Carpetas en C y proceso desconocido


#1

Hola a [email protected],

el motivo de este post es que en un equipo con Windows 10 Home me he encontrado con dos carpetas ubicadas en C: con los siguientes nombres: cvleskmka_ xfmmuixtqh_ ambas están vacías. Además en los programas que se ejecutan al inicio hay uno llamado Ummamscgxc el cual he deshabilitado. He examinado el equipo con Malwarebytes y Malwarebytes anti rootkit y ha detectado alguna cosa pero el programa de inicio y las carpetas siguen ahí. Alguna idea de que pueden ser?

Gracias


#2
  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.


#3

Hola, gracias por responder. Pego la información:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
    Ran by Usuario (administrator) on LAPTOP-FJTSPOP1 (25-01-2019 11:27:09)
    Running from C:\Users\Usuario\Desktop
    Loaded Profiles: Usuario (Available Profiles: defaultuser0 & Usuario)
    Platform: Windows 10 Home Version 1803 17134.556 (X64) Language: Español (España, internacional)
    Default browser: Chrome
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
    (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
    (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
    (HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
    (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
    (CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
    (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
    (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
    (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Dropbox, Inc.) C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    (Dropbox, Inc.) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
    (Dropbox, Inc.) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
    (Dropbox, Inc.) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (The Qt Company Ltd.) C:\Users\Usuario\AppData\Roaming\Dropbox\bin\QtWebEngineProcess.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxOutlook.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxAccounts.exe
    (HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
    (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
    (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-08-30] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
    HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
    HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
    HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc.)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4810224 2018-12-04] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153808 2018-10-23] (Panda Security, S.L.)
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
    HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
    HKU\S-1-5-21-683851097-2966681345-2970883835-1001\...\Run: [Dropbox Update] => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-23] (Dropbox, Inc.)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-25] (Google Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-08-29]
    ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico ()
    Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8818eb444916e64706f5501ddbf2ff8a.lnk [2018-07-01]
    ShortcutTarget: 8818eb444916e64706f5501ddbf2ff8a.lnk -> C:\LAPTOP-FJTSPOP1\ummamscgxc.exe (No File)
    Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2019-01-24]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 208.91.112.53 208.91.112.52
    Tcpip\..\Interfaces\{6a4bf737-8d8d-472a-b0d6-9a50ce0bfe71}: [DhcpNameServer] 208.91.112.53 208.91.112.52

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
    HKU\S-1-5-21-683851097-2966681345-2970883835-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-683851097-2966681345-2970883835-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-02] (Adobe Systems Incorporated)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-05] (HP Inc.)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-02] (Adobe Systems Incorporated)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-02] (Adobe Systems Incorporated)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-05] (HP Inc.)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-02] (Adobe Systems Incorporated)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-02] (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-02] (Adobe Systems Incorporated)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-09-20]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-25] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-25] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

    Chrome: 
    =======
    CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2019-01-25]
    CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
    CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
    CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-05]
    CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-05]
    CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
    CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
    CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26]
    CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
    CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-05]
    CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-03]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
    S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-15] (AVAST Software)
    S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-15] (AVAST Software)
    R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1419424 2016-07-05] (Intel Corporation)
    R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
    R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
    R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
    R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
    R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc.)
    R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-12-08] (Intel Corporation)
    R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2018-10-23] (Panda Security, S.L.)
    S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] ()
    R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
    R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-10-23] (Panda Security, S.L.)
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-08-30] (Realtek Semiconductor)
    S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2018-03-01] (TeamViewer GmbH)
    R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-08] (Microsoft Corporation)
    R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-08] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
    R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2016-07-05] (Intel Corporation)
    S3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [50672 2016-07-05] (Intel Corporation)
    R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2016-07-05] (Intel Corporation)
    S3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation) [File not signed]
    R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [108000 2017-11-06] (Panda Security, S.L.)
    R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-11-06] (Panda Security, S.L.)
    R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-11-06] (Panda Security, S.L.)
    R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [126432 2017-11-06] (Panda Security, S.L.)
    R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security, S.L.)
    R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-11-06] (Panda Security, S.L.)
    R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91616 2017-11-06] (Panda Security, S.L.)
    R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-11-06] (Panda Security, S.L.)
    R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-11-06] (Panda Security, S.L.)
    R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [249312 2017-11-06] (Panda Security, S.L.)
    R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-11-06] (Panda Security, S.L.)
    R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [281056 2017-11-06] (Panda Security, S.L.)
    R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125920 2017-11-06] (Panda Security, S.L.)
    R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [191256 2018-10-23] (Panda Security, S.L.)
    R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [153992 2018-01-23] (Panda Security, S.L.)
    R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207248 2018-01-30] (Panda Security, S.L.)
    R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [146912 2017-10-17] (Panda Security, S.L.)
    R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159000 2018-10-23] (Panda Security, S.L.)
    R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129504 2017-10-17] (Panda Security, S.L.)
    U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security, S.L.)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-08-30] (Realtek )
    R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
    S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2019-01-08] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2019-01-08] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-08] (Microsoft Corporation)
    R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-01-25 11:27 - 2019-01-25 11:28 - 000020840 _____ C:\Users\Usuario\Desktop\FRST.txt
    2019-01-25 11:27 - 2019-01-25 11:27 - 000000000 ____D C:\FRST
    2019-01-25 11:21 - 2019-01-25 11:22 - 002428416 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
    2019-01-24 10:15 - 2017-05-22 06:01 - 000072648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
    2019-01-24 10:14 - 2019-01-24 10:15 - 000002265 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk
    2019-01-24 10:14 - 2019-01-24 10:15 - 000002248 _____ C:\Users\Public\Desktop\Panda Dome.lnk
    2019-01-24 10:14 - 2019-01-24 10:14 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Panda Security
    2019-01-24 10:14 - 2019-01-24 10:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
    2019-01-24 10:14 - 2018-10-23 22:10 - 000191256 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
    2019-01-24 10:14 - 2018-10-23 22:10 - 000159000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
    2019-01-24 10:14 - 2018-01-30 14:19 - 000207248 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
    2019-01-24 10:14 - 2017-11-06 07:07 - 000281056 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsstrm.sys
    2019-01-24 10:14 - 2017-11-06 07:07 - 000125920 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnstlsc.sys
    2019-01-24 10:14 - 2017-11-06 07:06 - 000336352 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsprot.sys
    2019-01-24 10:14 - 2017-11-06 07:06 - 000135648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspop3.sys
    2019-01-24 10:14 - 2017-11-06 07:06 - 000123360 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnssmtp.sys
    2019-01-24 10:14 - 2017-11-06 07:02 - 000118240 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspicc.sys
    2019-01-24 10:14 - 2017-11-06 07:02 - 000091616 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspihsw.sys
    2019-01-24 10:14 - 2017-11-06 07:01 - 000211936 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttp.sys
    2019-01-24 10:14 - 2017-11-06 07:01 - 000126432 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsids.sys
    2019-01-24 10:14 - 2017-11-06 07:01 - 000121312 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttps.sys
    2019-01-24 10:14 - 2017-11-06 07:01 - 000108000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsalpc.sys
    2019-01-24 10:14 - 2017-10-17 02:31 - 000129504 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
    2019-01-24 10:13 - 2019-01-24 10:15 - 000000000 ____D C:\Program Files (x86)\Panda Security
    2019-01-24 10:05 - 2019-01-24 10:15 - 000000000 ____D C:\ProgramData\Panda Security
    2019-01-24 10:04 - 2019-01-24 10:05 - 002148840 _____ (Panda Security, S.L.) C:\Users\Usuario\Downloads\PANDAFREEAV.exe
    2019-01-24 08:53 - 2019-01-24 08:53 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2019-01-23 12:58 - 2019-01-23 12:58 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
    2019-01-23 12:57 - 2019-01-23 12:57 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
    2019-01-23 11:49 - 2019-01-23 13:52 - 000000000 ____D C:\ProgramData\Malwarebytes
    2019-01-23 11:49 - 2019-01-23 11:49 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\4335B573.sys
    2019-01-23 11:48 - 2019-01-23 13:16 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2019-01-23 11:46 - 2019-01-23 11:48 - 082561480 _____ (Malwarebytes ) C:\Users\Usuario\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.527-1.0.8910.exe
    2019-01-23 11:46 - 2019-01-23 11:47 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Usuario\Downloads\mbar-1.10.3.1001.exe
    2019-01-22 22:44 - 2019-01-23 13:17 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2019-01-22 22:05 - 2019-01-22 22:05 - 000000000 ____D C:\WINDOWS\Panther
    2019-01-22 22:04 - 2019-01-22 22:04 - 000000080 ___SH C:\bootTel.dat
    2019-01-22 01:12 - 2019-01-22 01:12 - 000000000 ___HD C:\ProgramData\temp
    2019-01-22 00:06 - 2019-01-09 09:24 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2019-01-22 00:06 - 2019-01-09 06:43 - 006567768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2019-01-22 00:06 - 2019-01-09 06:39 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2019-01-22 00:05 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2019-01-22 00:05 - 2019-01-09 18:57 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2019-01-22 00:05 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2019-01-22 00:05 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2019-01-22 00:05 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2019-01-22 00:05 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2019-01-22 00:05 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
    2019-01-22 00:05 - 2019-01-09 18:36 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2019-01-22 00:05 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
    2019-01-22 00:05 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2019-01-22 00:05 - 2019-01-09 18:35 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2019-01-22 00:05 - 2019-01-09 15:50 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
    2019-01-22 00:05 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2019-01-22 00:05 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2019-01-22 00:05 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
    2019-01-22 00:05 - 2019-01-09 10:51 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2019-01-22 00:05 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2019-01-22 00:05 - 2019-01-09 09:50 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2019-01-22 00:05 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2019-01-22 00:05 - 2019-01-09 09:46 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-01-22 00:05 - 2019-01-09 09:46 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-01-22 00:05 - 2019-01-09 09:44 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-01-22 00:05 - 2019-01-09 09:11 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-01-22 00:05 - 2019-01-09 09:06 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2019-01-22 00:05 - 2019-01-09 08:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
    2019-01-22 00:05 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2019-01-22 00:05 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
    2019-01-22 00:05 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
    2019-01-22 00:05 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2019-01-22 00:05 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
    2019-01-22 00:05 - 2019-01-09 06:41 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-01-22 00:05 - 2019-01-09 06:41 - 000983120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-01-22 00:05 - 2019-01-09 06:41 - 000076296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2019-01-22 00:05 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2019-01-22 00:05 - 2019-01-09 06:40 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2019-01-22 00:05 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2019-01-22 00:05 - 2019-01-09 06:40 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2019-01-22 00:05 - 2019-01-09 06:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2019-01-22 00:05 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2019-01-22 00:05 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2019-01-22 00:05 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
    2019-01-22 00:05 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
    2019-01-22 00:05 - 2019-01-09 06:39 - 000144072 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
    2019-01-22 00:05 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
    2019-01-22 00:05 - 2019-01-09 06:34 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2019-01-22 00:05 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2019-01-22 00:05 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2019-01-22 00:05 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2019-01-22 00:05 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
    2019-01-22 00:05 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2019-01-22 00:05 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-01-22 00:05 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2019-01-22 00:05 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2019-01-22 00:05 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-01-22 00:05 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2019-01-22 00:05 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
    2019-01-22 00:05 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2019-01-22 00:05 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
    2019-01-22 00:05 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
    2019-01-22 00:05 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
    2019-01-22 00:05 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2019-01-22 00:05 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2019-01-22 00:05 - 2019-01-09 06:22 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2019-01-22 00:05 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2019-01-22 00:05 - 2019-01-09 06:22 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2019-01-22 00:05 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
    2019-01-22 00:05 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2019-01-22 00:05 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
    2019-01-22 00:05 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
    2019-01-22 00:05 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
    2019-01-22 00:05 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2019-01-22 00:05 - 2019-01-09 06:21 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2019-01-22 00:05 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
    2019-01-22 00:05 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
    2019-01-22 00:05 - 2019-01-09 06:20 - 004940288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2019-01-22 00:05 - 2019-01-09 06:20 - 004516352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2019-01-22 00:05 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2019-01-22 00:05 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2019-01-22 00:05 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2019-01-22 00:05 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
    2019-01-22 00:05 - 2019-01-09 06:19 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2019-01-22 00:05 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2019-01-22 00:05 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2019-01-22 00:05 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
    2019-01-22 00:05 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2019-01-22 00:05 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
    2019-01-22 00:05 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
    2019-01-22 00:05 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
    2019-01-22 00:05 - 2019-01-09 05:34 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
    2019-01-21 23:25 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
    2019-01-15 20:23 - 2019-01-22 00:22 - 000000000 ____D C:\WINDOWS\Minidump
    2019-01-15 14:58 - 2019-01-18 21:22 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\uTorrent
    2019-01-15 14:40 - 2019-01-15 14:47 - 000000000 ____D C:\Users\Usuario\Downloads\Vaiana [BluRay Rip][AC3 5.1 Español Castellano][2017]
    2019-01-15 14:39 - 2019-01-15 14:39 - 000017942 _____ C:\Users\Usuario\Downloads\Vaiana_HDRip.torrent
    2019-01-11 13:15 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2019-01-11 13:14 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
    2019-01-11 13:14 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
    2019-01-11 13:14 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
    2019-01-11 13:14 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
    2019-01-11 13:14 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
    2019-01-11 13:14 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
    2019-01-11 13:14 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2019-01-11 13:14 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2019-01-11 13:14 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2019-01-11 13:14 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2019-01-11 13:14 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2019-01-11 13:14 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2019-01-11 13:14 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2019-01-11 13:14 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
    2019-01-11 13:14 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
    2019-01-11 13:14 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
    2019-01-11 13:14 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
    2019-01-11 13:14 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
    2019-01-11 13:14 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2019-01-11 13:14 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
    2019-01-11 13:14 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2019-01-11 13:14 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2019-01-11 13:14 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2019-01-11 13:14 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
    2019-01-11 13:14 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
    2019-01-11 13:14 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2019-01-11 13:14 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2019-01-11 13:14 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2019-01-11 13:14 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
    2019-01-11 13:14 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2019-01-11 13:14 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2019-01-11 13:14 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
    2019-01-11 13:14 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2019-01-11 13:14 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2019-01-11 13:14 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2019-01-11 13:14 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2019-01-11 13:14 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-01-11 13:14 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
    2019-01-11 13:14 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2019-01-11 13:14 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2019-01-11 13:14 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
    2019-01-11 13:14 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2019-01-11 13:14 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
    2019-01-11 13:14 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2019-01-11 13:14 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2019-01-11 13:14 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2019-01-11 13:14 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
    2019-01-11 13:14 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2019-01-11 12:57 - 2019-01-11 12:57 - 000019918 _____ C:\Users\Usuario\Documents\cc_20190111_125715.reg
    2019-01-11 12:38 - 2019-01-11 12:38 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\WildTangent
    2019-01-11 12:23 - 2019-01-23 11:37 - 000000000 ____D C:\Users\Usuario\AppData\Local\D3DSCache
    2019-01-10 11:14 - 2019-01-10 11:14 - 000017303 _____ C:\Users\Usuario\Downloads\0009820725_12122018_12122018_0001.zip
    2019-01-08 15:56 - 2019-01-08 15:56 - 000097948 _____ C:\Users\Usuario\Documents\cc_20190108_155612.reg
    2019-01-08 15:52 - 2019-01-22 16:56 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2019-01-08 12:31 - 2019-01-14 18:46 - 000000000 ____D C:\WINDOWS\AutoKMS
    2018-12-30 21:32 - 2018-12-30 21:32 - 000000000 ____D C:\xfmmuixtqh__
    2018-12-30 18:53 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2018-12-30 18:53 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2018-12-30 18:53 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2018-12-30 18:53 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
    2018-12-30 18:53 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2018-12-30 18:53 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-01-25 11:20 - 2018-05-21 00:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2019-01-25 11:02 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2019-01-24 16:20 - 2018-05-21 00:37 - 000003272 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForUsuario
    2019-01-24 16:20 - 2018-04-12 10:17 - 000000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForUsuario.job
    2019-01-24 14:02 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-01-24 14:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
    2019-01-24 13:55 - 2017-09-11 21:04 - 000000000 ____D C:\Users\Usuario\Documents\Restaurante Break
    2019-01-24 13:11 - 2017-11-24 06:38 - 000000000 ___RD C:\Users\Usuario\Dropbox
    2019-01-24 13:10 - 2017-10-13 00:19 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2019-01-24 13:10 - 2017-08-29 23:20 - 000000000 __SHD C:\Users\Usuario\IntelGraphicsProfiles
    2019-01-24 10:15 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
    2019-01-24 10:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
    2019-01-24 10:14 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
    2019-01-24 09:53 - 2018-05-21 00:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2019-01-24 09:52 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2019-01-24 09:30 - 2018-05-21 00:12 - 000006678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2019-01-24 09:30 - 2018-04-12 17:18 - 001173766 _____ C:\WINDOWS\system32\perfh00A.dat
    2019-01-24 09:30 - 2018-04-12 17:18 - 000283082 _____ C:\WINDOWS\system32\perfc00A.dat
    2019-01-24 08:59 - 2017-09-08 18:34 - 000000000 ____D C:\ProgramData\AVAST Software
    2019-01-24 08:56 - 2017-11-23 17:46 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Dropbox
    2019-01-24 08:55 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2019-01-23 13:13 - 2018-08-15 08:55 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
    2019-01-23 13:13 - 2017-11-15 22:24 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\TeamViewer
    2019-01-23 11:31 - 2018-05-21 00:37 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
    2019-01-22 17:11 - 2017-11-24 07:04 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Adobe
    2019-01-22 17:00 - 2017-09-05 06:53 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
    2019-01-22 16:51 - 2017-09-04 20:20 - 000000000 ____D C:\Users\Usuario\AppData\Local\HP
    2019-01-22 16:51 - 2016-10-27 07:25 - 000000000 ____D C:\ProgramData\Package Cache
    2019-01-22 16:51 - 2016-10-27 07:24 - 000000000 ____D C:\Program Files\HP
    2019-01-22 16:51 - 2016-10-27 07:23 - 000000000 ____D C:\ProgramData\HP
    2019-01-22 01:19 - 2017-12-28 21:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\Packages
    2019-01-22 01:13 - 2018-05-21 00:13 - 000000000 ____D C:\Users\defaultuser0
    2019-01-22 01:12 - 2018-05-21 00:07 - 000430656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2019-01-22 01:09 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2019-01-22 01:09 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
    2019-01-22 01:09 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
    2019-01-22 01:09 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
    2019-01-22 01:09 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2019-01-22 01:09 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
    2019-01-22 00:14 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
    2019-01-21 23:45 - 2018-05-21 00:13 - 000000000 ____D C:\Users\Usuario
    2019-01-21 23:31 - 2017-09-04 21:38 - 000000000 ____D C:\Program Files\rempl
    2019-01-21 23:15 - 2018-05-21 00:37 - 000002822 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-FJTSPOP1-Usuario
    2019-01-21 11:40 - 2018-05-21 00:37 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
    2019-01-21 11:38 - 2017-11-23 17:46 - 000001042 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-683851097-2966681345-2970883835-1001UA.job
    2019-01-21 11:38 - 2017-11-23 17:46 - 000000990 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-683851097-2966681345-2970883835-1001Core.job
    2019-01-18 21:45 - 2018-11-25 19:41 - 000003682 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1543171291
    2019-01-18 21:45 - 2018-05-21 00:37 - 000003778 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-683851097-2966681345-2970883835-1001UA
    2019-01-18 21:45 - 2018-05-21 00:37 - 000003608 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2019-01-18 21:45 - 2018-05-21 00:37 - 000003546 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
    2019-01-18 21:45 - 2018-05-21 00:37 - 000003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2019-01-18 21:45 - 2018-05-21 00:37 - 000003510 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-683851097-2966681345-2970883835-1001Core
    2019-01-18 21:45 - 2018-05-21 00:37 - 000003424 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{52B0DC92-4E15-448F-BA75-51AF99FCAF01}
    2019-01-18 21:45 - 2018-05-21 00:37 - 000003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2019-01-18 21:45 - 2018-05-21 00:37 - 000003322 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
    2019-01-18 21:45 - 2018-05-21 00:37 - 000002916 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-683851097-2966681345-2970883835-1001
    2019-01-18 21:45 - 2018-05-21 00:37 - 000002560 _____ C:\WINDOWS\System32\Tasks\HPEA3JOBS
    2019-01-18 21:45 - 2018-05-21 00:37 - 000002548 _____ C:\WINDOWS\System32\Tasks\HPAudioSwitch
    2019-01-18 21:45 - 2018-05-21 00:37 - 000002312 _____ C:\WINDOWS\System32\Tasks\HPJumpStartProvider
    2019-01-18 21:45 - 2018-05-21 00:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
    2019-01-15 17:53 - 2017-09-04 19:17 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vlc
    2019-01-11 12:39 - 2017-08-29 22:02 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2019-01-11 12:39 - 2017-08-29 22:01 - 000000000 ____D C:\ProgramData\WildTangent
    2019-01-11 12:39 - 2017-08-29 22:01 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
    2019-01-11 12:37 - 2017-10-05 11:56 - 000000000 ____D C:\ProgramData\Sony Mobile
    2019-01-11 12:37 - 2017-10-05 11:56 - 000000000 ____D C:\Program Files (x86)\Sony Mobile
    2019-01-10 13:53 - 2017-09-04 21:14 - 000000000 ____D C:\WINDOWS\system32\MRT
    2019-01-10 11:28 - 2017-09-04 21:13 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2019-01-10 11:26 - 2017-09-04 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2019-01-08 15:52 - 2017-09-04 19:14 - 000000000 ____D C:\Program Files\CCleaner
    2019-01-08 14:01 - 2018-03-24 17:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2019-01-08 12:29 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2019-01-08 12:26 - 2018-03-24 17:33 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2019-01-08 12:18 - 2017-11-15 22:24 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2019-01-03 20:38 - 2017-09-05 06:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2019-01-03 20:33 - 2018-04-18 21:27 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
    2019-01-02 20:41 - 2018-11-14 23:06 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2019-01-02 20:41 - 2018-11-14 23:06 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2018-12-31 11:16 - 2018-06-29 21:46 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\99a3e599bf42e89fd90e14556149ed7a

    ==================== Files in the root of some directories =======

    2018-09-30 20:30 - 2018-09-30 20:30 - 000000000 _____ () C:\Users\Usuario\AppData\Local\oobelibMkey.log

    Some files in TEMP:
    ====================
    2019-01-24 10:14 - 2019-01-24 10:14 - 000290304 _____ (Microsoft Corporation) C:\Users\Usuario\AppData\Local\Temp\Hydra.Sdk.Windows.Service.subinacl.exe
    2019-01-24 10:12 - 2019-01-24 10:13 - 060647112 _____ (Panda Security, S.L.) C:\Users\Usuario\AppData\Local\Temp\{9AFDC72A-EBED-43A3-A3FB-19FD2765C364}.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\dllhost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-05-21 00:07

    ==================== End of FRST.txt ============================

#4
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
    Ran by Usuario (25-01-2019 11:29:08)
    Running from C:\Users\Usuario\Desktop
    Windows 10 Home Version 1803 17134.556 (X64) (2018-05-20 23:39:23)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrador (S-1-5-21-683851097-2966681345-2970883835-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-683851097-2966681345-2970883835-503 - Limited - Disabled)
    defaultuser0 (S-1-5-21-683851097-2966681345-2970883835-1000 - Limited - Disabled) => C:\Users\defaultuser0
    Invitado (S-1-5-21-683851097-2966681345-2970883835-501 - Limited - Disabled)
    Usuario (S-1-5-21-683851097-2966681345-2970883835-1001 - Administrator - Enabled) => C:\Users\Usuario
    WDAGUtilityAccount (S-1-5-21-683851097-2966681345-2970883835-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Panda Dome (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Panda Dome (Disabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-683851097-2966681345-2970883835-1001\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.)
    Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
    Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
    Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 7.35.333.0 - Broadcom Corporation)
    Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.900 - Broadcom Corporation)
    CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
    CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7041 - CDBurnerXP)
    CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
    CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
    Dropbox (HKU\S-1-5-21-683851097-2966681345-2970883835-1001\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
    Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
    Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
    HP Audio Switch (HKLM-x32\...\{0C5D69BD-B518-46DB-8471-506CD27F9478}) (Version: 1.0.138.0 - HP Inc.)
    HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
    HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
    HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
    HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
    HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
    HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.6.18.11 - HP Inc.)
    HP Support Solutions Framework (HKLM-x32\...\{85B05AF8-EA5F-447E-9F05-A7C62013EF45}) (Version: 12.9.24.3 - HP Inc.)
    HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
    HP System Event Utility (HKLM-x32\...\{ABE95EB9-5EA1-42A3-8009-BA7602127ED6}) (Version: 1.4.25 - HP Inc.)
    HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
    Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.8.1052 - Intel Corporation)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-683851097-2966681345-2970883835-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
    Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
    Panda Dome (HKLM\...\{654B4962-1B85-4777-85AF-5E6CCACCE2B5}) (Version: 9.15.00 - Panda Security) Hidden
    Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.06.01.0000 - Panda Security)
    Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
    Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
    Software para dispositivos de chipset Intel® (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
    TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.95388 - TeamViewer)
    Update for Skype for Business 2015 (KB4461557) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{06CB9397-D762-4A2F-8D91-DFAD58D2BAED}) (Version:  - Microsoft)
    Update for Skype for Business 2015 (KB4461557) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{06CB9397-D762-4A2F-8D91-DFAD58D2BAED}) (Version:  - Microsoft)
    Update for Skype for Business 2015 (KB4461557) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{06CB9397-D762-4A2F-8D91-DFAD58D2BAED}) (Version:  - Microsoft)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
    WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-683851097-2966681345-2970883835-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
    ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-10-23] (Panda Security, S.L.)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-12-08] (Intel Corporation)
    ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-10-23] (Panda Security, S.L.)
    ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
    ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-10-23] (Panda Security, S.L.)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
    ContextMenuHandlers1_S-1-5-21-683851097-2966681345-2970883835-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
    ContextMenuHandlers4_S-1-5-21-683851097-2966681345-2970883835-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)
    ContextMenuHandlers5_S-1-5-21-683851097-2966681345-2970883835-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Usuario\AppData\Roaming\Dropbox\bin\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {01880C6A-77B3-4B1C-8A7D-E197B804DF15} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
    Task: {03C97CC6-A648-4BE5-B738-250F2133C05F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
    Task: {0D8844BC-A771-497D-9548-96219DD7E30F} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-15] (AVAST Software)
    Task: {115FB473-D4E7-4A69-9C91-49A5EAA5C4B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {27EE297C-EC21-4682-B12D-0F7155B48E2A} - System32\Tasks\HPCeeScheduleForUsuario => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
    Task: {3004692B-58D1-4197-A64A-63622AAD434B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {3CECCD01-1761-440C-9064-327A6388EC2E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: {4278933A-C082-4BFB-BFF3-5389B45EDA0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
    Task: {4ADEFD48-4222-4766-8131-264D77836B2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
    Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
    Task: {7592CB2E-118B-4488-A25F-021885D153F7} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-16] ()
    Task: {77D83915-118F-4277-9441-E1E642438783} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: {82FEF4C9-063B-408A-A8F3-164D66C80A9B} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
    Task: {83716B8F-8CC1-44A6-B70C-B5EE5ACCA6CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
    Task: {8D2D79C2-0116-4246-B095-8C6CB80C45D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2018-05-04] (HP Inc.)
    Task: {8EA0A2F1-EABB-4C01-9A35-FE73E0EE99C6} - System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-FJTSPOP1-Usuario => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
    Task: {9430663B-454A-45A3-BF49-841BCDBE274E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-15] (AVAST Software)
    Task: {96859F20-F43F-4020-B12D-0791745AC7C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2019-01-17] (HP Inc.)
    Task: {A48F3114-8B61-4039-B3EA-0323F7925076} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
    Task: {A724B414-EE97-4396-A2B5-438D6C46207B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-12-24] (HP Inc.)
    Task: {A9840BB0-2875-4908-AD4B-DDEDDBEEF78E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-05] (Google Inc.)
    Task: {AE0F87EE-94BA-47C0-94C2-10E84E665974} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2019-01-17] (HP Inc.)
    Task: {B0C4E27A-4E14-4268-BFBE-F63324C73027} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-683851097-2966681345-2970883835-1001Core => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2017-11-23] (Dropbox, Inc.)
    Task: {B76466D8-EFE1-4819-9D58-47E416877CDC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {BA3B65FC-2DCA-4586-A210-0526CB6F8870} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {C5C78CC8-591B-42A0-B968-5B7F8B3C0807} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-05] (Google Inc.)
    Task: {C67F9761-8473-495E-8D67-FF888FB0D1B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
    Task: {CC73E454-1B8F-4644-88F8-18BF9D28E8DC} - System32\Tasks\Opera scheduled Autoupdate 1543171291 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe
    Task: {D4560384-C1DE-4F53-A407-A55C904E31A1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Ltd)
    Task: {D718F31F-4D0B-4567-B63F-93DC1B88CD9F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-683851097-2966681345-2970883835-1001UA => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2017-11-23] (Dropbox, Inc.)
    Task: {F46508CE-F1A2-406A-838E-023A1A66C606} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd)
    Task: {FA77DD77-5527-48D1-BC57-DF4679BA09C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
    Task: {FD48EF95-1E88-4E0B-95E8-BC56E4894DEF} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2016-10-04] (HP Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-683851097-2966681345-2970883835-1001Core.job => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-683851097-2966681345-2970883835-1001UA.job => C:\Users\Usuario\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\HPCeeScheduleForUsuario.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ==================== Loaded Modules (Whitelisted) ==============

    2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
    2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
    2018-12-12 10:35 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
    2019-01-22 00:05 - 2019-01-09 09:10 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2018-12-30 18:46 - 2018-12-30 18:49 - 001436760 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
    2015-12-15 18:17 - 2015-12-15 18:17 - 000618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
    2019-01-24 08:53 - 2019-01-22 14:14 - 001213768 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
    2019-01-24 08:53 - 2019-01-22 14:14 - 002103112 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
    2019-01-09 09:42 - 2019-01-22 14:16 - 000023376 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\tornado.speedups.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000025456 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:14 - 000148968 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\_cffi_backend.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 001878888 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000025960 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:14 - 000118232 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\pywintypes36.dll
    2019-01-09 09:42 - 2019-01-22 14:14 - 000109024 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32api.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000082760 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\fastpath.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:14 - 000418776 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\pythoncom36.dll
    2019-01-24 08:53 - 2019-01-22 14:15 - 000074072 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000027616 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32event.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000049128 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32process.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000026600 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32clipboard.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000131552 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32file.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000182752 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32gui.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000027616 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32pipe.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000119272 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32security.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:16 - 000401752 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32com.shell.shell.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000028640 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32job.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:16 - 000034664 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000062304 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:14 - 000023520 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\mmapfile.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 001457488 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\dbxlog._dbxlog.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000027488 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000053736 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32service.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000065504 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32evtlog.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000025944 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:16 - 000068968 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000028520 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000032224 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32ts.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 001755472 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000101200 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt592.sip.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 001885520 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000523600 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 003755344 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000061408 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32print.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000169304 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000061784 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000042840 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000202584 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000117584 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000214872 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000099664 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000029544 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winffi.shell32.compiled._winffi_shell32.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000028008 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000033632 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winreindex.compiled._winreindex.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:14 - 000027624 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\win32profile.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:16 - 000025960 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000025448 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000025960 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000031600 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:14 - 000486880 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winxpgui.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000051552 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000029040 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 011941712 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\nucleus_python.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000029024 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:14 - 000036312 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\librsync.dll
    2019-01-24 08:53 - 2019-01-22 14:15 - 000036712 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000272208 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
    2019-01-09 09:42 - 2019-01-22 14:16 - 000025960 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000433992 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
    2019-01-09 09:42 - 2019-01-22 14:16 - 000038240 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000026432 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\libEGL.DLL
    2019-01-24 08:53 - 2019-01-22 14:15 - 001967936 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\libGLESv2.dll
    2019-01-09 09:42 - 2019-01-22 14:16 - 000095592 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000025960 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winffi.shcore.compiled._winffi_shcore.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000054096 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.cp36-win32.pyd
    2019-01-09 09:48 - 2019-01-22 14:17 - 000029544 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.cp36-win32.pyd
    2019-01-09 09:42 - 2019-01-22 14:16 - 000025448 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\winffi.gdi32.compiled._winffi_gdi32.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000557392 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.cp36-win32.pyd
    2019-01-24 08:53 - 2019-01-22 14:15 - 000335184 _____ () C:\Users\Usuario\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.cp36-win32.pyd
    2018-09-20 07:32 - 2018-09-20 07:32 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\acrotray.esp

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\Usuario\Dropbox:user.myxattr [0]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
    IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
    IE trusted site: HKU\S-1-5-21-683851097-2966681345-2970883835-1001\...\localhost -> localhost
    IE trusted site: HKU\S-1-5-21-683851097-2966681345-2970883835-1001\...\webcompanion.com -> hxxp://webcompanion.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2016-07-16 12:47 - 2019-01-08 12:19 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
    HKU\S-1-5-21-683851097-2966681345-2970883835-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
    DNS Servers: 208.91.112.53 - 208.91.112.52
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    HKLM\...\StartupApproved\StartupFolder: => "HP JumpStart Launch.lnk"
    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run32: => "HPMessageService"
    HKU\S-1-5-21-683851097-2966681345-2970883835-1001\...\StartupApproved\StartupFolder: => "8818eb444916e64706f5501ddbf2ff8a.lnk"
    HKU\S-1-5-21-683851097-2966681345-2970883835-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-683851097-2966681345-2970883835-1001\...\StartupApproved\Run: => "Web Companion"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{61CCA96B-D905-40ED-8BB4-1CEB7F36844C}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
    FirewallRules: [{56B31255-5BF9-4E4E-A0A4-637F69B0DCC0}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
    FirewallRules: [{2D0764A7-ED0C-4583-8752-3A6BAF3F0488}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp.)
    FirewallRules: [{D4B1D50F-8499-40E3-80D5-B95EB27E3D36}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp.)
    FirewallRules: [{A41D1136-0271-4A11-9F1F-E59E8C468794}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink)
    FirewallRules: [{31D022BB-F507-4828-B6A2-289DBC56D4D8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp.)
    FirewallRules: [{D6161EF1-75D9-43C4-8AB3-24F2ACAD1BBA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
    FirewallRules: [{18A5B2E8-B504-412B-9D14-9E1ED9194C07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
    FirewallRules: [{7E7DEFD8-3E78-4E5E-BB4A-FAB484C0F1F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
    FirewallRules: [{D26A750E-C2F7-4504-B84E-176B6729D098}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
    FirewallRules: [{5F17BD03-E1DB-4AEC-9454-693762514D0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
    FirewallRules: [{101A39B7-DC5D-40E7-8B4C-03D82FFF6649}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
    FirewallRules: [{39F35F37-1CFA-4D79-AB7C-0405DF013CE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
    FirewallRules: [{518F27AB-5B2C-4F1E-865D-908C8252C59A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
    FirewallRules: [{ABFE6D23-B404-439B-A33E-F6B40445C173}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
    FirewallRules: [{C0ADFE96-D3A1-438C-A541-FB5B27F6703A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
    FirewallRules: [{4BBDC4D7-203C-4087-8BB6-B9A4A081B319}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
    FirewallRules: [{240E97C6-F2E3-4A9C-95F5-CB5D73C6F550}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
    FirewallRules: [{1E810323-0577-489D-88F3-8412476D6FCD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
    FirewallRules: [{84CB3467-6733-41E8-A653-90549CDF882E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
    FirewallRules: [{114955BE-30B7-4E63-8B91-9BDBB27AAA77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    FirewallRules: [{DA58E2A9-9F1D-4B83-814F-24756CFD5DEE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
    FirewallRules: [{0F2CCC37-4C79-41C8-8281-0374CB322885}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

    ==================== Restore Points =========================

    21-01-2019 23:29:05 Windows Update
    21-01-2019 23:30:01 Windows Update
    23-01-2019 12:47:52 Malwarebytes Anti-Rootkit Restore Point

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/24/2019 12:08:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4250

    Error: (01/24/2019 12:08:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4250

    Error: (01/24/2019 12:08:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/24/2019 12:08:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 2906

    Error: (01/24/2019 12:08:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 2906

    Error: (01/24/2019 12:08:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/24/2019 12:08:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1484

    Error: (01/24/2019 12:08:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1484


    System errors:
    =============
    Error: (01/25/2019 11:20:20 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FJTSPOP1)
    Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
     y APPID 
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
     al usuario LAPTOP-FJTSPOP1\Usuario con SID (S-1-5-21-683851097-2966681345-2970883835-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

    Error: (01/25/2019 04:53:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
     y APPID 
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
     al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

    Error: (01/24/2019 02:54:56 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FJTSPOP1)
    Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
     y APPID 
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
     al usuario LAPTOP-FJTSPOP1\Usuario con SID (S-1-5-21-683851097-2966681345-2970883835-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

    Error: (01/24/2019 01:20:23 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FJTSPOP1)
    Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
     y APPID 
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
     al usuario LAPTOP-FJTSPOP1\Usuario con SID (S-1-5-21-683851097-2966681345-2970883835-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

    Error: (01/24/2019 01:10:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
     y APPID 
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
     al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

    Error: (01/24/2019 01:10:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
     y APPID 
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
     al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

    Error: (01/24/2019 01:10:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
     y APPID 
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
     al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

    Error: (01/24/2019 12:19:55 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
    Description: 4


    Windows Defender:
    ===================================
    Date: 2019-01-14 18:45:47.532
    Description: 
    Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
    Para obtener más información consulte lo siguiente:
    https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
    Nombre: HackTool:MSIL/AutoKMS
    Id.: 2147711767
    Gravedad: Alta
    Categoría: Herramienta
    Ruta de acceso: file:_C:\WINDOWS\AutoKMS\AutoKMS.exe; file:_C:\WINDOWS\System32\Tasks\AutoKMS; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2A6735E-A66E-465F-8C01-ED9865420200}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS
    Origen de detección: Equipo local
    Tipo de detección: Concreto
    Fuente de detección: Sistema
    Usuario: NT AUTHORITY\SYSTEM
    Nombre de proceso: Unknown
    Versión de firma: AV: 1.283.2945.0, AS: 1.283.2945.0, NIS: 1.283.2945.0
    Versión de motor: AM: 1.1.15500.2, NIS: 1.1.15500.2

    Date: 2019-01-14 18:32:19.180
    Description: 
    El examen de Antivirus de Windows Defender se detuvo antes de completarse.
    Id. de examen: {A7156749-B53C-44DF-9B2B-9296E993D5B4}
    Tipo de examen: Antimalware
    Parámetros de examen: Examen rápido
    Usuario: NT AUTHORITY\SYSTEM

    Date: 2019-01-14 18:21:51.597
    Description: 
    El examen de Antivirus de Windows Defender se detuvo antes de completarse.
    Id. de examen: {9A2AC8AD-106F-473F-B83A-892DE08660EC}
    Tipo de examen: Antimalware
    Parámetros de examen: Examen rápido
    Usuario: NT AUTHORITY\SYSTEM

    Date: 2019-01-14 18:06:07.318
    Description: 
    El examen de Antivirus de Windows Defender se detuvo antes de completarse.
    Id. de examen: {A890FCC1-F70B-4F63-9EF2-031581F6D908}
    Tipo de examen: Antimalware
    Parámetros de examen: Examen rápido
    Usuario: NT AUTHORITY\SYSTEM

    Date: 2019-01-13 09:19:00.037
    Description: 
    El examen de Antivirus de Windows Defender se detuvo antes de completarse.
    Id. de examen: {96FE0D76-2789-4E56-96E0-F9F3484C2376}
    Tipo de examen: Antimalware
    Parámetros de examen: Examen rápido
    Usuario: NT AUTHORITY\SYSTEM

    Date: 2019-01-24 09:37:16.356
    Description: 
    Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
    Nueva versión de firma: 
    Versión de firma anterior: 1.283.3559.0
    Origen de actualización: Servidor de Microsoft Update
    Tipo de firma: AntiVirus
    Tipo de actualización: Completa
    Usuario: NT AUTHORITY\SYSTEM
    Versión de motor actual: 
    Versión de motor anterior: 1.1.15500.2
    Código de error: 0x80240022
    Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

    Date: 2019-01-24 09:37:16.356
    Description: 
    Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
    Nueva versión de firma: 
    Versión de firma anterior: 1.283.3559.0
    Origen de actualización: Servidor de Microsoft Update
    Tipo de firma: AntiVirus
    Tipo de actualización: Completa
    Usuario: NT AUTHORITY\SYSTEM
    Versión de motor actual: 
    Versión de motor anterior: 1.1.15500.2
    Código de error: 0x80240022
    Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

    Date: 2019-01-24 08:55:49.137
    Description: 
    La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
    Característica: Supervisión de comportamiento
    Código de error: 0x80508023
    Descripción del error: El programa no encontró malware ni otro software potencialmente no deseado en este dispositivo. 
    Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

    Date: 2019-01-23 13:27:12.859
    Description: 
    Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
    Nueva versión de firma: 
    Versión de firma anterior: 1.283.3559.0
    Origen de actualización: Servidor de Microsoft Update
    Tipo de firma: AntiVirus
    Tipo de actualización: Completa
    Usuario: NT AUTHORITY\SYSTEM
    Versión de motor actual: 
    Versión de motor anterior: 1.1.15500.2
    Código de error: 0x8007043c
    Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 

    Date: 2019-01-23 13:17:01.679
    Description: 
    La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
    Característica: Durante el acceso
    Código de error: 0x8007043c
    Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
    Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

    CodeIntegrity:
    ===================================

    Date: 2018-11-18 08:37:03.095
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\ashShA64.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-11-16 13:07:38.622
    Description: 
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\ashShA64.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-10-05 20:45:49.972
    Description: 
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

    Date: 2018-10-05 20:45:49.944
    Description: 
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

    Date: 2018-10-05 20:45:49.662
    Description: 
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

    Date: 2018-10-05 20:45:49.642
    Description: 
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

    Date: 2018-10-05 20:45:49.578
    Description: 
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

    Date: 2018-10-05 20:45:49.558
    Description: 
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

    ==================== Memory info =========================== 

    Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
    Percentage of memory in use: 55%
    Total physical RAM: 4024.07 MB
    Available physical RAM: 1771.52 MB
    Total Virtual: 8120.07 MB
    Available Virtual: 5708.93 MB

    ==================== Drives ================================

    Drive c: (Windows) (Fixed) (Total:449.35 GB) (Free:273.87 GB) NTFS
    Drive d: (RECOVERY) (Fixed) (Total:14.42 GB) (Free:1.71 GB) NTFS ==>[system with boot components (obtained from drive)]

    \\?\Volume{ad7ad3bb-bd48-4def-a27c-0fb961376724}\ () (Fixed) (Total:1.71 GB) (Free:1.2 GB) NTFS
    \\?\Volume{fce99fb5-9c5d-408a-98d0-eaf1b84edaec}\ () (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 38338F64)

    Partition: GPT.

    ==================== End of Addition.txt ============================

#5

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8818eb444916e64706f5501ddbf2ff8a.lnk [2018-07-01]
ShortcutTarget: 8818eb444916e64706f5501ddbf2ff8a.lnk -> C:\LAPTOP-FJTSPOP1\ummamscgxc.exe (No File)
C:\LAPTOP-FJTSPOP1\ummamscgxc.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-683851097-2966681345-2970883835-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
2019-01-18 21:45 - 2018-05-21 00:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-01-24 10:14 - 2019-01-24 10:14 - 000290304 _____ (Microsoft Corporation) C:\Users\Usuario\AppData\Local\Temp\Hydra.Sdk.Windows.Service.subinacl.exe
2019-01-24 10:12 - 2019-01-24 10:13 - 060647112 _____ (Panda Security, S.L.) C:\Users\Usuario\AppData\Local\Temp\{9AFDC72A-EBED-43A3-A3FB-19FD2765C364}.exe
Task: {FA77DD77-5527-48D1-BC57-DF4679BA09C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {B76466D8-EFE1-4819-9D58-47E416877CDC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9430663B-454A-45A3-BF49-841BCDBE274E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-15] (AVAST Software)


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema


#6

Buenos días, gracias por la ayuda. El proceso Ummamscgxc ya no aparece en los programas de inicio. Las carpetas cvleskmka_ xfmmuixtqh_ continuan en C:. Se pueden borrar?

Pego el Fixlog.

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by Usuario (27-01-2019 11:22:42) Run:1
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: defaultuser0 & Usuario)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:

CloseProcesses:



HKLM-x32\...\Run: [] => [X]

Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8818eb444916e64706f5501ddbf2ff8a.lnk [2018-07-01]

ShortcutTarget: 8818eb444916e64706f5501ddbf2ff8a.lnk -> C:\LAPTOP-FJTSPOP1\ummamscgxc.exe (No File)

C:\LAPTOP-FJTSPOP1\ummamscgxc.exe

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-683851097-2966681345-2970883835-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

2019-01-18 21:45 - 2018-05-21 00:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software

2019-01-24 10:14 - 2019-01-24 10:14 - 000290304 _____ (Microsoft Corporation) C:\Users\Usuario\AppData\Local\Temp\Hydra.Sdk.Windows.Service.subinacl.exe

2019-01-24 10:12 - 2019-01-24 10:13 - 060647112 _____ (Panda Security, S.L.) C:\Users\Usuario\AppData\Local\Temp\{9AFDC72A-EBED-43A3-A3FB-19FD2765C364}.exe

Task: {FA77DD77-5527-48D1-BC57-DF4679BA09C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)

Task: {B76466D8-EFE1-4819-9D58-47E416877CDC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {9430663B-454A-45A3-BF49-841BCDBE274E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-15] (AVAST Software)





HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8818eb444916e64706f5501ddbf2ff8a.lnk => moved successfully
"C:\LAPTOP-FJTSPOP1\ummamscgxc.exe" => not found
"C:\LAPTOP-FJTSPOP1\ummamscgxc.exe" => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-683851097-2966681345-2970883835-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
C:\WINDOWS\System32\Tasks\Avast Software => moved successfully
C:\Users\Usuario\AppData\Local\Temp\Hydra.Sdk.Windows.Service.subinacl.exe => moved successfully
C:\Users\Usuario\AppData\Local\Temp\{9AFDC72A-EBED-43A3-A3FB-19FD2765C364}.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{FA77DD77-5527-48D1-BC57-DF4679BA09C6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA77DD77-5527-48D1-BC57-DF4679BA09C6}" => removed successfully
"C:\WINDOWS\System32\Tasks\Avast Software\Overseer" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B76466D8-EFE1-4819-9D58-47E416877CDC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B76466D8-EFE1-4819-9D58-47E416877CDC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9430663B-454A-45A3-BF49-841BCDBE274E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9430663B-454A-45A3-BF49-841BCDBE274E}" => removed successfully
C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-683851097-2966681345-2970883835-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-683851097-2966681345-2970883835-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9723904 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 67604056 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 705746 B
Edge => 34816 B
Chrome => 79118953 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 8994 B
LocalService => 0 B
NetworkService => 5620 B
NetworkService => 0 B
defaultuser0 => 0 B
Usuario => 3280697 B

RecycleBin => 106 B
EmptyTemp: => 153 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:23:03 ====

#7

Elimina esas carpetas sin problema y comentas como va todo


#8

Por ahora todo correcto. Muchas gracias por todo.


#9

Para eliminar las herramientas usadas en la desinfección, realizas:

  • Descargas y Ejecutas >> Delfix, en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

  • Marca solamente la casilla Remove disinfection tools

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.


Me alegro de haberte podido ayudar! :+1:


TEMA SOLUCIONADO


cerrado #10

Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.