01-28 16:54 - 2019-01-28 16:54 - 002428416 _____ (Farbar) C:\Users\Silvia\Desktop\FRST64.exe
2019-01-28 16:03 - 2019-01-28 16:03 - 000000000 ___HD C:\OneDriveTemp
2019-01-28 14:48 - 2019-01-28 14:52 - 000011409 _____ C:\Users\Silvia\Desktop\ZHPCleaner.txt
2019-01-28 14:35 - 2019-01-28 14:52 - 000000000 ____D C:\Users\Silvia\AppData\Roaming\ZHP
2019-01-28 14:35 - 2019-01-28 14:35 - 000000876 _____ C:\Users\Silvia\Desktop\ZHPCleaner.lnk
2019-01-28 14:35 - 2019-01-28 14:35 - 000000000 ____D C:\Users\Silvia\AppData\Local\ZHP
2019-01-28 14:32 - 2019-01-28 14:32 - 003305856 _____ C:\Users\Silvia\Desktop\ZHPCleaner.exe
2019-01-28 14:22 - 2019-01-28 14:22 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-01-28 14:22 - 2019-01-28 14:22 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-01-28 14:22 - 2019-01-28 14:22 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-01-28 14:22 - 2019-01-28 14:22 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-01-28 14:22 - 2019-01-28 14:22 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-01-28 14:22 - 2019-01-28 14:22 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-01-28 14:22 - 2019-01-28 14:22 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-01-28 14:22 - 2019-01-28 14:22 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-01-28 14:22 - 2019-01-28 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-01-28 14:19 - 2019-01-28 14:21 - 000000000 ____D C:\AdwCleaner
2019-01-28 14:08 - 2019-01-28 15:19 - 000000000 ____D C:\Users\Silvia\AppData\Local\Spotify
2019-01-28 14:08 - 2019-01-28 14:08 - 000001855 _____ C:\Users\Silvia\Desktop\Spotify.lnk
2019-01-28 14:08 - 2019-01-28 14:08 - 000001841 _____ C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2019-01-28 14:07 - 2019-01-28 16:59 - 000000000 ____D C:\Users\Silvia\AppData\Roaming\Spotify
2019-01-28 14:05 - 2019-01-28 14:05 - 000742728 _____ (Spotify Ltd) C:\Users\Silvia\Downloads\SpotifySetup.exe
2019-01-28 14:00 - 2019-01-28 14:02 - 019341880 _____ (Piriform Software Ltd) C:\Users\Silvia\Downloads\ccsetup552.exe
2019-01-28 13:58 - 2019-01-28 13:59 - 007320272 _____ (Malwarebytes) C:\Users\Silvia\Desktop\adwcleaner_7.2.6.0.exe
2019-01-28 13:04 - 2019-01-28 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-01-22 10:14 - 2019-01-22 10:14 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-01-22 10:14 - 2019-01-22 10:14 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-01-22 10:14 - 2019-01-22 10:14 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-01-22 10:14 - 2019-01-22 10:14 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-28 16:56 - 2018-09-19 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-28 16:16 - 2018-08-17 21:47 - 000000000 ___RD C:\Users\Silvia\Google Drive
2019-01-28 16:07 - 2018-08-18 16:13 - 000000000 ___RD C:\Users\Silvia\Dropbox
2019-01-28 16:03 - 2018-09-19 08:22 - 000000000 ____D C:\WINDOWS\INF
2019-01-28 16:03 - 2018-08-18 15:18 - 000000000 ___RD C:\Users\Silvia\OneDrive - sociales.UBA.ar
2019-01-28 16:03 - 2017-03-18 10:31 - 000000000 ___RD C:\Users\Silvia\OneDrive
2019-01-28 16:01 - 2018-09-19 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-28 16:01 - 2018-09-19 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-28 15:59 - 2018-09-19 13:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-28 15:59 - 2017-03-18 10:28 - 000000000 __SHD C:\Users\Silvia\IntelGraphicsProfiles
2019-01-28 15:58 - 2018-09-19 08:00 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-28 15:09 - 2018-11-07 13:15 - 000000000 ____D C:\Users\Silvia\AppData\Local\CrashDumps
2019-01-28 15:09 - 2018-09-19 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-28 14:20 - 2018-09-24 19:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-01-28 14:13 - 2018-09-24 19:19 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-28 14:13 - 2018-09-24 19:19 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-28 13:21 - 2018-09-24 19:55 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-01-28 13:21 - 2018-09-24 19:55 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-01-28 13:21 - 2018-09-24 19:55 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-01-28 13:21 - 2018-09-19 13:24 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3349553428-783536504-1463937965-1001
2019-01-28 13:21 - 2018-09-19 13:09 - 000002400 _____ C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-28 13:21 - 2018-08-17 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-01-28 13:11 - 2018-09-24 19:15 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-01-28 13:09 - 2018-09-19 13:16 - 000000000 ____D C:\Users\Silvia\AppData\Local\Packages
2019-01-28 12:51 - 2018-09-24 21:10 - 000000000 ____D C:\ProgramData\MEGAsync
2019-01-15 13:53 - 2018-09-19 13:18 - 001679422 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-15 13:53 - 2018-09-19 08:38 - 000751674 _____ C:\WINDOWS\system32\perfh00A.dat
2019-01-15 13:53 - 2018-09-19 08:38 - 000147560 _____ C:\WINDOWS\system32\perfc00A.dat

==================== Files in the root of some directories =======

2018-09-24 19:17 - 2018-09-24 19:17 - 000007605 _____ () C:\Users\Silvia\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-19 12:57

==================== End of FRST.txt ============================

#8
texto preformateado precedido por 4 espacios

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019
Ran by Silvia (28-01-2019 16:59:17)
Running from C:\Users\Silvia\Desktop
Windows 10 Home Single Language Version 1803 17134.472 (X64) (2018-09-19 16:16:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3349553428-783536504-1463937965-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3349553428-783536504-1463937965-503 - Limited - Disabled)
Invitado (S-1-5-21-3349553428-783536504-1463937965-501 - Limited - Disabled)
Silvia (S-1-5-21-3349553428-783536504-1463937965-1001 - Administrator - Enabled) => C:\Users\Silvia
WDAGUtilityAccount (S-1-5-21-3349553428-783536504-1463937965-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Backup and Sync from Google (HKLM\...\{693CADB0-962B-4AC1-A939-9524B258C997}) (Version: 3.43.2448.9071 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0650 - Disc Soft Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP DeskJet 3630 series Ayuda (HKLM-x32\...\{B53FAA7E-9898-42BE-8C80-A9CA84298CAB}) (Version: 35.0.0 - Hewlett Packard)
HP DeskJet 3630 series Software básico del dispositivo (HKLM\...\{77BA79F8-8C81-4614-B1D7-E759E86AC070}) (Version: 40.11.1107.1739 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{7BEBB31E-58C4-4FA5-9AD1-ACBE32BF0D12}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{63BD9C12-5CE9-4294-B1C3-A09F971FAFB5}) (Version: 36.0.41.58587 - HP)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3349553428-783536504-1463937965-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-3349553428-783536504-1463937965-1001\...\Spotify) (Version: 1.0.98.78.gb45d2a6b - Spotify AB)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
WinX DVD Ripper Platinum 8.8.1 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3349553428-783536504-1463937965-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-12-07] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (Disc Soft Ltd)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-12-07] (Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {014279B2-53B1-4E5E-952A-340B15E40E30} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-28] (Microsoft Corporation)
Task: {0E46D5FD-73AC-4665-A5AF-F6EA6F87FE93} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-28] (Microsoft Corporation)
Task: {2CD7A6C1-579F-4BFD-B3E1-247B2998D698} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-28] (AVAST Software)
Task: {30347204-5FD3-42C8-B72A-19D3E7B49EE5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {5EE03C5D-A348-4744-AC7D-8FC404CEA0F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-24] (Google Inc.)
Task: {63492428-F6B6-4828-9EFC-F2BD2E04E951} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-28] (Microsoft Corporation)
Task: {65438B89-47C2-4AEE-B9BB-ACF36CE6AD98} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
Task: {78988310-2176-4416-A75E-150D738E2F4A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2019-01-28] (Microsoft Corporation)
Task: {811090AE-8D7D-4000-BEE4-20929362CEF3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {8A186F6C-776D-4210-926E-FC2A812F8961} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {A139F36A-4519-4A29-9A7F-65C75EC977D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {A639F905-7117-40EB-BFE4-C9879861CF60} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3349553428-783536504-1463937965-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {A75F1491-5237-40C4-A32A-6525DAA04FE2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-28] (Microsoft Corporation)
Task: {B5441C85-BCA3-41AF-8698-771315842B4E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-09-24] (Dropbox, Inc.)
Task: {BA73CA13-B5BE-404C-B35D-0F529A0D6A0F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-28] (Microsoft Corporation)
Task: {BCB663A2-93FC-4634-A699-2DA17D379FF0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {CC489C32-7A75-4561-87DC-725D63BC85AC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-09-24] (Dropbox, Inc.)
Task: {D392E287-4FF7-4628-B64B-ED665AE68A47} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {DA54AFBF-EBF5-46D6-AC96-FAC793DA73BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-24] (Google Inc.)
Task: {E31D4460-9E87-45AD-97CC-E6A4A53746AD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2019-01-28] (Microsoft Corporation)
Task: {FD1C4F17-EB23-4945-9EFE-31E1A80B5906} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {FFF7566E-086C-4FA0-A6C1-33F38C421428} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Keep_ notas y listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki

==================== Loaded Modules (Whitelisted) ==============

2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-18 18:51 - 2017-10-18 18:51 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 ____N () C:\Windows\ShellExperiences\TileControl.dll
2018-12-19 18:23 - 2018-11-08 23:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-12-19 18:23 - 2018-12-14 03:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-12-07 03:37 - 2018-12-07 03:37 - 046504696 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-12-20 19:50 - 2018-12-20 19:50 - 003083264 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\4229fefd2b2ec2729298e2c2b14f9d28\DotNetCommon.ni.dll
2018-10-15 22:13 - 2018-10-15 22:14 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-28 13:39 - 2019-01-28 13:42 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-28 13:40 - 2019-01-28 13:42 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-01-28 13:39 - 2019-01-28 13:42 - 010936320 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2019-01-28 13:40 - 2019-01-28 13:42 - 002920960 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\skypert.dll
2019-01-28 13:40 - 2019-01-28 13:42 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2019-01-28 15:41 - 2019-01-28 15:41 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-28 15:41 - 2019-01-28 15:41 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-04-12 13:27 - 2018-04-12 13:27 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-10 00:55 - 2018-12-10 00:56 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-28 15:41 - 2019-01-28 15:41 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-28 15:41 - 2019-01-28 15:41 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-28 13:40 - 2019-01-28 13:42 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-28 16:00 - 2019-01-28 16:00 - 000113664 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\_ctypes.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 000080896 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\bz2.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 001792512 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\_hashlib.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000128512 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32api.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000137728 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\pywintypes27.dll
2019-01-28 16:01 - 2019-01-28 16:01 - 000548864 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\pythoncom27.dll
2019-01-28 16:01 - 2019-01-28 16:01 - 000689664 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\unicodedata.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000438784 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32com.shell.shell.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 001489408 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\wx._core_.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 001007104 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\wx._gdi_.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 001039872 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\wx._windows_.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 001325056 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\wx._controls_.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000916992 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\wx._misc_.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 001084416 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\pysqlite2._sqlite.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000149504 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32file.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000136192 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32security.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 000007680 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\hashobjs_ext.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000020992 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\thumbnails_ext.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000118784 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\usb_ext.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 000047616 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\_socket.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 002224640 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\_ssl.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 000014848 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\common.time34.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000023040 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32event.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000034304 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\windows.conditional.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000020480 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\windows.winwrap.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000110080 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\windows.volumes.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000223232 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32gui.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 000173568 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\_elementtree.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 000169472 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\pyexpat.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000048128 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32inet.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000103424 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\wx._html2.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 000046080 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\_psutil_windows.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000633272 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\windows._cacheinvalidation.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000011776 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32crypt.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 000301568 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\PIL._imaging.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 000032256 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\_multiprocessing.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 005752320 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\cello.pyd
2019-01-28 16:00 - 2019-01-28 16:00 - 000026112 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\_yappi.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000044032 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32process.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000027648 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32pipe.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000010752 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\select.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000029696 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32pdh.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000038400 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\windows.connectivity.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000073216 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\windows.device_monitor.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000020480 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32profile.pyd
2019-01-28 16:01 - 2019-01-28 16:01 - 000026624 _____ () C:\Users\Silvia\AppData\Local\Temp\_MEI12162\win32ts.pyd
2018-12-12 17:00 - 2018-12-12 02:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-12 17:00 - 2018-12-12 02:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2019-01-28 13:39 - 2019-01-28 13:39 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-28 13:39 - 2019-01-28 13:42 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-09-19 14:17 - 2018-09-19 14:18 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-28 13:39 - 2019-01-28 13:39 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-12-10 01:00 - 2018-12-10 01:02 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-12-10 01:00 - 2018-12-10 01:02 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-09-19 14:17 - 2018-09-19 14:18 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-09-19 14:17 - 2018-09-19 14:18 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-09-19 14:17 - 2018-09-19 14:18 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-28 13:39 - 2019-01-28 13:42 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-12-10 01:00 - 2018-12-10 01:02 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-28 13:39 - 2019-01-28 13:43 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-19 14:17 - 2018-09-19 14:18 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-09-19 14:17 - 2018-09-19 14:18 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-10 01:01 - 2018-12-10 01:01 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-12-10 01:01 - 2018-12-10 01:01 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-10 01:01 - 2018-12-10 01:01 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2017-09-10 17:51 - 2017-09-10 17:51 - 000798208 _____ () C:\ProgramData\MEGAsync\libsodium.dll
2019-01-28 14:08 - 2019-01-28 14:08 - 088824552 _____ () C:\Users\Silvia\AppData\Roaming\Spotify\libcef.dll
2019-01-28 12:59 - 2019-01-22 10:14 - 001213768 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2019-01-28 12:59 - 2019-01-22 10:14 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2019-01-28 13:02 - 2019-01-22 10:16 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:14 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes36.dll
2019-01-28 13:02 - 2019-01-22 10:14 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 000082760 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:14 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom36.dll
2019-01-28 12:59 - 2019-01-22 10:15 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:16 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:16 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:14 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 001457488 _____ () C:\Program Files (x86)\Dropbox\Client\dbxlog._dbxlog.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:16 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 001755472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000101200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt592.sip.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 001885520 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000523600 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 003755344 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000169304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000061784 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000042840 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000202584 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000117584 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000214872 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000099664 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:14 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 011941712 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:14 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2019-01-28 12:59 - 2019-01-22 10:15 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 000272208 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2019-01-28 13:02 - 2019-01-22 10:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2019-01-28 13:02 - 2019-01-22 10:16 - 000038240 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp36-win32.pyd
2019-01-28 12:59 - 2019-01-22 10:15 - 000026432 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2019-01-28 12:59 - 2019-01-22 10:15 - 001967936 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2019-01-28 13:02 - 2019-01-22 10:16 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000054096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:17 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp36-win32.pyd
2019-01-28 13:02 - 2019-01-22 10:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000557392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp36-win32.pyd
2019-01-28 13:00 - 2019-01-22 10:15 - 000335184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp36-win32.pyd
2019-01-28 14:08 - 2019-01-28 14:08 - 004239592 _____ () C:\Users\Silvia\AppData\Roaming\Spotify\libglesv2.dll
2019-01-28 14:08 - 2019-01-28 14:08 - 000098024 _____ () C:\Users\Silvia\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-19 08:26 - 2018-11-09 20:48 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3349553428-783536504-1463937965-1001\Control Panel\Desktop\\Wallpaper -> c:\users\silvia\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\latino_a.jpeg
DNS Servers: 186.130.128.91 - 200.63.155.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C079A1D6-EA14-4561-B38E-D4B7A16D15C2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{7F3B40E9-65AD-4558-BD3B-BD39833B5285}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{E5E3CBCE-8C87-400B-A180-277B691E961D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{3125C09B-9D78-4127-9435-196E2F64917C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{18FF2F61-BC12-418F-A078-AEDB374BB9C8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{C4E0402E-4B3E-410F-8BE2-8AEC019983B1}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd)
FirewallRules: [{8EAFD85B-BDDF-4371-84FC-A11133F087B2}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\DeviceSetup.exe (HP Inc.)
FirewallRules: [{BF82B9C7-2625-4753-B091-FC985AF82418}] => (Allow) LPort=5357
FirewallRules: [{77DD90D1-3022-418D-A69C-4106D3BDAE04}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc.)
FirewallRules: [{C8B912A1-D253-46BE-A33D-899EFFE09394}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{088DB181-77C3-48C2-8CE9-381CCEDB9A72}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [TCP Query User{0249ACF9-CC31-4FD7-9D44-1BD1C9E61B02}C:\users\silvia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\silvia\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [UDP Query User{1991E2E9-4F18-4B5E-B2D4-1EF040EF339D}C:\users\silvia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\silvia\appdata\roaming\spotify\spotify.exe (Spotify Ltd)
FirewallRules: [{E8147807-37D5-4288-8CEB-3451E6FC7EA1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{123AF3B3-0C74-4C3C-ABAE-A346274D0D13}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2019 01:29:54 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/28/2019 01:03:57 PM) (Source: DbxSvc) (EventID: 293) (User: )
Description: Failed to validate client process executable is signed: C:\Program Files (x86)\Dropbox\Client_65.4.177\Dropbox.exe

Error: (01/28/2019 01:03:57 PM) (Source: DbxSvc) (EventID: 282) (User: )
Description: Certificate mismatch for file: C:\Program Files (x86)\Dropbox\Client_65.4.177\Dropbox.exe

Error: (01/28/2019 01:02:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa SystemSettings.exe, versión 10.0.17134.112, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: e24

Hora de inicio: 01d4b7212a1272cd

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Identificador de informe: 59f5eda1-24ab-49aa-a87f-b8002771f16d

Nombre completo de paquete con errores: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Identificador de aplicación relativa del paquete con errores: microsoft.windows.immersivecontrolpanel

Error: (01/28/2019 12:54:57 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (01/28/2019 12:49:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (9592,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) al abrir un archivo de registro C:\Users\Silvia\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (01/28/2019 12:49:58 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (9592,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\Silvia\AppData\Local\Microsoft\Windows\WebCache\V01.log" para acceso de lectura y escritura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).

Error: (01/28/2019 12:49:36 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (9592,R,98) WebCacheLocal: Error inesperado al recuperar o restaurar la base de datos -509.


System errors:
=============
Error: (01/28/2019 04:43:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/28/2019 04:30:41 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SF3O3S4)
Description: El servidor Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/28/2019 04:19:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/28/2019 04:10:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/28/2019 04:09:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Protección de software no respondió después de iniciar.

Error: (01/28/2019 04:09:04 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SF3O3S4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-SF3O3S4\Silvia con SID (S-1-5-21-3349553428-783536504-1463937965-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/28/2019 04:08:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SF3O3S4)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-SF3O3S4\Silvia con SID (S-1-5-21-3349553428-783536504-1463937965-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/28/2019 04:07:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SF3O3S4)
Description: El servidor {005A3A96-BAC4-4B0A-94EA-C0CE100EA736} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2019-01-28 15:31:15.719
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {CA41AD01-D16B-4C67-BBAC-98AF24128026}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: DESKTOP-SF3O3S4\Silvia

Date: 2019-01-28 13:43:16.295
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {DF4C4DA6-CCF2-43FF-A2C2-26D780669E67}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\Servicio de red

Date: 2018-12-20 21:18:21.003
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {FB3111B1-4086-47D6-BFA8-70960793FA05}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-12-20 20:56:13.667
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {99A6EE37-C32B-4998-B31E-34CC7F4BFB45}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-12-20 20:24:23.718
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {DF11AFE5-BEAD-4CD5-B78B-0FE911E3C05F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-01-17 11:01:09.858
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.1099.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-01-17 11:01:09.857
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.1099.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-01-17 11:01:09.856
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.1099.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-01-17 11:01:09.840
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.1099.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-01-17 11:01:09.839
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.1099.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2018-12-07 19:31:35.193
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-07 19:31:35.174
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-07 18:05:50.885
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-07 18:05:50.775
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-05 17:46:39.642
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-05 17:46:39.638
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-29 01:57:16.301
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-29 01:57:16.301
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 87%
Total physical RAM: 3978.54 MB
Available physical RAM: 498.21 MB
Total Virtual: 6666.54 MB
Available Virtual: 2394.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:370.65 GB) (Free:271.01 GB) NTFS
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:551.53 GB) NTFS
Drive h: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:738.38 GB) NTFS

\\?\Volume{84fc2072-8d7d-4b90-a9ce-f74acc4c27d9}\ (Recuperación) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{629edefe-b40b-4551-87c2-bdb5eda6bc52}\ () (Fixed) (Total:0.92 GB) (Free:0.34 GB) NTFS
\\?\Volume{c88e62e1-c6d1-435e-9ff4-5881d849cb22}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS
\\?\Volume{c770e8e9-4191-4a7c-a482-f60345ee17f0}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C9A351E8)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 43621AEC)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#9

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-3349553428-783536504-1463937965-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.home-ar.com/
SearchScopes: HKU\S-1-5-21-3349553428-783536504-1463937965-1001 -> DefaultScope {3BC2EA78-17C8-409D-883B-2B0795BF44D0} URL = hxxp://www.home-ar.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3349553428-783536504-1463937965-1001 -> {3BC2EA78-17C8-409D-883B-2B0795BF44D0} URL = hxxp://www.home-ar.com/search?q={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-3349553428-783536504-1463937965-1001 -> hxxp://www.home-ar.com/
CHR StartupUrls: Default -> "hxxp://www.home-ar.com/"
CHR HKU\S-1-5-21-3349553428-783536504-1463937965-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
ShortcutWithArgument: C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Keep_ notas y listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
C:\Users\Silvia\AppData\Local\Temp\_MEI12162

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema


#10

Hola, aquì va, no pude hacerlo por el método 1, saltaba un error. Lo hice por el segundo método y bien, tardè un montón pues me pedìa la clave para ingresar y la que pongo me da error. Finalmente entré con la de Microsoft. No sé poruqe ahora me pide la clave de inicio.

Ya se solucionó, al menos ingresé directo a google sin que me derive. ¡¡¡¡¡¡Muchas gracias!!!. Te copio acá el fix log

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019
Ran by Silvia (28-01-2019 22:50:44) Run:1
Running from C:\Users\Silvia\Desktop
Loaded Profiles: Silvia (Available Profiles: Silvia)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-3349553428-783536504-1463937965-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.home-ar.com/
SearchScopes: HKU\S-1-5-21-3349553428-783536504-1463937965-1001 -> DefaultScope {3BC2EA78-17C8-409D-883B-2B0795BF44D0} URL = hxxp://www.home-ar.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3349553428-783536504-1463937965-1001 -> {3BC2EA78-17C8-409D-883B-2B0795BF44D0} URL = hxxp://www.home-ar.com/search?q={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-3349553428-783536504-1463937965-1001 -> hxxp://www.home-ar.com/
CHR StartupUrls: Default -> "hxxp://www.home-ar.com/"
CHR HKU\S-1-5-21-3349553428-783536504-1463937965-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
ShortcutWithArgument: C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Keep_ notas y listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
C:\Users\Silvia\AppData\Local\Temp\_MEI12162

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

#11

Es normal que para entrar en modo seguro, pida la clave de Micrososft

Para eliminar las herramientas usadas en la desinfección, realizas:

  • Descargas y Ejecutas >> Delfix, en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

  • Marca solamente la casilla Remove disinfection tools

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.


Me alegro de haberte podido ayudar! :+1:


TEMA SOLUCIONADO


#12

Genial, muchas gracias por la ayuda y dedicación


cerrado #13

Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.