-------------------------------

Malwarebytes AdwCleaner 8.3.0.0

-------------------------------

Build: 06-29-2021

Database: 2021-09-09.1 (Cloud)

Support: Malwarebytes Support

-------------------------------

Mode: Scan

-------------------------------

Start: 09-29-2021

Duration: 00:00:10

OS: Windows 7 Professional

Scanned: 31995

Detected: 21

***** [ Services ] *****

PUP.Optional.Legacy WinDefender

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

Trojan.Agent C:\Windows\System32\drivers\WinmonProcessMonitor.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

Adware.CloudWeb C:\Windows\System32\Tasks\SCHEDULEDUPDATE

***** [ Registry ] *****

Adware.CloudWeb HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{2C54ADF8-F011-420A-945D-0EED4AE6385A} Adware.CloudWeb HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy obkfjhifkbhimlocpddgamonjihinpak

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoEasyCamera Folder C:\Program Files (x86)\USB CAMERA Preinstalled.LenovoEasyCamera Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|331BigDog Preinstalled.LenovoEasyCamera Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332} Preinstalled.LenovoEnergyManagement Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGEMENT Preinstalled.LenovoEnergyManagement Folder C:\Users\PedAngGV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Management Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|EnergyUtility Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB} Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall{D0956C11-0F60-43FE-99AD-524E833471BB} Preinstalled.LenovoSHAREit File C:\Users\Public\Desktop\SHAREit.lnk Preinstalled.LenovoServiceBridge Folder C:\Users\PedAngGV\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1 Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\SYSTEM UPDATE Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

-------------------------------

Malwarebytes AdwCleaner 8.3.0.0

-------------------------------

Build: 06-29-2021

Database: 2021-09-09.1 (Cloud)

Support: Malwarebytes Support

-------------------------------

Mode: Clean

-------------------------------

Start: 09-29-2021

Duration: 00:00:08

OS: Windows 7 Professional

Cleaned: 15

Failed: 0

***** [ Services ] *****

Deleted WinDefender

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SCHEDULEDUPDATE

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{2C54ADF8-F011-420A-945D-0EED4AE6385A} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell

***** [ Chromium (and derivatives) ] *****

Deleted obkfjhifkbhimlocpddgamonjihinpak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoEasyCamera Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|331BigDog Deleted Preinstalled.LenovoEasyCamera Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332} Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB} Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall{D0956C11-0F60-43FE-99AD-524E833471BB} Deleted Preinstalled.LenovoServiceBridge Folder C:\Users\PedAngGV\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE Deleted Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1 Deleted Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\SYSTEM UPDATE Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1

---

[+] Delete Tracing Keys [+] Reset Winsock

---

AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 01:21:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

-------------------------------

Malwarebytes AdwCleaner 8.3.0.0

-------------------------------

Build: 06-29-2021

Database: 2021-09-09.1 (Cloud)

Support: Malwarebytes Support

-------------------------------

Mode: Scan

-------------------------------

Start: 10-01-2021

Duration: 00:01:03

OS: Windows 7 Professional

Scanned: 31998

Detected: 18

***** [ Services ] *****

PUP.Optional.Legacy WinDefender

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

Trojan.Agent C:\Windows\System32\drivers\WinmonProcessMonitor.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

Adware.CloudWeb C:\Windows\System32\Tasks\SCHEDULEDUPDATE

***** [ Registry ] *****

Adware.CloudWeb HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{AC37E7A4-FCE0-4B52-8E4B-6DD167D944B9} Adware.CloudWeb HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com PUP.Optional.Legacy HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com PUP.Optional.Legacy HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy obkfjhifkbhimlocpddgamonjihinpak

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoEasyCamera Folder C:\Program Files (x86)\USB CAMERA Preinstalled.LenovoEnergyManagement Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGEMENT Preinstalled.LenovoEnergyManagement Folder C:\Users\PedAngGV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Management Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|EnergyUtility Preinstalled.LenovoSHAREit File C:\Users\Public\Desktop\SHAREit.lnk

AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 01:21:08] AdwCleaner[C00].txt - [3091 octets] - [29/09/2021 01:23:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

-------------------------------

Malwarebytes AdwCleaner 8.3.0.0

-------------------------------

Build: 06-29-2021

Database: 2021-09-09.1 (Cloud)

Support: Malwarebytes Support

-------------------------------

Mode: Clean

-------------------------------

Start: 10-01-2021

Duration: 00:00:03

OS: Windows 7 Professional

Cleaned: 12

Failed: 0

***** [ Services ] *****

Deleted WinDefender

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SCHEDULEDUPDATE

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{AC37E7A4-FCE0-4B52-8E4B-6DD167D944B9} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate Deleted HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com Deleted HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

***** [ Chromium (and derivatives) ] *****

Deleted obkfjhifkbhimlocpddgamonjihinpak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

---

[+] Delete Tracing Keys [+] Reset Winsock

---

AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 01:21:08] AdwCleaner[C00].txt - [3091 octets] - [29/09/2021 01:23:27] AdwCleaner[S01].txt - [3309 octets] - [01/10/2021 00:18:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

-------------------------------

Malwarebytes AdwCleaner 8.3.0.0

-------------------------------

Build: 06-29-2021

Database: 2021-09-09.1 (Cloud)

Support: Malwarebytes Support

-------------------------------

Mode: Scan

-------------------------------

Start: 10-03-2021

Duration: 00:00:26

OS: Windows 7 Professional

Scanned: 31994

Detected: 12

***** [ Services ] *****

PUP.Optional.Legacy WinDefender

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

Trojan.Agent C:\Windows\System32\drivers\WinmonProcessMonitor.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

Adware.CloudWeb C:\Windows\System32\Tasks\SCHEDULEDUPDATE

***** [ Registry ] *****

Adware.CloudWeb HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{FCF17C77-DE90-440C-91E5-63F5B1A09D8D} Adware.CloudWeb HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy obkfjhifkbhimlocpddgamonjihinpak

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoEasyCamera Folder C:\Program Files (x86)\USB CAMERA Preinstalled.LenovoEnergyManagement Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGEMENT Preinstalled.LenovoEnergyManagement Folder C:\Users\PedAngGV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Management Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|EnergyUtility Preinstalled.LenovoSHAREit File C:\Users\Public\Desktop\SHAREit.lnk

AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 01:21:08] AdwCleaner[C00].txt - [3091 octets] - [29/09/2021 01:23:27] AdwCleaner[S01].txt - [3309 octets] - [01/10/2021 00:18:49] AdwCleaner[C01].txt - [2676 octets] - [01/10/2021 00:31:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

-------------------------------

Malwarebytes AdwCleaner 8.3.0.0

-------------------------------

Build: 06-29-2021

Database: 2021-09-09.1 (Cloud)

Support: Malwarebytes Support

-------------------------------

Mode: Clean

-------------------------------

Start: 10-03-2021

Duration: 00:00:08

OS: Windows 7 Professional

Cleaned: 12

Failed: 0

***** [ Services ] *****

Deleted WinDefender

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\WinmonProcessMonitor.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SCHEDULEDUPDATE

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{FCF17C77-DE90-440C-91E5-63F5B1A09D8D} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ScheduledUpdate

***** [ Chromium (and derivatives) ] *****

Deleted obkfjhifkbhimlocpddgamonjihinpak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoEasyCamera Folder C:\Program Files (x86)\USB CAMERA Deleted Preinstalled.LenovoEnergyManagement Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGEMENT Deleted Preinstalled.LenovoEnergyManagement Folder C:\Users\PedAngGV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Management Deleted Preinstalled.LenovoEnergyManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|EnergyUtility Deleted Preinstalled.LenovoSHAREit File C:\Users\Public\Desktop\SHAREit.lnk

---

[+] Delete Tracing Keys [+] Reset Winsock

---

AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 01:21:08] AdwCleaner[C00].txt - [3091 octets] - [29/09/2021 01:23:27] AdwCleaner[S01].txt - [3309 octets] - [01/10/2021 00:18:49] AdwCleaner[C01].txt - [2676 octets] - [01/10/2021 00:31:15] AdwCleaner[S02].txt - [2637 octets] - [03/10/2021 18:37:30]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Hola, buenas @T0rito

perfecto.

¿Qué es lo que te sucede exactamente que no te deje instalar el Malwarebytes? ¿Te da algún error al intentar instalarlo? ¿Simplemente no te deja?

Ya sé que has realizado análisis con el AdwCleaner, pero igualmente repetirás una vez más el Análisis con este y realizarás algunas cosas más. Para ello sigues las siguientes instrucciones:

0) Descarga Adwcleaner en el escritorio.

• Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
• Pulsar en el botón Analizar Ahora, y espera a que se termine el análisis. Inmediatamente pulsa sobre el botón Iniciar Reparación.
• Espera a que termine y sigue las instrucciones que te aparezcan. Si te pidiera Reiniciar, pues reinicias el ordenador pulsando en Aceptar.
• Si no encuentra nada, pulsa en Omitir Reparación.
• El log lo encontrarás en la pestaña Informes, volviendo a abrir el programa, si es necesario o en la siguiente ubicación: C:\AdwCleaner\Logs\AdwCleaner[C0].txt.
• Para más información aquí te dejo su manual: Manual de Adwcleaner.
• Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.

1) Descarga, instala y ejecuta ZHP Cleaner siguiendo su manual, lo descargas, instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

RESTABLECER NAVEGADORES

Restablece todos los navegadores que tengas tal y como se indica en esta guía:

OJO, REALIZA SOLO LA PARTE QUE EMPIEZA EN: PUP/Adware en: Internet Explorer y hacia abajo todos los posts que siguen (PUP/Adware en: Mozilla Firefox, PUP/Adware en: Google Chrome) y si tienes algún navegador como Opera o Safari que no salen en la guía, pues haz procedimientos similares y extrapolas de los navegadores que sí que aparecen.

Guía de cómo eliminar Adwares/PUPs

PRÓXIMA RESPUESTA

Me traes los logs de: AdwCleaner y ZHP Cleaner y respondes a las preguntas que te haya realizado (si no hay, pues no) y comentas como va el PC.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-06-2021
# Duration: 00:00:22
# OS:       Windows 7 Professional
# Scanned:  31995
# Detected: 5


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Trojan.Agent                    C:\Windows\rss

***** [ Files ] *****

Trojan.Agent                    C:\Windows\System32\drivers\Winmon.sys
Trojan.Agent                    C:\Windows\System32\drivers\WinmonFS.sys
Trojan.Agent                    C:\Windows\windefender.exe

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy             obkfjhifkbhimlocpddgamonjihinpak

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 01:21:08]
AdwCleaner[C00].txt - [3091 octets] - [29/09/2021 01:23:27]
AdwCleaner[S01].txt - [3309 octets] - [01/10/2021 00:18:49]
AdwCleaner[C01].txt - [2676 octets] - [01/10/2021 00:31:15]
AdwCleaner[S02].txt - [2637 octets] - [03/10/2021 18:37:30]
AdwCleaner[C02].txt - [2785 octets] - [03/10/2021 18:38:14]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-06-2021
# Duration: 00:00:02
# OS:       Windows 7 Professional
# Cleaned:  5
# Awaiting reboot:1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Windows\rss

***** [ Files ] *****

Deleted       C:\Windows\System32\drivers\Winmon.sys
Deleted       C:\Windows\System32\drivers\WinmonFS.sys
Needs Reboot  C:\Windows\windefender.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted       obkfjhifkbhimlocpddgamonjihinpak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Files ] *****

Cleaned           C:\Windows\windefender.exe

*************************

AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 01:21:08]
AdwCleaner[C00].txt - [3091 octets] - [29/09/2021 01:23:27]
AdwCleaner[S01].txt - [3309 octets] - [01/10/2021 00:18:49]
AdwCleaner[C01].txt - [2676 octets] - [01/10/2021 00:31:15]
AdwCleaner[S02].txt - [2637 octets] - [03/10/2021 18:37:30]
AdwCleaner[C02].txt - [2785 octets] - [03/10/2021 18:38:14]
AdwCleaner[S03].txt - [2005 octets] - [06/10/2021 01:17:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-06-2021
# Duration: 00:00:20
# OS:       Windows 7 Professional
# Scanned:  31997
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 01:21:08]
AdwCleaner[C00].txt - [3091 octets] - [29/09/2021 01:23:27]
AdwCleaner[S01].txt - [3309 octets] - [01/10/2021 00:18:49]
AdwCleaner[C01].txt - [2676 octets] - [01/10/2021 00:31:15]
AdwCleaner[S02].txt - [2637 octets] - [03/10/2021 18:37:30]
AdwCleaner[C02].txt - [2785 octets] - [03/10/2021 18:38:14]
AdwCleaner[S03].txt - [2005 octets] - [06/10/2021 01:17:41]
AdwCleaner[C03].txt - [2267 octets] - [06/10/2021 01:18:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-06-2021
# Duration: 00:00:18
# OS:       Windows 7 Professional
# Scanned:  31996
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 01:21:08]
AdwCleaner[C00].txt - [3091 octets] - [29/09/2021 01:23:27]
AdwCleaner[S01].txt - [3309 octets] - [01/10/2021 00:18:49]
AdwCleaner[C01].txt - [2676 octets] - [01/10/2021 00:31:15]
AdwCleaner[S02].txt - [2637 octets] - [03/10/2021 18:37:30]
AdwCleaner[C02].txt - [2785 octets] - [03/10/2021 18:38:14]
AdwCleaner[S03].txt - [2005 octets] - [06/10/2021 01:17:41]
AdwCleaner[C03].txt - [2267 octets] - [06/10/2021 01:18:00]
AdwCleaner[S04].txt - [1901 octets] - [06/10/2021 01:40:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-06-2021
# Duration: 00:00:01
# OS:       Windows 7 Professional
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 01:21:08]
AdwCleaner[C00].txt - [3091 octets] - [29/09/2021 01:23:27]
AdwCleaner[S01].txt - [3309 octets] - [01/10/2021 00:18:49]
AdwCleaner[C01].txt - [2676 octets] - [01/10/2021 00:31:15]
AdwCleaner[S02].txt - [2637 octets] - [03/10/2021 18:37:30]
AdwCleaner[C02].txt - [2785 octets] - [03/10/2021 18:38:14]
AdwCleaner[S03].txt - [2005 octets] - [06/10/2021 01:17:41]
AdwCleaner[C03].txt - [2267 octets] - [06/10/2021 01:18:00]
AdwCleaner[S04].txt - [1901 octets] - [06/10/2021 01:40:43]
AdwCleaner[S05].txt - [1962 octets] - [06/10/2021 01:41:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

~ ZHPCleaner v2021.10.5.331 by Nicolas Coolman (2021/10/05)
~ Run by PedAngGV (Administrator)  (06/10/2021 01:45:12)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : 
~ Certificate ZHPCleaner: Legal
~ Type : Scanner
~ Report : C:\Users\PedAngGV\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\PedAngGV\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)

---\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados. (ADS)

---\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados. (Servicio)

---\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados. (Navegador)

---\  Hosts carpeta (1)
~ El archivo hosts es legítimo (15521)

---\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados. (Tarea)

---\  Explorador ( Archivos, Carpetas ) (1)
ENCONTRADOS carpeta: C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>ChromiumPreference

---\  Registro ( Claves, Valores, Datos) (0)
~ No malintencionados o innecesarios artículos encontrados. (Register)

---\  Resumen de elementos en su estación de trabajo (1)
https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/  =>ChromiumPreference

---\ Resultado de la reparación.
~ ninguna reparación hecha
~ Google Chrome OK
~ Internet Explorer OK

---\ STATISTIQUES
~ Items escaneado : 85065
~ Items encontrado : 1
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 9/17

---\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
~ Iniciar navegadores con extensiones eliminadas

~ End of search in 00h05mn03s

---\  Reporte (2)
ZHPCleaner-[S]-06102021-01_32_50.txt
ZHPCleaner-[S]-06102021-01_50_15.txt



~ ZHPCleaner v2021.10.5.331 by Nicolas Coolman (2021/10/05)
~ Run by PedAngGV (Administrator)  (06/10/2021 01:52:05)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : 
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\PedAngGV\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\PedAngGV\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)

---\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados. (ADS)

---\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados. (Servicio)

---\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados. (Navegador)

---\  Hosts carpeta (1)
~ El archivo hosts es legítimo (15521)

---\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados. (Tarea)

---\  Explorador ( Archivos, Carpetas ) (1)
MOVIDO carpeta: C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>Préférences Chromium

---\  Registro ( Claves, Valores, Datos) (0)
~ No malintencionados o innecesarios artículos encontrados. (Register)

---\  Resumen de elementos en su estación de trabajo (1)
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>Préférences Chromium

---\ Limpieza adicional. (0)
~ Clave de registro Tracing borrados (0)
~ Quitar los antiguos informes de ZHPCleaner. (0)

---\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Internet Explorer OK

---\ STATISTIQUES
~ Items escaneado : 32017
~ Items encontrado : 0
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 9/17

---\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
~ Iniciar navegadores con extensiones eliminadas

~ End of clean in 00h00mn53s

---\  Reporte (3)
ZHPCleaner-[S]-06102021-01_32_50.txt
ZHPCleaner-[S]-06102021-01_50_15.txt
ZHPCleaner-[R]-06102021-01_52_58.txt

Bueno, si me dejaba un error, que salia en una ventana; pero este ya no aparece y ya ahora si me deja instalarlo (hablo del Malwarebytes 4.x)

Hola buenas @T0rito.

Ok. , haremos lo siguiente:

EN BUSCA / ELIMINACIÓN DE MALWARE

(Mantén conectados todos tus dispositivos externos que tengas como: USBs, discos duros externos, etc).

Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.

Ahora ejecutarás una serie de herramientas respetando el orden los pasos con todos los programas cerrados incluidos los navegadores.

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y discos duros externos si también tienes.

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

0) Descarga Ccleaner Aquí te dejo su manual: Manual de CCleaner , para que sepas como usarlo y configurarlo correctamente.

Lo instalas y lo ejecutas. En la pestaña Limpieza personalizada dejas la configuración predeterminada. Haces clic en Analizar y esperas a que termine. Seguidamente haz clic en Ejecutar Limpiador. Clic en la pestaña Registro > clic en Buscar Problemas esperas que termine. Finalmente clic en Reparar Seleccionadas y realizas una Copia de Seguridad del registro de Windows.

1) Descarga, instala, actualiza y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes, para que sepas como usarlo y configurarlo correctamente.

• Realizas un Análisis Personalizado, marcando Todas las casillas de la Derecha y de la Izquierda, actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas, incluida la que me has dicho anteriormente y marcas todas las unidades de disco disponibles y las siguientes casillas:

• Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.
• Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.

2) Utiliza nuevamente CCleaner tal como te dije en el punto 0.

Pegas el reporte de Malwarebytes y comentas como va el problema inicial planteado por el cual abriste este tema. También responde a las preguntas que te haya realizado a lo largo de este Post, siempre que te haya hecho alguna, si no, no

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

tengo un disco externo de 4tb, y mucho antes de este problema no lo tenia conectado, asi que como me voy de vajes por 4 días, solo pasaré Ccleaner luego el Malwarebytes 4.x, esta bien? Gracias.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 7/10/21
Hora del análisis: 17:24
Archivo de registro: 59a2a9b4-27bd-11ec-a48f-e89a8f397f50.json

-Información del software-
Versión: 4.4.8.137
Versión de los componentes: 1.0.1474
Versión del paquete de actualización: 1.0.45650
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: PedAngGV-PC\PedAngGV

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 225965
Amenazas detectadas: 14
Amenazas en cuarentena: 14
Tiempo transcurrido: 4 min, 40 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 7
Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\csrss, En cuarentena, 514, 781233, , , , , , 
Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{50B47AB8-0CAC-42DA-8051-B00C7F32E58F}, En cuarentena, 514, 781233, , , , , , 
Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{50B47AB8-0CAC-42DA-8051-B00C7F32E58F}, En cuarentena, 514, 781233, , , , , , 
Trojan.Glupteba.E, HKU\S-1-5-21-1264854543-508359185-2951099918-1000\SOFTWARE\MICROSOFT\5bab3ef8, En cuarentena, 514, 821174, 1.0.45650, , ame, , , 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Winmon, En cuarentena, 514, 781212, 1.0.45650, , ame, , , 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinmonFS, En cuarentena, 514, 781211, 1.0.45650, , ame, , , 
Trojan.Glupteba.E, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinmonProcessMonitor, En cuarentena, 514, 781210, 1.0.45650, , ame, , , 

Valor del registro: 3
Trojan.Glupteba.E, HKU\S-1-5-21-1264854543-508359185-2951099918-1000\SOFTWARE\MICROSOFT\5bab3ef8|CAMPAIGNID, En cuarentena, 514, 821174, 1.0.45650, , ame, , , 
Trojan.Glupteba.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{50B47AB8-0CAC-42DA-8051-B00C7F32E58F}|PATH, En cuarentena, 514, 781231, 1.0.45650, , ame, , , 
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU, En cuarentena, 7068, 676880, 1.0.45650, , ame, , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 4
Trojan.Glupteba.E, C:\WINDOWS\SYSTEM32\TASKS\CSRSS, En cuarentena, 514, 781233, 1.0.45650, , ame, , 10E3B6217B3C0A03944D8248BEAAB20B, D316C7A42A9BF07E4097D8992D8C5AFF01664719CC4D27C79F882C80E62889A1
Generic.Malware/Suspicious, C:\WINDOWS\SYSCLEAN.EXE, En cuarentena, 0, 392686, 1.0.45650, , shuriken, , 4FB06DA6B753997F28171717CAC4DAC4, 7C4D416AAD6ACB0DC48914F4C922D8470FF9ABF0C16FE2CCE8BB3DD7980B59A5
Generic.Malware/Suspicious, C:\USERS\PEDANGGV\APPDATA\ROAMING\THINSTALL\WATERMARK IMAGE\SKEL\93F67162507DCA5BE21DC1907EB97891C72200C0\QUALITYAGENT.EXE, En cuarentena, 0, 392686, 1.0.45650, , shuriken, , 5D56A67319A6BC7D77AA130986EB7ACE, F5ED0218DFCDA763906A99B37EA2645109EFE5421805F4BF94D38CBF933E9F4D
Generic.Malware/Suspicious, C:\USERS\PEDANGGV\APPDATA\ROAMING\THINSTALL\WATERMARK IMAGE\SKEL\93F67162507DCA5BE21DC1907EB97891C72200C0\EXIFTOOL.EXE, En cuarentena, 0, 392686, 1.0.45650, , shuriken, , 5D56A67319A6BC7D77AA130986EB7ACE, F5ED0218DFCDA763906A99B37EA2645109EFE5421805F4BF94D38CBF933E9F4D

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

antes que haga esta pasada del Malwarebytes 4.x.x, ya mi navegador no presentaba esta molestia, ahora que encontró estos mas malwares, viajo de los mas lindo, Gracias.

Hola, buenas @T0rito

Primero de todo disculpa que haya tardado en responder. Pues últimamente voy con muy poco tiempo para el foro y es normal. Pero seguiremos el caso hasta el final.

Ok. De todas formas te recomendaría que analizases dicho disco duro externo con el malwarebytes, pues puede ser que este tenga algún otro malware diferente del que ya tienes en tu PC dentro de este. De todas formas tú tienes la decisión final, simplemente pudiera llegarse a dar el caso de que si tienes determinados tipos de malware en ese disco duro, pues que en algún momento dado se pudieran replicar en tu máquina.

De nada.

Respecto el Malwarebytes debo decirte que lo tendrás que volver a ejecutar de nuevo. Pues has realizado un Análisis de Amenazas y yo te indicaba que hicieses un Análisis de Personalizado. Así que haces un Análisis de Personalizado y me traes su log.

Respecto el AdwCleaner: ¿Tienes algún log que ponga Cleaned o similares? Si lo tienes, pues lo traes.

Pues necesitaríamos ambos informes para poder determinar si ya no queda malware en tu equipo. Traes TODO lo SOLICITADO.

Salu2.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 15/10/21
Hora del análisis: 18:11
Archivo de registro: 33dcd85c-2e0d-11ec-af7b-e89a8f397f50.json

-Información del software-
Versión: 4.4.8.137
Versión de los componentes: 1.0.1474
Versión del paquete de actualización: 1.0.45952
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: PedAngGV-PC\PedAngGV

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 257590
Amenazas detectadas: 24
Amenazas en cuarentena: 0
Tiempo transcurrido: 2 hr, 14 min, 11 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 24
RiskWare.Tool.CK, C:\USERS\PEDANGGV\DOWNLOADS\6 VOCES LOQUENDO ESPAñOL\CRACK OR PATCH.RAR, Sin acciones por parte del usuario, 7508, 137428, 1.0.45952, 42D912A1CE1DBDC76E00023F, dds, 01467244, 333EA10DCF3371FF6B3604EFC7298175, 59BC3E5CE1734C041E06B97BA382B77D740A88CC082240D859BA2AE3F14A57CC
Malware.AI.4284137482, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\NIRSOFT_PACKAGE_ENC_1.23.51\NIRSOFT\X64\PASSWORDSCAN.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.45952, C6260F6894D86A87FF5AC00A, dds, 01467244, 9C1FFAF6015E5ED56A981CEA5F0937A9, 32E9052BFCF8EBBE86164EF29E58B293B505C9101D1EE9C3BC04A508A3A9A7FC
HackTool.PassFox, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\NIRSOFT_PACKAGE_ENC_1.23.51\NIRSOFT\X64\PASSWORDFOX.EXE, Sin acciones por parte del usuario, 11842, 707271, 1.0.45952, 3A8D297DEA47524FFB0C146C, dds, 01467244, 2A624BDDD0296C8F1CFE69951AFD2B54, FACA9E856C369B63D6698C74B1D59B062A9A8D9FE84B8F753C299C9961026395
Generic.Malware/Suspicious, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\NIRSOFT_PACKAGE_ENC_1.23.51\NIRSOFT\X64\WIRELESSKEYVIEW.EXE, Sin acciones por parte del usuario, 0, 392686, 1.0.45952, , shuriken, , F577DF72C3104DF7158C898B64CA53DB, E8C208FB8F488971975C0023256C5A955578A1B5299A45D627A4E2D7F8FB850E
Generic.Malware/Suspicious, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\NIRSOFT_PACKAGE_ENC_1.23.51\NIRSOFT\MAILPV.EXE, Sin acciones por parte del usuario, 0, 392686, 1.0.45952, , shuriken, , FC3B93E042DE5FA569A8379D46BCE506, 5BE325905DF8AAB7089AB2348D89343F55A2F88DADD75DE8F382E8FA026451BD
RiskWare.EdgeCookiesView, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\NIRSOFT_PACKAGE_ENC_1.23.51\NIRSOFT\EDGECOOKIESVIEW.EXE, Sin acciones por parte del usuario, 15683, 875352, 1.0.45952, , ame, , 4D4C98ECA32B14AEB074DB34CD0881E4, 4182172A01BDFC08C5CF7E8652F7D9D81858345A770E2B6B507840E4C1C7764F
Generic.Malware/Suspicious, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\NIRSOFT_PACKAGE_ENC_1.23.51\NIRSOFT\WEBBROWSERPASSVIEW.EXE, Sin acciones por parte del usuario, 0, 392686, 1.0.45952, , shuriken, , F3D20449BAB41301AEFAD304CB02773B, C41216EEE9756A1DCC546DF4FE97DEFC05513EED64CE6AC05F1501B50E6F96CC
MachineLearning/Anomalous.93%, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\NIRSOFT_PACKAGE_ENC_1.23.51\NIRSOFT\PASSWORDSCAN.EXE, Sin acciones por parte del usuario, 0, 392687, 1.0.45952, , shuriken, , 4D50A8AFBFADBB0DBFE45AC69C53EA2F, 84DB6726FF6A2B83ECDB894A381774E25359B5CC521938DAC98C86A36DEB670E
Malware.Heuristic.1003, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\NIRSOFT_PACKAGE_ENC_1.23.51\NIRSOFT\PASSWORDSCAN.EXE, Sin acciones por parte del usuario, 1000001, 0, 1.0.45952, 0000000000000000000003EB, dds, 01467244, 4D50A8AFBFADBB0DBFE45AC69C53EA2F, 84DB6726FF6A2B83ECDB894A381774E25359B5CC521938DAC98C86A36DEB670E
Malware.AI.1380791658, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\NIRSOFT_PACKAGE_ENC_1.23.51\NIRSOFT\WIRELESSKEYVIEW.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.45952, 157099865F4917E5524D356A, dds, 01467244, 81EF253CA51B22C2DBB8B9923CE5D875, 1F1F061024D66D8BCA9373D835B01E7AAB51D973CF4600DBD8935A6D3195BE86
Spyware.PasswordStealer, C:\USERS\PEDANGGV\DOWNLOADS\POWERISO.7.8.MULTILINGUAL.INC.KEYGEN.X64\KEYGEN.V1.1B_KINDLY.RAR, Sin acciones por parte del usuario, 555, 835056, 1.0.45952, 194F5D13FCC9CBD428D4B61E, dds, 01467244, 86C95127E9A17A6F7E9C124CACAF36F4, 754B3BB4D58BB640C695C59218410C21E26E6FD44A7B69D11B0C0A87627ED4B2
Malware.AI.4220749199, C:\USERS\PEDANGGV\DOWNLOADS\SUPERCOPIER 4.1 - WWW.DPROJECTS.ORG\SUPERCOPIER 4.1-SETUP.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.45952, D2E27EC86A3B19A2FB93858F, dds, 01467244, 1A5E4682F3FD60D73DCFAEF7EA6DA4CB, 4DAE6F61EA366904C6C3A652BC3446DBB2467057B51E19E740B615C31ED610A0
Trojan.Glupteba, C:\ADWCLEANER\QUARANTINE\V1\20211006.011758\2\WINMONFS.SYS#48F33254DF52062F, Sin acciones por parte del usuario, 4446, 781343, 1.0.45952, , ame, , C6100C067D1E619B730BF23AB4045B17, F632800DC961C46374DBA818B8AF17F1B770BFCB2D868E5CE10F2151B264EA26
Trojan.Glupteba, C:\ADWCLEANER\QUARANTINE\V1\20211006.011758\3\WINMON.SYS#A4CEEBE921574AC8, Sin acciones por parte del usuario, 4446, 781348, 1.0.45952, 3E6E6C6E8DD94D190C09A33E, dds, 01467244, 69989105F151015C16A2F422F5722590, B1C321B5E495473A401BD6E6ADFE1EC931F8247B1B2646B0E259BFF011A0958C
Trojan.Ranumbot, C:\ADWCLEANER\QUARANTINE\V1\20211006.011758\1\WINDEFENDER.EXE#EE41CB463B852F74, Sin acciones por parte del usuario, 7882, 854955, 1.0.45952, 443F225D407A9B5D052BA529, dds, 01467244, 6512AE7C9F36206F6433F78296102419, 6B9468EFEE35A8454A7FB395F43E5BDD14DF918437661846D7D6EC199BA08883
Generic.Trojan.Malicious.DDS, D:\DISEñO\PROGRAMS\AMTEMU.VIP.ZIP, Sin acciones por parte del usuario, 1000002, 0, 1.0.45952, 9082695A2E6099F583AC763F, dds, 01467244, 537F0CCFE4F9E543380CDB6C60ADAAA9, 380AC5D1B0BFAE78B89B0CEB4F7A3A7E7AF5C37A1CB646A772F482A872150C7D
Generic.Trojan.Injector.DDS, D:\PROGRAMAS\IDM - CRACK\IDM_6.3X_CRACK_V17.7.RAR, Sin acciones por parte del usuario, 1000002, 0, 1.0.45952, C6FFE61BDE57A579634EE819, dds, 01467244, 308D8AC8227543A09AFB86F648493844, CD0B37244A5C55837644462EE7AFECAD03AC14124886100549B8507C11369A83
RiskWare.Tool.CK, D:\PROGRAMAS\ESET NOD32 V.8 X64 ESPAñOL, WINDOWS 7,8,8.1,10\ESET NOD32 V8 ACTIVADOR.RAR, Sin acciones por parte del usuario, 7508, 31949, 1.0.45952, 54830BFCA5BE403C33B79441, dds, 01467244, D700E6A96278383E8AE00B6D87D87647, 97CE8F7C65E595B508E130024959F99E02C51A6C53BF8D8941DED8838970CA15
PUP.Optional.AdvancedSystemRepair, D:\PROGRAMAS\ADVANCED SYSTEM REPAIR PRO 1.9.4.1 INCL KEY [CRACKINGPATCHING].ZIP, Sin acciones por parte del usuario, 561, 977781, 1.0.45952, , ame, , FBA514CB30A8983849AAEE88B8769126, 0332430A6EBFAD962C163E449972BBDD1FCB5B6C3FDC0FA7129BAB119051878D
RiskWare.Keygen, D:\PROGRAMAS\WINRAR_KEYGEN_V1.9_BY_DFOX.RAR, Sin acciones por parte del usuario, 2168, 749643, 1.0.45952, 7F2F6F413D513566FE477444, dds, 01467244, 72B3809196906D9DB3C5CD3534200DDB, B707812445D41DC2D2488DE45F3679CAA6AC3B90E989040450B3354CD89AA05C
PUP.Optional.DriverIdentifier, D:\PROGRAMAS\DRIVERS & FRAMEWORK 4.6 [LENOVO 470]\DRIVERIDENTIFIER_SETUP.EXE, Sin acciones por parte del usuario, 1236, 368275, 1.0.45952, , ame, , 8D98A97281230631684595AE316C904D, CCA560C706EFB40FF949AF778500372FD789B24601B2C89F13CECC95C5D3E5BC
RiskWare.Keygen, D:\PROGRAMAS\EASEUS DATA RECOVERY WIZARD\KEYGEN.RAR, Sin acciones por parte del usuario, 2168, 966421, 1.0.45952, E77CBE9FF4B2C514F790B488, dds, 01467244, FD704B28D29485C2598D8BF146CA2B66, D71B85D995881C5991282B5D973C26FBBF99DD8A6D70BBF0C09A748B6F9D6D20
HackTool.FilePatch, D:\VIDEO, CONVERTIDORES, RIPPERS & DOWNLOADERS\1CLICK.DVD.COPY.PRO.V4.3.0.8.CRACKED-F4CG_2\1CLICK.DVD.COPY.PRO.V4.3.0.8.CRACKED-F4CG\PATCH.RAR, Sin acciones por parte del usuario, 7746, 281135, 1.0.45952, , ame, , ABEBE49AB32A2DF4F5774582834F6296, DC195435452BF1C8AF90A1C7441AA34E0C8549AA52569B2058969581520FDF1D
Generic.Malware/Suspicious, D:\WINTOOLS.NET.PREMIUM.V14.0.1.WINALL.INCL.KEYGEN-MAZE.RAR, Sin acciones por parte del usuario, 0, 392686, 1.0.45952, , shuriken, , EDE54F24262F2E24A03EBEB4539EED19, 5AED0CFF5C46CEE0BFCA3168365A84EA05086F731288E94B2A3D0CE6F05DFD4C

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)[Procesando: lucas-1986-1080p-bluray-bdrip-aac20-x264-apo (1).torrent...]()

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-10-08.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-15-2021
# Duration: 00:00:05
# OS:       Windows 7 Professional
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted       obkfjhifkbhimlocpddgamonjihinpak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3565 octets] - [29/09/2021 00:21:08]
AdwCleaner[C00].txt - [3091 octets] - [29/09/2021 00:23:27]
AdwCleaner[S01].txt - [3309 octets] - [30/09/2021 23:18:49]
AdwCleaner[C01].txt - [2676 octets] - [30/09/2021 23:31:15]
AdwCleaner[S02].txt - [2637 octets] - [03/10/2021 17:37:30]
AdwCleaner[C02].txt - [2785 octets] - [03/10/2021 17:38:14]
AdwCleaner[S03].txt - [2005 octets] - [06/10/2021 00:17:41]
AdwCleaner[C03].txt - [2267 octets] - [06/10/2021 00:18:00]
AdwCleaner[S04].txt - [1901 octets] - [06/10/2021 00:40:43]
AdwCleaner[S05].txt - [1962 octets] - [06/10/2021 00:41:15]
AdwCleaner[C05].txt - [2152 octets] - [06/10/2021 00:41:22]
AdwCleaner[S06].txt - [2112 octets] - [15/10/2021 20:46:13]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C06].txt ##########

Primero de todo disculpa que haya tardado en responder @T0rito. Pues últimamente voy con muy poco tiempo para el foro y es normal. Pero seguiremos el caso hasta el final.

Respecto Malwarebytes >> ha detectado varios Malwares y de tipos Muy Variados. Recuerda que las amenazas que este te detecte las pones en la Cuarentena. Es decir, no se deben de quedar en este estado:

Sin acciones por parte del usuario

Así que repites el análisis nuevamente y las mandas a la Cuarentena. Me traes el nuevo log.

Respecto al AdwCleaner >> ha detectado un Malware de tipo Adware. Y este ha sido erradicado correctamente.

Salu2.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 31/10/21
Hora del análisis: 17:42
Archivo de registro: d5d9ee20-3a9b-11ec-ae84-e89a8f397f50.json

-Información del software-
Versión: 4.4.9.142
Versión de los componentes: 1.0.1486
Versión del paquete de actualización: 1.0.46587
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: PedAngGV-PC\PedAngGV

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completed
Objetos analizados: 266662
Amenazas detectadas: 19
Amenazas en cuarentena: 19
Tiempo transcurrido: 53 min, 41 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 19
Generic.Malware/Suspicious, C:\USERS\PEDANGGV\DOWNLOADS\BURNAWARE.PROFESSIONAL-PREMIUM.V14.7.MULTILINGUAL.INCL.LOADER+PATCH\BURNAWARE.PROFESSIONAL-PREMIUM.V14.7.MULTILINGUAL.INCL.LOADER+PATCH\LOADER & PATCH-H HAYAT\BURNAWARE_PREMIUM+PRO_V14.X [X32]_LOADER & PATCH-H HAYAT\LOADER & PATCH\LOAD5.EXE, En cuarentena, 0, 392686, 1.0.46587, , shuriken, , 6EBAC911C79ADFB9785510D39FFDCCDA, 76BD4E6A8FC70EC52BE0A0157058E5D67CD29EC727E533D746F5831351FE6A47
MachineLearning/Anomalous.100%, C:\USERS\PEDANGGV\DOWNLOADS\CONVERTXTODV\PATCH     VSOCONVERTXTODVTUTORIALES PASTU.EXE, En cuarentena, 0, 392687, 1.0.46587, , shuriken, , 908600695AE4E6078B2DFA0BE5C12BA5, 2D92BFCC8E3BE1D3E5BACCCB55BA3A03A1AE0CCFC82629399C1ADEAFEC8A3944
RiskWare.HackTool, C:\USERS\PEDANGGV\DOWNLOADS\BURNAWARE.PROFESSIONAL-PREMIUM.V14.7.MULTILINGUAL.INCL.LOADER+PATCH\BURNAWARE.PROFESSIONAL-PREMIUM.V14.7.MULTILINGUAL.INCL.LOADER+PATCH\LOADER & PATCH-H HAYAT\BURNAWARE_PREMIUM+PRO_V14.X [X32]_LOADER & PATCH-H HAYAT\LOADER & PATCH\PATCH.EXE, En cuarentena, 7563, 915747, 1.0.46587, A11686FFD75253AFF0969C85, dds, 01490286, E6326A7CAF984BD7073C2E8AB832B269, 86CC7278577BB740316004A581F843C7CC030D411ED565D4B2382740631291E9
HackTool.FilePatch, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\YOUTUBE.BY.CLICK.2.2.143\YOUTUBE.BY.CLICK.2.2.143\PATCH-URET.RAR, En cuarentena, 7754, 281135, 1.0.46587, 5634695BFCDFE89C41AC08C2, dds, 01490286, DCF879E426FBBF28D22E367EAA9D8F5E, AD9A96E516A740FCD431F2B28B043EAAAB6162DEBE548B90019FCE65E84EF508
Malware.Heuristic.1008, C:\USERS\PEDANGGV\DOWNLOADS\CONVERTXTODV\PATCH     VSOCONVERTXTODVTUTORIALES PASTU.RAR, En cuarentena, 1000001, 0, 1.0.46587, 0000000000000000000003F0, dds, 01490286, 504B086F00EFA8847EB06A8A4C24A098, 4BF12A362DD21B17AD6955932DFD6AB4C8FB375B4A4EF2D55FD3660B9149ED6F
PUP.Optional.Progressive, C:\USERS\PEDANGGV\DOWNLOADS\COMPRESSED\WPI 2020 LITE V2\VIRTUAL CLONEDRIVE 5.5.2.0 FINAL.EXE, En cuarentena, 14672, 331677, 1.0.46587, 4ACB8071D6DEDF34FFAA867E, dds, 01490286, 079EAAA051FEC38AC720BFCC3023871A, 9DCCAE15EA71CFADD2B79EAA87948B7A2C430543E45D4032F0FD35FAE2C2574B
MachineLearning/Anomalous.100%, C:\USERS\PEDANGGV\DOWNLOADS\ZD SOFT SCREEN RECORDER 11.3.0.RAR, En cuarentena, 0, 392687, 1.0.46587, , shuriken, , A70BCD90E6D0473469A7350D090F7E22, C1EA7A703BA6A74455D3F3D275B98AE24BF88B8DEB7DA390A381FEA0BACE50FE
CrackTool.Agent, D:\DISEñO\PROGRAMS\AMTEMU.VIP.ZIP, En cuarentena, 6107, 445980, 1.0.46587, , ame, , 537F0CCFE4F9E543380CDB6C60ADAAA9, 380AC5D1B0BFAE78B89B0CEB4F7A3A7E7AF5C37A1CB646A772F482A872150C7D
RiskWare.Tool.CK, D:\PROGRAMAS\6 VOCES LOQUENDO ESPAñOL\CRACK OR PATCH.RAR, En cuarentena, 7514, 137428, 1.0.46587, 42D912A1CE1DBDC76E00023F, dds, 01490286, 333EA10DCF3371FF6B3604EFC7298175, 59BC3E5CE1734C041E06B97BA382B77D740A88CC082240D859BA2AE3F14A57CC
RiskWare.Keygen, D:\PROGRAMAS\EASEUS DATA RECOVERY WIZARD\KEYGEN.RAR, En cuarentena, 2169, 966421, 1.0.46587, E77CBE9FF4B2C514F790B488, dds, 01490286, FD704B28D29485C2598D8BF146CA2B66, D71B85D995881C5991282B5D973C26FBBF99DD8A6D70BBF0C09A748B6F9D6D20
RiskWare.Crack, D:\PROGRAMAS\IDM - CRACK\IDM_6.3X_CRACK_V17.7.RAR, En cuarentena, 7836, 686650, 1.0.46587, , ame, , 308D8AC8227543A09AFB86F648493844, CD0B37244A5C55837644462EE7AFECAD03AC14124886100549B8507C11369A83
PUP.Optional.AdvancedSystemRepair, D:\PROGRAMAS\ADVANCED SYSTEM REPAIR PRO 1.9.4.1 INCL KEY [CRACKINGPATCHING].ZIP, En cuarentena, 561, 977781, 1.0.46587, , ame, , FBA514CB30A8983849AAEE88B8769126, 0332430A6EBFAD962C163E449972BBDD1FCB5B6C3FDC0FA7129BAB119051878D
RiskWare.Keygen, D:\PROGRAMAS\WINRAR_KEYGEN_V1.9_BY_DFOX.RAR, En cuarentena, 2169, 749643, 1.0.46587, 7F2F6F413D513566FE477444, dds, 01490286, 72B3809196906D9DB3C5CD3534200DDB, B707812445D41DC2D2488DE45F3679CAA6AC3B90E989040450B3354CD89AA05C
PUP.Optional.DriverIdentifier, D:\PROGRAMAS\DRIVERS & FRAMEWORK 4.6 [LENOVO 470]\DRIVERIDENTIFIER_SETUP.EXE, En cuarentena, 1237, 368275, 1.0.46587, , ame, , 8D98A97281230631684595AE316C904D, CCA560C706EFB40FF949AF778500372FD789B24601B2C89F13CECC95C5D3E5BC
RiskWare.Crack, D:\PROGRAMAS\IDM - CRACK\IDM_6.3X_CRACK_V17.7\IDM_6.3X_CRACK_V17.7.EXE, En cuarentena, 7836, 686650, 1.0.46587, , ame, , A85D88FDA20C20BC5D586F5D32EF8F82, 4CDAE20EBCCA6DB5024C9F1055AD14785DAE8F3DFCFA60E1BBBF13E4609C6C17
RiskWare.Tool.CK, D:\PROGRAMAS\ESET NOD32 V.8 X64 ESPAñOL, WINDOWS 7,8,8.1,10\ESET NOD32 V8 ACTIVADOR.RAR, En cuarentena, 7514, 31949, 1.0.46587, 54830BFCA5BE403C33B79441, dds, 01490286, D700E6A96278383E8AE00B6D87D87647, 97CE8F7C65E595B508E130024959F99E02C51A6C53BF8D8941DED8838970CA15
Spyware.PasswordStealer, D:\PROGRAMAS\POWERISO.7.8.MULTILINGUAL.INC.KEYGEN.X64.RAR, En cuarentena, 555, 835056, 1.0.46587, 194F5D13FCC9CBD428D4B61E, dds, 01490286, 5EE470EF408976253E756FAF1EB95917, 6E912CC14C441406ED68DED832E0C50F5DAF27ED2CF19554F2C4C3CF00445F53
HackTool.FilePatch, D:\VIDEO, CONVERTIDORES, RIPPERS & DOWNLOADERS\1CLICK.DVD.COPY.PRO.V4.3.0.8.CRACKED-F4CG_2\1CLICK.DVD.COPY.PRO.V4.3.0.8.CRACKED-F4CG\PATCH.RAR, En cuarentena, 7754, 281135, 1.0.46587, , ame, , ABEBE49AB32A2DF4F5774582834F6296, DC195435452BF1C8AF90A1C7441AA34E0C8549AA52569B2058969581520FDF1D
Generic.Malware/Suspicious, D:\WINTOOLS.NET.PREMIUM.V14.0.1.WINALL.INCL.KEYGEN-MAZE.RAR, En cuarentena, 0, 392686, 1.0.46587, , shuriken, , EDE54F24262F2E24A03EBEB4539EED19, 5AED0CFF5C46CEE0BFCA3168365A84EA05086F731288E94B2A3D0CE6F05DFD4C

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Primero de todo disculpa que haya tardado en responder @T0rito. Pues últimamente voy con muy poco tiempo para el foro y es normal. Pero seguiremos el caso hasta el final.

Respecto al Malwarebytes >> ha detectado varios tipos de malware, no obstante estos ya han sido erradicados.

Para tu siguiente respuesta comentas el estado en general del ordenador respecto al problema inicial planteado.

Salu2.

Hola, buenas @T0rito

¿Pudiste realizar algún avance?

Salu2.

Si muchas gracias, ya todo marcha muy bien, sin ninguna ventana emergente que se abra.

Primero de todo disculpa que haya tardado en responder @T0rito. Pues últimamente voy con muy poco tiempo para el foro y es normal. Pero seguiremos el caso hasta el final.

OK, perfecto :1:

De todas formas quiero darle una revisada profunda, pues no sé por qué tengo la sensación de que aún queda algún rastro de Adware. Así que lo descartaremos y ya esta.

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 24-11-2021
Ejecutado por PedAngGV (administrador) sobre PEDANGGV-PC (LENOVO IdeaPad Z470) (25-11-2021 17:04:13)
Ejecutado desde C:\Users\PedAngGV\Downloads
Perfiles cargados: PedAngGV
Plataforma: Microsoft Windows 7 Professional  Service Pack 1 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(ARCAI -> ) C:\Program Files (x86)\arcai.com\netcut_windows.exe
(ARCAI -> Arcai.com) C:\Program Files (x86)\arcai.com\aips.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <41>
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) [Archivo no firmado] C:\Windows\explorer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe" (Ningún archivo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9770432 2021-11-13] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5940128 2021-11-13] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390904 2021-11-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2021-11-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [C17A] => C:\Windows\twain_32\Brimc17a\Common\TwDsUiLaunch.exe [103344 2019-12-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Winlogon: [Shell] C:\Windows\explorer.exe [2872320 2010-11-21] (Microsoft Corporation) [Archivo no firmado]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Ningún archivo)
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Ningún archivo)
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\MountPoints2: F - F:\WPI.exe
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\MountPoints2: G - G:\WPI.exe
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\MountPoints2: {272f5257-1bf0-11ec-8816-8ca9827a74f4} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\MountPoints2: {f370e32c-19c5-11ec-bd61-8ca9827a74f4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\MountPoints2: {f370e343-19c5-11ec-bd61-8ca9827a74f4} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\MountPoints2: {f370e347-19c5-11ec-bd61-8ca9827a74f4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Print\Monitors\iSkysoft PDF Editor Monitor: C:\Windows\system32\iSkyMonitor.dll [112840 2017-04-11] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-19] (Google LLC -> Google LLC)
IFEO\CompatTelRunner.exe: [Debugger] %windir%\System32\taskkill.exe
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restricción ? <==== ATENCIÓN
GroupPolicy\User: Restricción ? <==== ATENCIÓN
Policies: C:\Users\PedAngGV\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {311BCD97-D662-429A-AEFE-5C25CFFE5E9D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158592 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CF6F764-030C-4A1F-B2B9-BEE126A9CD63} - System32\Tasks\Driver Booster SkipUAC (PedAngGV) => C:\Program Files (x86)\IObit\Driver Booster\8.4.0\DriverBooster.exe [8243224 2021-11-06] (IObit CO., LTD -> IObit) [Archivo no firmado]
Task: {492880D2-ED45-4C1B-AF43-31FAC8026900} - System32\Tasks\DriverHubUACDisablingTask => C:\Program Files\Easy Context Menu\Files\DELTA\ToolsDrivers\DriverHub\DriverHub.exe [6750880 2019-04-09] (ROSTPEI LTD -> ROSTPAY LTD)
Task: {4C3EEF04-D3A3-4476-857D-70B1D496AEF6} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1264854543-508359185-2951099918-1000 => C:\Users\PedAngGV\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (Ningún archivo)
Task: {68297E9B-D045-44C1-886F-637061091CFB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24613280 2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {85E5E356-5D6D-4510-9FDB-A63D638883A0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24613280 2021-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {A538B095-00BC-4E26-A8D4-9A7EA800E74D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (Ningún archivo)
Task: {B0215B27-B2CA-4684-8F7D-7D6CC259E6F1} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (Ningún archivo)
Task: {BE77DB19-B200-4791-9296-3D8F5B49007A} - System32\Tasks\CCleanerSkipUAC - PedAngGV => C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (Ningún archivo)
Task: {CABD02A9-BCFF-422D-98B6-26753EC32A02} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158592 2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC921927-F3F2-41C6-8F51-4348D159FCDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-09-09] (Google LLC -> Google LLC)
Task: {E5B5ECBA-4FB2-48BA-93F0-A1B1F2512F66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-09-09] (Google LLC -> Google LLC)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.48.225.130 200.48.225.146
Tcpip\..\Interfaces\{3AF5B8F7-2A3B-4BF5-A88C-DA1D5483661D}: [DhcpNameServer] 200.48.225.130 200.48.225.146
Tcpip\..\Interfaces\{427D5DDB-F289-45BB-9337-85E89A33034C}: [DhcpNameServer] 200.48.225.130 200.48.225.146

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default [2021-11-25]
CHR Notifications: Default -> hxxps://www.olx.com.co; hxxps://www19.nathanaeldan.pro; hxxps://www55.elbaestes.pro
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Extension: (Presentaciones) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-06]
CHR Extension: (Documentos) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-06]
CHR Extension: (Google Drive) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-09]
CHR Extension: (YouTube) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-09]
CHR Extension: (Sin Nombre) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-25]
CHR Extension: (uBlock Origin) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-26]
CHR Extension: (Hojas de cálculo) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-06]
CHR Extension: (NeptunesMp3) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\geabdikdbhffddmfmdncbdpigpagpnca [2021-09-09]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-15]
CHR Extension: (Speed ​​Dial 2 Nueva pestaña) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2021-10-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-09]
CHR Extension: (Gmail) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-09]
CHR Profile: C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-20]
CHR Profile: C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-20]
CHR Extension: (Presentaciones) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-15]
CHR Extension: (Documentos) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-15]
CHR Extension: (Google Drive) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-15]
CHR Extension: (YouTube) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-15]
CHR Extension: (Hojas de cálculo) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-15]
CHR Extension: (IDM Integration Module) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-10-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-15]
CHR Extension: (Gmail) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-15]
CHR Profile: C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-11-25]
CHR Extension: (Presentaciones) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-23]
CHR Extension: (Documentos) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-23]
CHR Extension: (Google Drive) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-23]
CHR Extension: (YouTube) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-23]
CHR Extension: (Hojas de cálculo) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-23]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-23]
CHR Extension: (Gmail) - C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-23]
CHR Profile: C:\Users\PedAngGV\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-25]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AIPS; C:\Program Files (x86)\arcai.com\aips.exe [1846560 2021-09-28] (ARCAI -> Arcai.com)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [298496 2017-12-05] (Brother Industries, Ltd.) [Archivo no firmado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137400 2021-10-25] (Microsoft Corporation -> Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [152000 2021-03-05] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-02] (Huawei Technologies Co., Ltd. -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2018-04-18] (Microsoft Corporation) [Archivo no firmado]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1087616 2014-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
U4 dcpsvc; no ImagePath
U4 DiagTrack; no ImagePath
U4 dmwappushservice; no ImagePath
U4 ekrn; no ImagePath
S3 NPF; system32\drivers\NPF.sys [X]
U5 WinDefend; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-11-25 17:04 - 2021-11-25 17:04 - 000018150 _____ C:\Users\PedAngGV\Downloads\FRST.txt
2021-11-25 17:03 - 2021-11-25 17:04 - 000000000 ____D C:\FRST
2021-11-25 17:02 - 2021-11-25 17:02 - 002311680 _____ (Farbar) C:\Users\PedAngGV\Downloads\FRST64.exe
2021-11-25 16:39 - 2021-11-25 16:39 - 010690560 _____ (Tonec Inc.) C:\Users\PedAngGV\Downloads\idman639build8.exe
2021-11-24 17:21 - 2021-11-25 16:40 - 000000000 ____D C:\ProgramData\AnyDesk
2021-11-24 17:19 - 2021-11-25 16:40 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\AnyDesk
2021-11-22 01:03 - 2021-11-22 01:03 - 000189381 _____ C:\Users\PedAngGV\Downloads\Hacker.2018.HDRip.XviD.AC3-EVO - Inglés.srt
2021-11-20 00:21 - 2021-11-20 00:21 - 000000000 _____ C:\Users\PedAngGV\Desktop\Papel Obra.txt
2021-11-19 23:59 - 2021-11-19 23:59 - 000000000 ____D C:\Users\PedAngGV\Documents\My Palettes
2021-11-19 10:21 - 2021-11-19 10:21 - 000007109 _____ C:\Users\PedAngGV\Documents\Sin título-1.cdr
2021-11-19 01:31 - 2021-11-19 23:59 - 000000000 ____D C:\Users\PedAngGV\Documents\Corel
2021-11-19 01:31 - 2021-11-19 01:31 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\Corel
2021-11-18 19:15 - 2021-11-18 19:15 - 000000000 ____D C:\Users\PedAngGV\Downloads\Crack_office_2019x86
2021-11-18 19:15 - 2020-07-25 15:10 - 000207949 _____ C:\Users\PedAngGV\Downloads\Crack_office_2019x86.exe
2021-11-18 19:10 - 2021-11-18 19:10 - 000000000 ____D C:\Users\PedAngGV\Downloads\Nero 2020 Micro Lite 22.0.1004
2021-11-18 19:10 - 2019-09-28 16:47 - 040976656 _____ (SolidShare TEAM) C:\Users\PedAngGV\Downloads\Nero 2020 Micro Lite 22.0.1004.exe
2021-11-18 19:00 - 2021-11-18 19:00 - 002050672 _____ C:\Users\PedAngGV\Downloads\SFXMaker_1.3.1_Final.rar
2021-11-18 19:00 - 2021-11-18 19:00 - 000000000 ____D C:\Users\PedAngGV\Downloads\SFXMaker_1.3.1_Final
2021-11-18 17:53 - 2021-11-18 19:09 - 000000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2021-11-18 17:48 - 2021-11-18 17:48 - 000000000 ____D C:\Users\PedAngGV\Downloads\CDX7 (64 Bits) PC R&S SOLUTION
2021-11-18 17:47 - 2021-11-18 17:47 - 473600249 _____ C:\Users\PedAngGV\Downloads\CDX7 (64 Bits) PC R&S SOLUTION.rar
2021-11-16 20:27 - 2021-11-16 20:27 - 000001231 _____ C:\Users\Public\Desktop\Advanced SystemCare.lnk
2021-11-16 20:27 - 2021-11-16 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2021-11-16 19:45 - 2021-11-16 19:45 - 000041898 _____ C:\Users\PedAngGV\Downloads\Windows-Post-Install-Plus-www.Spek-Regg.com-V3.iso.torrent
2021-11-16 19:38 - 2021-11-16 19:38 - 000000296 _____ C:\Users\PedAngGV\Downloads\comandos.txt
2021-11-15 20:29 - 2021-11-15 20:29 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-11-15 20:29 - 2021-11-15 20:29 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-11-15 20:29 - 2021-11-15 20:29 - 000002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-11-15 20:29 - 2021-11-15 20:29 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-11-15 20:29 - 2021-11-15 20:29 - 000002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-11-15 20:29 - 2021-11-15 20:29 - 000002330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-11-15 20:29 - 2021-11-15 20:29 - 000002326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-11-15 20:29 - 2021-11-15 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2021-11-15 20:27 - 2021-11-15 20:28 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-15 20:27 - 2021-11-15 20:27 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-11-15 20:18 - 2021-11-15 20:28 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-15 20:18 - 2021-11-15 20:18 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-11-13 23:34 - 2021-11-13 23:34 - 001121128 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2021-11-13 23:34 - 2021-11-13 23:34 - 000131384 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 033399859 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2021-11-13 23:33 - 2021-11-13 23:33 - 006886992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2021-11-13 23:33 - 2021-11-13 23:33 - 003753024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 003676960 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2021-11-13 23:33 - 2021-11-13 23:33 - 003445632 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 003340296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 003168280 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 003159664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 002930040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 001382128 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 001353208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 001110064 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000873352 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000692056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000392760 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000343600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000327160 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000327160 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000220280 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000192872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000158584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000122208 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000116432 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000093792 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000075432 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2021-11-13 23:33 - 2021-11-13 23:33 - 000023584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2021-11-10 20:43 - 2021-11-10 20:43 - 000196409 _____ C:\Users\PedAngGV\Downloads\domina-css-creatividad-web-design-and-ux-path-de-linkedin-2021.torrent
2021-11-09 22:22 - 2021-11-09 22:22 - 000001338 _____ C:\Users\Public\Desktop\Music Search MP3.lnk
2021-11-09 22:22 - 2021-11-09 22:22 - 000001194 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2021-11-09 22:22 - 2021-11-09 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2021-11-09 22:22 - 2017-11-09 12:58 - 000440320 _____ (Dart Communications) C:\Windows\SysWOW64\DartSock.dll
2021-11-09 22:22 - 2017-11-09 12:58 - 000401408 _____ (Dart Communications) C:\Windows\SysWOW64\DartSecure2.dll
2021-11-09 22:22 - 2017-11-09 12:58 - 000249856 _____ (Dart Communications) C:\Windows\SysWOW64\DartCertificate.dll
2021-11-09 22:22 - 2008-08-18 19:18 - 000077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2021-11-09 22:20 - 2021-11-09 22:20 - 000984256 _____ () C:\Users\PedAngGV\Downloads\aTube_Catcher_v1.08.00.651.52.exe
2021-11-08 00:00 - 2021-11-08 00:00 - 000000000 ____D C:\Users\PedAngGV\Downloads\Programas 1.1
2021-11-07 23:57 - 2021-11-07 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2021-11-07 23:57 - 2021-11-07 23:57 - 000000000 ____D C:\Program Files (x86)\qBittorrent
2021-11-07 23:32 - 2021-11-07 23:32 - 000142479 _____ C:\Users\PedAngGV\Downloads\the-sisters-brothers-2018-1080p-bluray-aac-20-ac3-dd-51-x264-dp.torrent
2021-11-06 20:44 - 2021-11-06 20:44 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\WinRAR
2021-11-06 20:43 - 2021-11-20 01:07 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-11-06 20:43 - 2021-11-20 01:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-11-06 20:43 - 2021-11-20 01:07 - 000000000 ____D C:\Program Files (x86)\Winrar
2021-11-06 20:07 - 2021-11-06 20:07 - 000001067 _____ C:\Users\PedAngGV\Desktop\Adobe Photoshop.lnk
2021-11-06 20:07 - 2021-11-06 20:07 - 000000000 ____D C:\Program Files (x86)\ADOBE PHOTOSHOP
2021-11-06 19:54 - 2021-11-06 19:54 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\Skype
2021-11-06 19:53 - 2021-11-09 22:22 - 000000000 ____D C:\Program Files (x86)\DsNET Corp
2021-11-06 19:53 - 2021-11-06 20:43 - 000000749 _____ C:\Users\PedAngGV\Desktop\Ventoy USB.lnk
2021-11-06 19:53 - 2021-11-06 19:53 - 000000000 ____D C:\Programas
2021-11-06 14:04 - 2021-11-16 20:15 - 000000000 ____D C:\Program Files (x86)\IObit
2021-11-06 14:04 - 2021-11-13 23:44 - 000002860 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (PedAngGV)
2021-11-06 14:04 - 2021-11-13 23:31 - 000000000 ____D C:\ProgramData\ProductData
2021-11-06 14:04 - 2021-11-06 14:05 - 000000000 ____D C:\ProgramData\IObit
2021-11-06 14:04 - 2021-11-06 14:04 - 000002316 _____ C:\Users\Public\Desktop\Driver Booster 8.lnk
2021-11-06 14:04 - 2021-11-06 14:04 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\IObit
2021-11-06 14:04 - 2021-11-06 14:04 - 000000000 ____D C:\Users\PedAngGV\AppData\LocalLow\IObit
2021-11-06 14:04 - 2021-11-06 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8
2021-11-06 13:38 - 2021-11-20 01:06 - 000000000 ____D C:\Users\PedAngGV\Documents\Archivos de Outlook
2021-11-05 18:05 - 2021-11-06 12:40 - 000002350 _____ C:\Users\PedAngGV\Documents\Configurar Correo cPanel en Outlook de Office 365.txt
2021-11-05 17:38 - 2021-11-05 17:56 - 000004127 _____ C:\Users\PedAngGV\Documents\10 Recomendaciones para seleccionar el nombre de dominio adecuado.txt
2021-11-05 02:30 - 2021-11-05 02:30 - 000001456 _____ C:\Users\PedAngGV\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2021-11-04 23:55 - 2021-11-04 23:56 - 000000080 _____ C:\Users\PedAngGV\Documents\Crear siguientes posts en BLOG.txt
2021-11-04 17:28 - 2021-11-04 21:32 - 000015564 _____ C:\Users\PedAngGV\Documents\Cómo elijo el mejor plugin de seguridad para WordPress.txt
2021-11-04 12:58 - 2021-11-04 14:17 - 000005237 _____ C:\Users\PedAngGV\Documents\7 CONSEJOS PARA EL DESARROLLADOR WEB.txt
2021-11-03 19:38 - 2021-11-03 19:38 - 000008986 _____ C:\WPI_Log_2021.11.03_19.38.04.txt
2021-11-03 19:36 - 2021-11-20 00:24 - 000000000 ____D C:\Program Files\CCleaner
2021-11-03 19:36 - 2021-11-04 00:30 - 000000983 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-03 19:36 - 2021-11-03 19:36 - 000009838 _____ C:\WPI_Log_2021.11.03_19.36.33.txt
2021-11-03 19:36 - 2021-11-03 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-10-31 22:44 - 2021-10-31 22:44 - 000000000 ____D C:\Program Files\ESET Online Scanner
2021-10-31 22:39 - 2021-10-31 22:39 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\Hard Disk Sentinel
2021-10-31 18:55 - 2021-10-31 18:55 - 000006878 _____ C:\Users\PedAngGV\Desktop\Malwarebytes 31-10-2021.txt
2021-10-27 01:53 - 2021-10-27 01:56 - 000000000 ____D C:\Program Files (x86)\Burrrn
2021-10-27 01:53 - 2021-10-27 01:53 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Burrrn
2021-10-27 01:53 - 2021-10-27 01:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burrrn
2021-10-27 01:46 - 2021-10-27 01:47 - 000000049 _____ C:\Users\PedAngGV\Desktop\Nombre del DVD.txt
2021-10-27 01:31 - 2021-10-31 22:37 - 000000000 ____D C:\ProgramData\VSO
2021-10-27 01:31 - 2021-10-31 17:39 - 000099384 _____ C:\Users\PedAngGV\AppData\Roaming\inst.exe
2021-10-27 01:31 - 2021-10-31 17:39 - 000082816 _____ (VSO Software) C:\Users\PedAngGV\AppData\Roaming\pcouffin.sys
2021-10-27 01:31 - 2021-10-31 17:39 - 000007859 _____ C:\Users\PedAngGV\AppData\Roaming\pcouffin.cat
2021-10-27 01:31 - 2021-10-31 17:39 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\VSO
2021-10-27 01:31 - 2021-10-31 17:39 - 000000000 ____D C:\Program Files (x86)\VSO
2021-10-26 20:24 - 2021-10-26 20:24 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\Nero
2021-10-26 17:38 - 2021-10-26 17:38 - 000001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\By Click Downloader.lnk
2021-10-26 17:38 - 2021-10-26 17:38 - 000001083 _____ C:\Users\Public\Desktop\By Click Downloader.lnk
2021-10-26 17:38 - 2021-10-26 17:38 - 000000000 ____D C:\Program Files (x86)\By Click Downloader
2021-10-26 17:34 - 2021-10-26 17:53 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\YouTubeByClick
2021-10-26 17:34 - 2021-10-26 17:34 - 000002773 _____ C:\Users\Public\Desktop\Nero Express.lnk
2021-10-26 17:34 - 2021-10-26 17:34 - 000002773 _____ C:\Users\Public\Desktop\Nero Burning ROM.lnk
2021-10-26 17:34 - 2021-10-26 17:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2020
2021-10-26 17:33 - 2021-11-20 00:39 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\AIMP
2021-10-26 17:33 - 2021-11-11 16:04 - 000000000 ____D C:\Program Files (x86)\AIMP
2021-10-26 17:33 - 2021-10-26 17:34 - 000000000 ____D C:\Program Files (x86)\Nero
2021-10-26 17:33 - 2021-10-26 17:33 - 000000901 _____ C:\Users\Public\Desktop\AIMP.lnk
2021-10-26 17:33 - 2021-10-26 17:33 - 000000000 ____D C:\ProgramData\Nero
2021-10-26 17:33 - 2021-10-26 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2021-10-26 17:33 - 2021-10-26 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2021-10-26 17:32 - 2021-11-16 20:27 - 000010152 _____ C:\WPI_Log.txt
2021-10-26 17:32 - 2021-10-26 17:39 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\ByClick
2021-10-26 17:32 - 2021-10-26 17:32 - 000000000 ____D C:\ProgramData\Caphyon

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-11-25 17:01 - 2021-09-09 02:45 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\qBittorrent
2021-11-25 16:56 - 2009-07-13 23:45 - 000022928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-11-25 16:56 - 2009-07-13 23:45 - 000022928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-11-25 16:49 - 2010-11-21 02:09 - 000758570 _____ C:\Windows\system32\perfh00A.dat
2021-11-25 16:49 - 2010-11-21 02:09 - 000162666 _____ C:\Windows\system32\perfc00A.dat
2021-11-25 16:49 - 2009-07-14 00:13 - 001702962 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-25 16:49 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2021-11-25 16:45 - 2021-09-09 01:22 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-25 16:42 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-23 22:10 - 2021-09-09 23:28 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\WhatsApp
2021-11-23 21:52 - 2021-09-27 19:40 - 000000000 ____D C:\Users\PedAngGV\Downloads\Compressed
2021-11-22 00:54 - 2021-09-09 01:35 - 000000000 ___RD C:\Users\PedAngGV\OneDrive
2021-11-21 18:32 - 2021-09-12 18:04 - 000002151 _____ C:\Users\PedAngGV\Desktop\Youtube URLS.txt
2021-11-21 17:25 - 2021-09-09 01:32 - 005055208 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-20 01:07 - 2021-09-27 20:08 - 000001025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-11-20 01:07 - 2021-09-27 20:08 - 000001013 _____ C:\Users\Public\Desktop\Audacity.lnk
2021-11-20 01:07 - 2021-09-27 20:07 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-11-19 19:41 - 2021-09-09 01:23 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-19 19:41 - 2021-09-09 01:23 - 000002171 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-19 10:19 - 2021-09-24 02:14 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\Thinstall
2021-11-18 12:35 - 2021-09-18 20:28 - 000003186 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1264854543-508359185-2951099918-1000
2021-11-18 12:35 - 2021-09-09 01:35 - 000002167 _____ C:\Users\PedAngGV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2021-11-16 01:50 - 2021-09-15 02:35 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\vlc
2021-11-16 01:49 - 2010-11-21 02:20 - 000000000 ___RD C:\Users\Public\Recorded TV
2021-11-15 20:28 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2021-11-15 20:17 - 2021-10-25 23:25 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\GlarySoft
2021-11-13 23:34 - 2021-09-09 01:57 - 000127368 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2021-11-13 23:33 - 2021-09-09 01:04 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2021-11-13 07:46 - 2021-09-12 18:16 - 000039008 _____ (Lenovo.) C:\Windows\system32\Drivers\LhdX64.sys
2021-11-13 07:46 - 2021-09-12 18:16 - 000019872 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoSDKEmSubSystem.dll
2021-11-13 07:46 - 2021-09-12 18:16 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-11-13 07:46 - 2021-09-12 18:16 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-11-09 22:38 - 2021-10-16 23:08 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\spek
2021-11-09 12:27 - 2021-09-09 01:48 - 000000000 ____D C:\Program Files\WinRAR
2021-11-07 22:48 - 2021-09-24 02:40 - 000000132 _____ C:\Users\PedAngGV\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2021-11-06 20:08 - 2021-09-09 01:46 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\Adobe
2021-11-04 14:36 - 2021-09-12 22:30 - 000000000 ____D C:\Users\PedAngGV\AppData\Local\Adobe
2021-11-03 19:47 - 2021-10-20 18:47 - 000001209 _____ C:\Users\PedAngGV\Downloads\LostNFoundP4zz 1.1.txt
2021-10-31 22:44 - 2021-10-04 13:05 - 000001182 _____ C:\Users\PedAngGV\Desktop\ESET Online Scanner.lnk
2021-10-31 22:36 - 2021-10-22 20:20 - 000000039 _____ C:\Users\PedAngGV\Desktop\Office 365.txt
2021-10-30 21:12 - 2021-09-27 19:40 - 000000000 ____D C:\Users\PedAngGV\Downloads\Video
2021-10-29 18:09 - 2021-09-09 23:28 - 000000000 ____D C:\Users\PedAngGV\AppData\Local\WhatsApp
2021-10-26 18:59 - 2021-09-27 20:08 - 000000000 ____D C:\Users\PedAngGV\AppData\Roaming\audacity
2021-10-26 00:49 - 2021-09-09 01:40 - 000000000 ____D C:\Users\PedAngGV
2021-10-26 00:48 - 2021-10-20 18:39 - 000000000 ____D C:\Program Files\deemix-gui
2021-10-26 00:48 - 2021-09-15 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2021-10-26 00:48 - 2021-09-15 03:13 - 000000000 ____D C:\Program Files\MKVToolNix
2021-10-26 00:48 - 2021-09-09 02:13 - 000000000 ____D C:\ProgramData\PDF Editor 6 Pro
2021-10-26 00:47 - 2021-10-17 18:03 - 000000000 ____D C:\Users\PedAngGV\AppData\Local\Package Cache
2021-10-26 00:47 - 2021-09-12 18:04 - 000000000 ____D C:\Users\PedAngGV\AppData\Local\ElevatedDiagnostics
2021-10-26 00:47 - 2021-09-09 02:14 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-26 00:47 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration

==================== Archivos en la raíz de algunos directorios ========

2020-09-30 05:49 - 2020-09-30 05:49 - 012329304 ___SH (AIMP DevTeam) C:\Program Files (x86)\Common Files\~oxtcmba.tmp
2020-09-26 09:51 - 2020-09-23 05:52 - 024568520 ___SH (Piriform Software Ltd) C:\Program Files (x86)\Common Files\~wvegkgo.tmp
2021-01-13 12:58 - 2021-01-13 12:58 - 019200276 ___SH (Piriform Software Ltd                                       ) C:\Program Files (x86)\Common Files\~xvoydsq.tmp
2021-10-27 01:31 - 2021-10-31 17:39 - 000099384 _____ () C:\Users\PedAngGV\AppData\Roaming\inst.exe
2021-09-13 17:22 - 2021-09-13 17:22 - 000000000 _____ () C:\Users\PedAngGV\AppData\Roaming\kgegetk.dat
2021-10-27 01:31 - 2021-10-31 17:39 - 000007859 _____ () C:\Users\PedAngGV\AppData\Roaming\pcouffin.cat
2021-10-27 01:31 - 2021-10-31 17:39 - 000001167 _____ () C:\Users\PedAngGV\AppData\Roaming\pcouffin.inf
2021-10-27 01:31 - 2021-10-31 17:39 - 000000055 _____ () C:\Users\PedAngGV\AppData\Roaming\pcouffin.log
2021-10-27 01:31 - 2021-10-31 17:39 - 000082816 _____ (VSO Software) C:\Users\PedAngGV\AppData\Roaming\pcouffin.sys
2021-09-24 02:40 - 2021-11-07 22:48 - 000000132 _____ () C:\Users\PedAngGV\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2021-11-05 02:30 - 2021-11-05 02:30 - 000001456 _____ () C:\Users\PedAngGV\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2021-09-09 01:41 - 2021-09-09 01:46 - 000001651 _____ () C:\Users\PedAngGV\AppData\Local\~libmxlh.tmp

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

C:\Windows\explorer.exe
[2010-11-20 22:24] - [2010-11-21 05:24] - 002872320 _____ (Microsoft Corporation) 602429CC24E3FCF6B8E08C2A787AE3BE


BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== restaurado correctamente

LastRegBack: 2021-11-19 22:46
==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 24-11-2021
Ejecutado por PedAngGV (25-11-2021 17:05:17)
Ejecutado desde C:\Users\PedAngGV\Downloads
Microsoft Windows 7 Professional  Service Pack 1 (X64) (2021-09-09 06:40:39)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-1264854543-508359185-2951099918-500 - Administrator - Disabled)
Invitado (S-1-5-21-1264854543-508359185-2951099918-501 - Limited - Disabled)
PedAngGV (S-1-5-21-1264854543-508359185-2951099918-1000 - Administrator - Enabled) => C:\Users\PedAngGV

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 14.3.0 - IObit)
AIMP (HKLM-x32\...\AIMP) (Version: v5.00.2344, 09.11.2021 - AIMP DevTeam)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.4 - AnyDesk Software GmbH)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 3.1.2 (HKLM-x32\...\Audacity_is1) (Version: 3.1.2 - Audacity Team)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
BrLauncher (HKLM-x32\...\{88FCD471-DBBF-4A75-8066-ACACE05DE3CF}) (Version: 2.0.14.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{79262B43-9E15-4732-A034-BFD29D9BD077}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{815D4CF3-0244-4142-98F8-51E5C7442DB7}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{01A1E3D8-E030-4A0B-B91E-4E1E8E1E02D3}) (Version: 1.0.23.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{D0F69DE9-EE0B-4A7A-8248-6D5EC97D171C}) (Version: 1.0.23.0 - Brother Industries Ltd.) Hidden
By Click Downloader (HKLM-x32\...\{2EF15FDE-9AD1-49E5-906F-04165AF6E0C1}) (Version: 2.3.17 - ByClick) Hidden
By Click Downloader (HKLM-x32\...\By Click Downloader 2.3.17) (Version: 2.3.17 - ByClick)
CCleaner (HKLM-x32\...\CCleaner Technician_is1) (Version: 5.76.8269 - Piriform Software Ltd)
ControlCenter4 (HKLM-x32\...\{CAFE5834-5440-41B8-8C56-4DD946A1A5E1}) (Version: 4.6.21.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Driver Booster 8 (HKLM-x32\...\Driver Booster_is1) (Version: 8.4.0 - IObit)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version:  - )
FFmpeg (Windows) for Audacity versión 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.550 - Huawei Technologies Co., Ltd.)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
iSkysoft PDF Editor 6 Pro(Build 6.3.3) (HKLM-x32\...\{6018D2AA-9F85-41A6-8F2D-9D9528555457}_is1) (Version: 6.3.3.2782 - iSkysoft Studio)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
MediaInfo 21.03 (HKLM\...\MediaInfo) (Version: 21.03 - MediaArea.net)
Microsoft .NET Framework 4.8 (ESN) (HKLM\...\{005D18A8-12ED-3D43-B183-F4CE22BDD547}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.04331 - Microsoft Corporation)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.12527.22060 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM-x32\...\ProPlusRetail - es-es) (Version: 16.0.11601.20178 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.29917 (HKLM\...\{E81E55D9-90EF-4123-B1B9-033E296772FD}) (Version: 14.29.29917 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.29917 (HKLM\...\{5FD9933E-9C5E-48E5-AED3-5CB9C39DAB0E}) (Version: 14.29.29917 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.29917 (HKLM-x32\...\{FCC30AAF-0D27-403D-AA35-5C6D94D682B6}) (Version: 14.29.29917 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.29917 (HKLM-x32\...\{FF8C8F7D-1BDA-4D1D-92CF-C756A2722C1B}) (Version: 14.29.29917 - Microsoft Corporation)
MKVToolNix 62.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 62.0.0 - Moritz Bunkus)
Nero 2020 (HKLM-x32\...\{C123715D-F79F-47AE-8486-16FAC0C276E1}) (Version: 22.0.00900 - Nero AG)
Nero Core (HKLM-x32\...\{E522C6B9-F714-49E9-915D-BC8918E071A5}) (Version: 2.0.04400 - Nero AG)
netcut version 3.0.159 (HKLM-x32\...\{6BE5152F-0885-4AA5-8385-4AD2D8472C71}_is1) (Version: 3.0.159 - arcai.com)
NetworkRepairTool (HKLM-x32\...\{96CEE8C3-B934-48A4-ADA6-91B7CE8A5002}) (Version: 1.2.17.0 - Brother Industries, Ltd.) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12527.22060 - Microsoft Corporation) Hidden
Paquete de controladores de Windows - Intel (NETwNs64) net  (04/30/2015 15.11.0.9) (HKLM\...\3A0A5AE912CC81290DB2E472F7DC4CF387C36211) (Version: 04/30/2015 15.11.0.9 - Intel)
Paquete de controladores de Windows - Intel (NETwNs64) net  (04/30/2015 15.17.0.1) (HKLM\...\6215B44C20BCFEEA55D04A5A510C7994E3C7E28F) (Version: 04/30/2015 15.17.0.1 - Intel)
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (01/28/2011 6.1.0.1) (HKLM\...\EB9B45DC947C2D941CA61B992509A71D738AE888) (Version: 01/28/2011 6.1.0.1 - Lenovo)
PC-FAXReceive (HKLM-x32\...\{9C609AF4-9CC1-45F0-B954-29DF7DD40329}) (Version: 1.8.004.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{FD9C7169-7728-477A-91D1-AF3822CE494F}) (Version: 3.7.5.1 - Brother Industries Ltd.) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 8.0 - Power Software Ltd)
qBittorrent 4.3.9 (HKLM-x32\...\qBittorrent) (Version: 4.3.9 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{FAB8A30A-B074-48F9-9D73-5E9A757403F8}) (Version: 3.10.2.0 - Brother Industries Ltd.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{D65C0754-7790-427F-AD73-D7C644260F57}) (Version: 1.19.9.1 - Brother) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project)
StatusMonitor (HKLM-x32\...\{D42470A0-E4C3-41C9-9A92-B1B23FD13F8C}) (Version: 1.21.6.0 - Brother Insutries Ltd.) Hidden
Subtitle Edit 3.5.18 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.18.1 - Nikse)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
TSR Watermark Image software version 3.7.1.3 (HKLM-x32\...\TSR Watermark Image_is1) (Version: 3.7.1.3 - TSR Software)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\WhatsApp) (Version: 2.2140.12 - WhatsApp)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1264854543-508359185-2951099918-1000_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Users\PedAngGV\AppData\Local\SumatraPDF\PdfPreview.dll () [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-1264854543-508359185-2951099918-1000_Classes\CLSID\{55808EA8-81FE-43c6-AAE8-1D8149F941D3}\InprocServer32 -> C:\Users\PedAngGV\AppData\Local\SumatraPDF\PdfFilter.dll () [Archivo no firmado]
ShellServiceObjects: Sin Nombre -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellServiceObjects-x32: Sin Nombre -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-11-11] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-07-15] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2021-11-11] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-07-15] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-07-15] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Módulos cargados (Lista blanca) =============

2021-10-07 17:02 - 2018-05-02 15:25 - 000091648 _____ () [Archivo no firmado] C:\Windows\system32\BrNetSti.dll
2021-10-07 17:02 - 2005-04-22 13:36 - 000143360 _____ () [Archivo no firmado] C:\Windows\system32\BrSNMP64.dll
2021-09-22 00:44 - 2010-10-14 14:59 - 001892352 _____ (Apache Software Foundation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2021-09-22 00:44 - 2010-10-14 14:59 - 000069632 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2009-07-13 18:54 - 2018-04-18 15:15 - 000044544 _____ (Microsoft Corporation) [Archivo no firmado] c:\windows\system32\themeservice.dll
2009-07-13 18:55 - 2018-04-18 15:15 - 000332288 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\system32\UxTheme.dll
2020-06-06 13:11 - 2020-06-06 13:11 - 000796672 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Versión 11) (Lista blanca) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = dprojects.org
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1264854543-508359185-2951099918-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-1264854543-508359185-2951099918-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-15] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7863 más sitios.

IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1264854543-508359185-2951099918-1000\...\123simsen.com -> www.123simsen.com

Hay 7863 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 21:34 - 2021-11-03 19:36 - 000450999 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1	localhost reg.tsr-soft.com
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

Hay 15472 más lineas.


==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-1264854543-508359185-2951099918-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PedAngGV\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
mpsdrv => El servicio de Firewall de Windows no se está ejecutando.
MpsSvc => El servicio de Firewall de Windows no se está ejecutando.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BrotherSoftwareUpdateNotification => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: Lync => 
MSCONFIG\startupreg: OneDrive => "C:\Users\PedAngGV\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0ADCCB76-27D0-44ED-92F8-A1177FB0773A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42A1CB60-5473-4113-BEAF-E31EF5661F2E}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{D99F46A7-1662-41C2-8B27-FE2A67A3F84C}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Archivo no firmado]
FirewallRules: [{C954C281-D6A5-41B5-A510-1F5E1881371A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

13-11-2021 07:46:19 Instalado Energy Management
13-11-2021 23:32:37 Driver Booster : Dispositivo de High Definition Audio

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (11/25/2021 04:43:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/21/2021 05:25:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/20/2021 11:49:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/15/2021 08:28:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/15/2021 03:38:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/14/2021 04:21:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/13/2021 11:39:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/13/2021 12:49:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


Errores del sistema:
=============
Error: (11/25/2021 05:09:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/25/2021 05:09:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/25/2021 05:09:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/25/2021 05:09:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/25/2021 05:09:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/25/2021 05:09:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/25/2021 05:09:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/25/2021 05:09:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


==================== Información de la memoria =========================== 

BIOS: LENOVO 4ACN38WW 05/30/2012
Placa base: LENOVO KL6
Procesador: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Porcentaje de memoria en uso: 59%
RAM física total: 8096.49 MB
RAM física disponible: 3263.53 MB
Virtual total: 10351.11 MB
Virtual disponible: 807.34 MB

==================== Unidades ================================

Drive c: (SYSTEM) (Fixed) (Total:208.76 GB) (Free:62.48 GB) NTFS
Drive d: () (Fixed) (Total:722.66 GB) (Free:37.89 GB) NTFS

\\?\Volume{9e632d4e-1137-11ec-b513-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B3B169F0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=208.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=722.7 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================