Hola a todos, como todos sabemos ,todo el mundo comete errores y posiblemente yo mas que nadie, ya que di por solucionado un tema y sin embargo ignorante de mi ahora es igual o pero, porque creo que se trata de un secuestro de navegador. Normalmente utilizo chrome, pero desde que se infecto , yo crei que con ccleaner se habia resuelto el problema, pero no es asi, ya que en ese navegador no puedo a penas entrar a el foro y de ningun modo descargar cualquier programa y menos actualizar Malwarebytes Antimalware, porque no me deja, ya que si clico para descargar me lleva a otra pagina que no tiene nada que ver. Dicho esto, me gustaria me pudierais ayudar, a pesar de que me ofrecisteis ayuda e ignorantemente, como dije anteriormente , crei que habia encontrado la solucion, nada mas lejos de ello, lo que hice fue cerrar el tema como solucionado, disculpad y espero vuestra comprension, actualmente me conecto por Opera, que funciona bien y me deja actuar. Gracias
1 me gusta
Hola a todos, voy a mandar el log de FRST, como se me dijo en su momento, pero crei que el problema estaba solucionado y no lo hice
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 23-12-2022
Ejecutado por Jeronimo (administrador) sobre PC-JERONIMO (MEDION B088) (25-12-2022 10:04:54)
Ejecutado desde C:\Users\Jeronimo\Desktop
Perfiles cargados: Jeronimo
Plataforma: Microsoft Windows 8.1 con Bing (Update) (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avira Operations GmbH & Co. KG) [Archivo no firmado] C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (GuinpinSoft inc) [Archivo no firmado] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(services.exe ->) (Intel(R) Corporation) [Archivo no firmado] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390904 2021-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe --startup_mode (Ningún archivo)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe --startup_mode (Ningún archivo)
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5509072 2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Run: [Microsoft Edge Update] => C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\MicrosoftEdgeUpdateCore.exe [263640 2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe (Ningún archivo)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe --startup_mode (Ningún archivo)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {1C082E08-DEBC-402B-8E8A-9C379B0CC567} - System32\Tasks\{13BCBB25-4770-4CA2-BAC8-E6C8AC7D47A2} => C:\windows\system32\pcalua.exe -a "C:\Program Files\CyberLink\PowerDVD20\Common\CLVirtualDriver\Drivers\DriverInstaller.exe" -d "C:\Program Files\CyberLink\PowerDVD20" -c /i CLVirtualBus02.inf DE85B8F3-D088-4D6E-A970-EE0BC7883A66
Task: {35A7C3DA-3613-49E8-929A-2C2209DEA91B} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-08-26] () [Archivo no firmado]
Task: {36B98425-27F1-4B8F-808A-C386A5A56F8F} - \Driver Booster SkipUAC (Jeronimo) -> Ningún archivo <==== ATENCIÓN
Task: {3C777B88-D959-40C8-8681-599702325287} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D98F95C-435E-47AF-A55A-FD0A7D6B912A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EFDEDE6-C6BA-4C3A-AD6C-09E208636D5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-16] (Google LLC -> Google LLC)
Task: {5558A21C-2A82-4E94-88C6-BDE317C5FA91} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3362883406-455209763-3099670529-1001Core => C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {6194988F-3B21-42D2-A63D-7C39EC638724} - System32\Tasks\Opera scheduled Autoupdate 1643916440 => C:\Users\Jeronimo\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {68DB1D1F-1C1E-4E03-B74C-BE9D358D7BDA} - System32\Tasks\CCleanerSkipUAC - Jeronimo => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9691AA3C-3BB8-4BB6-AA30-16D46887000D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C2FFA88-4BF4-4804-885A-7586CF59AC93} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3060072 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B60070CF-F20A-489F-905E-97D507358826} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {BFC5D973-328E-46AE-8C54-568A0F812585} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3528A87-C515-46A5-903E-78AFB8089553} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-16] (Google LLC -> Google LLC)
Task: {CFC61400-CEC8-4BDC-BA1C-EF68A93427F3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D407F6A0-B34B-474D-9DF0-28693CD5E541} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3362883406-455209763-3099670529-1001UA => C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {D98E7DCC-5282-4206-AB74-18F68F27BEB5} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jeronimo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-12-05] (ESET, spol. s r.o. -> ESET)
Task: {DB917537-B4C7-4E7B-BDF5-CB34CBA07710} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jeronimo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-12-05] (ESET, spol. s r.o. -> ESET)
Task: {E12C4B40-FF72-4D23-98B2-A1F34B9E69C9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "27b31120-4f33-4c5c-8d7f-ee5620ddafa6" --version "6.07.10191" --silent
Task: {E4335FFC-D929-4E96-9C66-7056DBCBA1E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 77.73.131.151
Tcpip\..\Interfaces\{2398FF50-7908-43F1-BED6-E99DEF006040}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{7164E3A6-AD11-4445-BAF9-D4320DD68F96}: [DhcpNameServer] 77.73.131.151
FireFox:
========
FF DefaultProfile: b16oq2xd.default
FF ProfilePath: C:\Users\Jeronimo\AppData\Roaming\Mozilla\Firefox\Profiles\b16oq2xd.default [2021-11-27]
FF ProfilePath: C:\Users\Jeronimo\AppData\Roaming\Mozilla\Firefox\Profiles\3jzmev3k.default-release [2022-12-25]
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default [2022-12-25]
CHR Notifications: Default -> hxxps://b.captchafine.live; hxxps://forospyware.com
CHR Extension: (Traductor de Google) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-09]
CHR Extension: (Adblock para Youtube™) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-12-17]
CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-12-24]
CHR Extension: (Native HLS Playback) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnphkkblegpebimobpbekeedfgemhof [2022-06-01]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28]
CHR Extension: (1clickVPN - VPN gratis para Chrome) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfhplploccackoneaefokcmbjfbkenj [2022-09-06]
CHR Extension: (Similarweb - Traffic Rank & Website Analysis) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2022-12-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-16]
CHR Profile: C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-12-24]
CHR Profile: C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-24]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
Opera:
=======
OPR Profile: C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable [2022-12-25]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-01]
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2022-02-03]
OPR Extension: (Opera Wallet) - C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-17]
OPR Extension: (SimilarWeb - Traffic Rank & Website Analysis) - C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable\Extensions\ianfmojglkgnabfodmgbobhahkciggdj [2022-11-01]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-02-03]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [338432 2022-04-22] (Avira Operations GmbH & Co. KG) [Archivo no firmado]
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2021-06-01] (GuinpinSoft inc) [Archivo no firmado]
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\FileSyncHelper.exe [2448232 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Archivo no firmado]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-12-04] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe [2836840 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 cpuz153; C:\windows\temp\cpuz153\cpuz153_x64.sys [36864 2022-10-05] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 googledrivefs3758; C:\windows\System32\DRIVERS\googledrivefs3758.sys [383520 2022-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [239544 2022-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 phantomtap; C:\windows\system32\DRIVERS\phantomtap.sys [39448 2022-03-30] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [2968280 2014-01-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\windows\system32\DRIVERS\tapprotonvpn.sys [39696 2020-12-30] (Proton Technologies AG -> The OpenVPN Project)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\windows\system32\DRIVERS\wintun.sys [29576 2021-04-21] (WireGuard LLC -> WireGuard LLC)
S3 bntap; \SystemRoot\system32\DRIVERS\bntap.sys [X]
S3 CLVirtualBus02; \SystemRoot\System32\drivers\CLVirtualBus02.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-12-25 09:39 - 2022-12-25 09:59 - 000054809 _____ C:\Users\Jeronimo\Desktop\Addition.txt
2022-12-25 09:35 - 2022-12-25 10:05 - 000018944 _____ C:\Users\Jeronimo\Desktop\FRST.txt
2022-12-25 09:34 - 2022-12-25 10:05 - 000000000 ____D C:\FRST
2022-12-25 09:32 - 2022-12-25 09:32 - 002375680 _____ (Farbar) C:\Users\Jeronimo\Desktop\FRST64.exe
2022-12-24 12:44 - 2022-12-24 12:44 - 000016266 _____ C:\Users\Jeronimo\Documents\cc_20221224_124400.reg
2022-12-24 12:40 - 2022-12-24 12:40 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
2022-12-24 12:40 - 2022-12-24 12:40 - 000003344 _____ C:\windows\system32\Tasks\CCleanerCrashReporting
2022-12-24 12:40 - 2022-12-24 12:40 - 000002820 _____ C:\windows\system32\Tasks\CCleanerSkipUAC - Jeronimo
2022-12-24 12:40 - 2022-12-24 12:40 - 000000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-12-24 12:40 - 2022-12-24 12:40 - 000000760 _____ C:\windows\Tasks\CCleanerCrashReporting.job
2022-12-24 12:40 - 2022-12-24 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-12-24 12:39 - 2022-12-25 09:19 - 000000000 ____D C:\Program Files\CCleaner
2022-12-24 12:38 - 2022-12-24 12:38 - 053329624 _____ (Piriform Software Ltd) C:\Users\Jeronimo\Downloads\ccsetup607 (1).exe
2022-12-17 17:51 - 2022-12-17 17:51 - 001646570 _____ C:\Users\Jeronimo\Downloads\Factura_FE22321409561960.pdf
2022-12-16 21:08 - 2022-12-24 12:46 - 000000000 ____D C:\Users\Jeronimo\AppData\Local\CrashDumps
2022-12-16 20:49 - 2022-12-16 20:49 - 000251345 _____ C:\Users\Jeronimo\Downloads\documento.pdf
2022-12-12 22:11 - 2022-12-12 22:11 - 000019490 _____ C:\Users\Jeronimo\Documents\cc_20221212_221102.reg
2022-12-04 19:49 - 2022-12-04 19:49 - 000000000 ____D C:\Users\Jeronimo\AppData\Local\mbam
2022-12-04 19:48 - 2022-12-04 19:48 - 000001980 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-12-04 19:48 - 2022-12-04 19:48 - 000001968 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-12-04 19:45 - 2022-12-04 19:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-12-04 19:45 - 2022-12-04 19:45 - 000000000 ____D C:\Program Files\Malwarebytes
2022-12-04 19:10 - 2022-12-04 19:10 - 000023504 _____ C:\Users\Jeronimo\Documents\cc_20221204_191002.reg
2022-12-02 15:05 - 2022-12-02 15:05 - 000002852 _____ C:\Users\Jeronimo\Desktop\ForoSpyware.lnk
2022-12-02 15:05 - 2022-12-02 15:05 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-12-25 09:57 - 2021-04-16 17:12 - 000000000 __RDO C:\Users\Jeronimo\OneDrive
2022-12-25 09:33 - 2021-04-16 16:06 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-25 09:18 - 2021-04-16 16:54 - 000000000 __SHD C:\Users\Jeronimo\IntelGraphicsProfiles
2022-12-25 09:18 - 2021-04-16 16:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-12-24 13:02 - 2021-04-16 17:00 - 000003598 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3362883406-455209763-3099670529-1001
2022-12-24 11:51 - 2021-04-16 19:20 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\vlc
2022-12-24 09:30 - 2021-04-16 17:34 - 000000000 ____D C:\Users\Jeronimo\AppData\Local\JDownloader 2.0
2022-12-24 09:11 - 2022-02-03 20:27 - 000004104 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1643916440
2022-12-24 09:11 - 2022-02-03 20:27 - 000001353 _____ C:\Users\Jeronimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2022-12-19 19:38 - 2022-08-21 21:09 - 000003780 _____ C:\windows\system32\Tasks\EOSv3 Scheduler onLogOn
2022-12-19 19:38 - 2022-08-21 21:09 - 000003340 _____ C:\windows\system32\Tasks\EOSv3 Scheduler onTime
2022-12-17 17:22 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2022-12-16 20:06 - 2021-04-16 16:07 - 000002192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-16 20:06 - 2021-04-16 16:07 - 000002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-12-15 18:32 - 2021-04-16 16:06 - 000000000 ____D C:\Program Files\Google
2022-12-15 14:06 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2022-12-14 21:33 - 2022-07-09 16:00 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\CyberLink
2022-12-14 21:33 - 2022-05-29 17:07 - 000000000 ___HD C:\ProgramData\CyberLink
2022-12-14 21:33 - 2014-04-29 17:51 - 000000000 ____D C:\ProgramData\install_clap
2022-12-14 21:33 - 2014-04-29 13:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-12-14 21:32 - 2021-05-05 13:20 - 000000000 ____D C:\windows\system32\Drivers\CLFCL5.20
2022-12-14 21:21 - 2014-04-28 17:48 - 000791238 _____ C:\windows\system32\perfh013.dat
2022-12-14 21:21 - 2014-04-28 17:48 - 000159044 _____ C:\windows\system32\perfc013.dat
2022-12-14 21:21 - 2014-04-28 17:35 - 000804020 _____ C:\windows\system32\perfh00A.dat
2022-12-14 21:21 - 2014-04-28 17:35 - 000163958 _____ C:\windows\system32\perfc00A.dat
2022-12-14 21:21 - 2014-03-18 16:25 - 002773164 _____ C:\windows\system32\PerfStringBackup.INI
2022-12-14 21:14 - 2021-04-16 17:26 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-12-14 21:13 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2022-12-14 21:13 - 2013-08-22 15:44 - 000486832 _____ C:\windows\system32\FNTCACHE.DAT
2022-12-14 21:10 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2022-12-14 21:08 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-14 19:21 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2022-12-13 22:11 - 2021-04-17 03:58 - 000000000 ____D C:\windows\system32\MRT
2022-12-13 22:05 - 2014-04-29 10:41 - 148633544 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2022-12-08 13:37 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-12-08 13:21 - 2021-04-16 16:06 - 000000000 ____D C:\Users\Jeronimo\AppData\Local\Google
2022-12-08 09:37 - 2022-01-18 11:14 - 000001221 _____ C:\Users\Public\Desktop\Media Player Classic.lnk
2022-12-08 09:37 - 2021-04-18 13:24 - 000003242 _____ C:\windows\system32\Tasks\klcp_update
2022-12-08 09:37 - 2021-04-18 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-12-08 09:37 - 2021-04-18 13:24 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2022-12-07 05:24 - 2021-04-17 18:33 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\dvdcss
2022-12-07 05:22 - 2022-09-13 20:51 - 000000891 _____ C:\Users\Public\Desktop\VLC media player.lnk
2022-12-04 19:17 - 2021-04-27 12:55 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\MPC-HC
2022-12-04 19:17 - 2021-04-27 09:46 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\uTorrent
2022-12-04 19:16 - 2022-10-18 19:42 - 000000000 ____D C:\windows\Minidump
2022-12-02 10:04 - 2022-08-22 15:44 - 000000000 ____D C:\KVRT2020_Data
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
A continuacion el log de Addition.:
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 23-12-2022
Ejecutado por Jeronimo (25-12-2022 10:06:43)
Ejecutado desde C:\Users\Jeronimo\Desktop
Microsoft Windows 8.1 con Bing (Update) (X64) (2021-04-16 15:54:18)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-3362883406-455209763-3099670529-500 - Administrator - Disabled)
Invitado (S-1-5-21-3362883406-455209763-3099670529-501 - Limited - Disabled)
Jeronimo (S-1-5-21-3362883406-455209763-3099670529-1001 - Administrator - Enabled) => C:\Users\Jeronimo
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat Reader - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 22.003.20282 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
Avira Phantom VPN 2.41.1.25731 (HKLM-x32\...\Avira Phantom VPN_is1) (Version: 2.41.1.25731 - lrepacks.net)
Betternet for Windows 5.3.0.433 (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF9CA03A4B}) (Version: 5.3.0.433 - Betternet Technologies Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1208.2 - Piriform Software) Hidden
CyberLink PowerDVD Copy 1.5 (HKLM-x32\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.0.3725a - CyberLink Corp.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
ForoSpyware (HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\b7b26827fcdd9752fe8f9a7a40c5a858) (Version: 1.0 - Google\Chrome)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{85E3592A-8C11-44F4-AABD-F82EF41167AD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{5FF3045E-4A36-4B98-9F7F-48B49F4469C7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\{10D621C6-BD1E-3A58-BD25-41541CF277DB}) (Version: 108.0.5359.125 - Google LLC)
Icecream Ebook Reader versión 5.31 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.31 - Icecream Apps)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{BCCACFE6-91A0-4F32-80A0-ADC0CA048C7B}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{3685B5E8-A0A8-494B-B035-B221547A4B63}) (Version: 1.0.0.1050 - Intel Corporation) Hidden
Java 8 Update 351 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
K-Lite Codec Pack 17.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.3.0 - KLCP)
Kodi (HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Kodi) (Version: - XBMC Foundation)
Malwarebytes version 4.5.18.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.18.226 - Malwarebytes)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.11.25325 (HKLM-x32\...\{568CD07E-0824-3EEB-AEC1-8FD51F3C85CF}) (Version: 14.11.25325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.11.25325 (HKLM-x32\...\{029DA848-1A80-34D3-BFC1-A6447BFC8E7F}) (Version: 14.11.25325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.21.27702 (HKLM\...\{12578975-C765-4BDF-8DDC-3284BC0E855F}) (Version: 14.21.27702 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.21.27702 (HKLM\...\{F7CAC7DF-3524-4C2D-A7DB-E16140A3D5E6}) (Version: 14.21.27702 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{26E474C7-E63A-4EC2-A08C-909B996AA75D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5D3B997B-DF28-4BC1-82E6-E6C29A53AF6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F78F19A8-F3F5-4407-B98B-F23ACC82DBF5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
Opera Stable 94.0.4606.38 (HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Opera 94.0.4606.38) (Version: 94.0.4606.38 - Opera Software)
Photo Common (HKLM-x32\...\{1971235B-AE41-4B68-BCFF-8057DF6952BF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{296B992A-D3F5-4BD5-9B4F-D02718242742}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{3751BF9B-5F23-4976-AA62-1BF4D791DCFE}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{3EEF6B1E-38AA-4F22-BA70-30A73BB06AAE}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{678DD68F-DD35-47FC-9ABA-3B705FBA831B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{6C2475D4-C20C-4CA3-9352-C3E1BA967798}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{75E724F3-AED9-43E1-B45D-FC0CF32903DD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{9526857B-0005-4B22-977F-20379BE4118B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{98A61E19-257C-47E1-9E3B-63CA31AEC4D9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{9F981901-3080-416F-B90E-8E30FA6D14B5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{B1D0122C-6BE2-47A2-82AE-0BB3F6C91C49}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{BD5276FF-89D4-45F2-AAD0-2DF4950C316C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{BEEBDEDF-1FEF-43D1-825C-B045FFC5F184}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{C3538BF4-735B-45F3-B09E-C541A007E4E8}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{EE7C798F-E0EF-42E0-A443-E31761C3628F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{961ED0FA-AF05-4BB5-8A9E-5FD127AB32CF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{B6A96E8C-FC88-46F5-800E-6845B4ACA459}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{F4DEB840-B638-4BCE-AC6B-057EF31E0012}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.4.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.0 - VS Revo Group, Ltd.)
Spotify (HKLM-x32\...\Spotify_is1) (Version: 1.1.4.197.g92d52c4f - Spotify Ltd)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.16.8 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.3.1 - Telegram FZ-LLC)
Valokuvavalikoima (HKLM-x32\...\{B315ABA6-8217-484E-9AC5-38806E265664}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebView2 Runtime de Microsoft Edge (HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Windows Live (HKLM-x32\...\{B99F248C-B4B3-4D61-9FFC-AE59A1F13723}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{0686A35C-31E4-4E87-8735-0FE414C516F5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{1B905A9B-EB74-4C70-B81B-5F446C178566}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{546980F9-DD2A-45D4-92E2-AC2DAAA61512}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66233218-CA57-4AB2-BA43-A97AA4635960}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{718957FF-26D7-4B90-A6E1-E6EF5571DAA3}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{8C74CE01-0FE5-440F-BD20-BCA115F67EC1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{914CF575-57ED-48C4-891F-D0830BFB797E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{91BCA11A-D01D-4E6F-9444-58970078CD9B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{A428A7B1-8C7A-40BA-AD87-8F8DB44359D8}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{B400EF92-0350-4330-B4EF-7D36EA107C70}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{B9011B53-5148-4992-B33B-88E7AEC8C2FB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{F8F630A7-6789-44D5-8653-3B27969CF337}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (HKLM-x32\...\{10267977-5258-48A2-A458-D379CB624E28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{215B3584-8246-4717-BCA4-ED43779740D4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{290C2B0A-CEE1-4F55-AB46-4571EC01DA96}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{33B992ED-B59B-4E25-9F3F-CF2D79BBA914}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{60212DCA-93F2-448C-9056-95BB80D9B5D5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{7F60B581-9BAB-4CE1-8D5F-782632C44F9A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{835BFEDD-FDBC-4662-9873-A6C47B8D120A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{9E3AA498-47E5-40C9-BA09-1CC2B6D2C22F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{A0332229-4EF7-4A36-AED8-E5876EB2DF86}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{AC57543E-EC54-4AB7-A18C-4B04BB1CF09A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{ADEA376B-D5A6-4918-9A5C-B6488455EF03}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{B8F42F14-57DE-4429-9D76-81945CCF7370}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{D08C060C-2E1B-4C1A-ACF0-FE932B55E0B6}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{DC91214B-C50F-4727-A0BC-6AEB1BCA6B60}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E18F5C38-A4C9-437A-A65A-4F1BD5056CD1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{FC071B45-4A5F-408F-92F8-4D9D693E866F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{FC0BC4D9-22D7-4BDD-89D7-A8621CEF072F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (HKLM-x32\...\{65FD10C6-0D53-4754-A4AA-AEFFA29E86CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Packages:
=========
Adera - Lite -> C:\Program Files\WindowsApps\Microsoft.Adera-Lite_1.2.0.25927_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios)
Ashampoo ImageFX for Medion -> C:\Program Files\WindowsApps\AshampooMedion.AshampooImageFXforMedion_1.0.2.14_x64__g53hytncy48pj [2014-04-29] (Ashampoo GmbH & Co. KG)
Cyberlink PowerDVD_BE -> C:\Program Files\WindowsApps\CyberLinkCorp.me.PowerDVDforMedion_1.1.918.19562_x86__fyjd2029wheaw [2014-04-29] (CYBERLINK COM)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2021-04-17] (eBay, Inc)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-04-29] (Microsoft Corporation) [MS Ad]
Medion Mediathek -> C:\Program Files\WindowsApps\D305113D.MedionMediathek_1.1.0.12_neutral__ka6x32c4zxtnt [2014-04-29] (Tune In)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.9.1913.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN Salud y Bienestar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2021-04-17] (Skype) [MS Ad]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Wordament -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_2.8.4.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-3362883406-455209763-3099670529-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3362883406-455209763-3099670529-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3362883406-455209763-3099670529-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3362883406-455209763-3099670529-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-12-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2021-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2021-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-12-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\Jeronimo\Desktop\ForoSpyware.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gmlcodhckhpmidifbdkmlnakmhpfgjfl
ShortcutWithArgument: C:\Users\Jeronimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\ForoSpyware.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gmlcodhckhpmidifbdkmlnakmhpfgjfl
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
==================== Módulos cargados (Lista blanca) =============
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\localhost -> localhost
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jeronimo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaper.jpg
DNS Servers: 77.73.131.151
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Hola, el analisis no es el correcto porque se me olvido desconectar el router, aqui mando el bueno:
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 23-12-2022
Ejecutado por Jeronimo (administrador) sobre PC-JERONIMO (MEDION B088) (25-12-2022 20:30:37)
Ejecutado desde C:\Users\Jeronimo\Desktop
Perfiles cargados: Jeronimo
Plataforma: Microsoft Windows 8.1 con Bing (Update) (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avira Operations GmbH & Co. KG) [Archivo no firmado] C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (GuinpinSoft inc) [Archivo no firmado] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
(services.exe ->) (Intel(R) Corporation) [Archivo no firmado] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390904 2021-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Ningún archivo)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe --startup_mode (Ningún archivo)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe --startup_mode (Ningún archivo)
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5509072 2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Run: [Microsoft Edge Update] => C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\MicrosoftEdgeUpdateCore.exe [263640 2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe (Ningún archivo)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe --startup_mode (Ningún archivo)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {1C082E08-DEBC-402B-8E8A-9C379B0CC567} - System32\Tasks\{13BCBB25-4770-4CA2-BAC8-E6C8AC7D47A2} => C:\windows\system32\pcalua.exe -a "C:\Program Files\CyberLink\PowerDVD20\Common\CLVirtualDriver\Drivers\DriverInstaller.exe" -d "C:\Program Files\CyberLink\PowerDVD20" -c /i CLVirtualBus02.inf DE85B8F3-D088-4D6E-A970-EE0BC7883A66
Task: {35A7C3DA-3613-49E8-929A-2C2209DEA91B} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-08-26] () [Archivo no firmado]
Task: {36B98425-27F1-4B8F-808A-C386A5A56F8F} - \Driver Booster SkipUAC (Jeronimo) -> Ningún archivo <==== ATENCIÓN
Task: {3C777B88-D959-40C8-8681-599702325287} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D98F95C-435E-47AF-A55A-FD0A7D6B912A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EFDEDE6-C6BA-4C3A-AD6C-09E208636D5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-16] (Google LLC -> Google LLC)
Task: {5558A21C-2A82-4E94-88C6-BDE317C5FA91} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3362883406-455209763-3099670529-1001Core => C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {6194988F-3B21-42D2-A63D-7C39EC638724} - System32\Tasks\Opera scheduled Autoupdate 1643916440 => C:\Users\Jeronimo\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {68DB1D1F-1C1E-4E03-B74C-BE9D358D7BDA} - System32\Tasks\CCleanerSkipUAC - Jeronimo => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9691AA3C-3BB8-4BB6-AA30-16D46887000D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C2FFA88-4BF4-4804-885A-7586CF59AC93} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3060072 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B60070CF-F20A-489F-905E-97D507358826} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {BFC5D973-328E-46AE-8C54-568A0F812585} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3528A87-C515-46A5-903E-78AFB8089553} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-16] (Google LLC -> Google LLC)
Task: {CFC61400-CEC8-4BDC-BA1C-EF68A93427F3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D407F6A0-B34B-474D-9DF0-28693CD5E541} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3362883406-455209763-3099670529-1001UA => C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {D98E7DCC-5282-4206-AB74-18F68F27BEB5} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jeronimo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-12-05] (ESET, spol. s r.o. -> ESET)
Task: {DB917537-B4C7-4E7B-BDF5-CB34CBA07710} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jeronimo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-12-05] (ESET, spol. s r.o. -> ESET)
Task: {E12C4B40-FF72-4D23-98B2-A1F34B9E69C9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "27b31120-4f33-4c5c-8d7f-ee5620ddafa6" --version "6.07.10191" --silent
Task: {E4335FFC-D929-4E96-9C66-7056DBCBA1E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2398FF50-7908-43F1-BED6-E99DEF006040}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{7164E3A6-AD11-4445-BAF9-D4320DD68F96}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF DefaultProfile: b16oq2xd.default
FF ProfilePath: C:\Users\Jeronimo\AppData\Roaming\Mozilla\Firefox\Profiles\b16oq2xd.default [2021-11-27]
FF ProfilePath: C:\Users\Jeronimo\AppData\Roaming\Mozilla\Firefox\Profiles\3jzmev3k.default-release [2022-12-25]
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default [2022-12-25]
CHR Notifications: Default -> hxxps://b.captchafine.live; hxxps://forospyware.com
CHR Extension: (Traductor de Google) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-09]
CHR Extension: (Adblock para Youtube™) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-12-17]
CHR Extension: (Adobe Acrobat: herramientas para convertir, editar y firmar PDFs) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-12-24]
CHR Extension: (Native HLS Playback) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnphkkblegpebimobpbekeedfgemhof [2022-06-01]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28]
CHR Extension: (1clickVPN - VPN gratis para Chrome) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfhplploccackoneaefokcmbjfbkenj [2022-09-06]
CHR Extension: (Similarweb - Traffic Rank & Website Analysis) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2022-12-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-16]
CHR Profile: C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-12-24]
CHR Profile: C:\Users\Jeronimo\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-24]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
Opera:
=======
OPR Profile: C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable [2022-12-25]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-01]
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2022-02-03]
OPR Extension: (Opera Wallet) - C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-17]
OPR Extension: (SimilarWeb - Traffic Rank & Website Analysis) - C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable\Extensions\ianfmojglkgnabfodmgbobhahkciggdj [2022-11-01]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Jeronimo\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-02-03]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [338432 2022-04-22] (Avira Operations GmbH & Co. KG) [Archivo no firmado]
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2021-06-01] (GuinpinSoft inc) [Archivo no firmado]
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\FileSyncHelper.exe [2448232 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Archivo no firmado]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-12-04] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe [2836840 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 cpuz153; C:\windows\temp\cpuz153\cpuz153_x64.sys [36864 2022-10-05] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 googledrivefs3758; C:\windows\System32\DRIVERS\googledrivefs3758.sys [383520 2022-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [223176 2022-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [239544 2022-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 phantomtap; C:\windows\system32\DRIVERS\phantomtap.sys [39448 2022-03-30] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [2968280 2014-01-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapprotonvpn; C:\windows\system32\DRIVERS\tapprotonvpn.sys [39696 2020-12-30] (Proton Technologies AG -> The OpenVPN Project)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\windows\system32\DRIVERS\wintun.sys [29576 2021-04-21] (WireGuard LLC -> WireGuard LLC)
S3 bntap; \SystemRoot\system32\DRIVERS\bntap.sys [X]
S3 CLVirtualBus02; \SystemRoot\System32\drivers\CLVirtualBus02.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-12-25 20:30 - 2022-12-25 20:31 - 000019068 _____ C:\Users\Jeronimo\Desktop\FRST.txt
2022-12-25 09:34 - 2022-12-25 20:31 - 000000000 ____D C:\FRST
2022-12-25 09:32 - 2022-12-25 09:32 - 002375680 _____ (Farbar) C:\Users\Jeronimo\Desktop\FRST64.exe
2022-12-24 12:44 - 2022-12-24 12:44 - 000016266 _____ C:\Users\Jeronimo\Documents\cc_20221224_124400.reg
2022-12-24 12:40 - 2022-12-25 10:10 - 000000760 _____ C:\windows\Tasks\CCleanerCrashReporting.job
2022-12-24 12:40 - 2022-12-24 12:40 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
2022-12-24 12:40 - 2022-12-24 12:40 - 000003344 _____ C:\windows\system32\Tasks\CCleanerCrashReporting
2022-12-24 12:40 - 2022-12-24 12:40 - 000002820 _____ C:\windows\system32\Tasks\CCleanerSkipUAC - Jeronimo
2022-12-24 12:40 - 2022-12-24 12:40 - 000000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-12-24 12:40 - 2022-12-24 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-12-24 12:39 - 2022-12-25 17:53 - 000000000 ____D C:\Program Files\CCleaner
2022-12-24 12:38 - 2022-12-24 12:38 - 053329624 _____ (Piriform Software Ltd) C:\Users\Jeronimo\Downloads\ccsetup607 (1).exe
2022-12-17 17:51 - 2022-12-17 17:51 - 001646570 _____ C:\Users\Jeronimo\Downloads\Factura_FE22321409561960.pdf
2022-12-16 21:08 - 2022-12-24 12:46 - 000000000 ____D C:\Users\Jeronimo\AppData\Local\CrashDumps
2022-12-16 20:49 - 2022-12-16 20:49 - 000251345 _____ C:\Users\Jeronimo\Downloads\documento.pdf
2022-12-12 22:11 - 2022-12-12 22:11 - 000019490 _____ C:\Users\Jeronimo\Documents\cc_20221212_221102.reg
2022-12-04 19:49 - 2022-12-04 19:49 - 000000000 ____D C:\Users\Jeronimo\AppData\Local\mbam
2022-12-04 19:48 - 2022-12-04 19:48 - 000001980 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-12-04 19:48 - 2022-12-04 19:48 - 000001968 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-12-04 19:45 - 2022-12-04 19:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-12-04 19:45 - 2022-12-04 19:45 - 000000000 ____D C:\Program Files\Malwarebytes
2022-12-04 19:10 - 2022-12-04 19:10 - 000023504 _____ C:\Users\Jeronimo\Documents\cc_20221204_191002.reg
2022-12-02 15:05 - 2022-12-02 15:05 - 000002852 _____ C:\Users\Jeronimo\Desktop\ForoSpyware.lnk
2022-12-02 15:05 - 2022-12-02 15:05 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2022-12-25 20:05 - 2021-04-16 16:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-12-25 19:46 - 2021-04-16 19:20 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\vlc
2022-12-25 19:33 - 2021-04-16 16:06 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-25 18:51 - 2021-04-16 17:12 - 000000000 __RDO C:\Users\Jeronimo\OneDrive
2022-12-25 18:40 - 2021-04-18 20:12 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\Kodi
2022-12-25 10:12 - 2021-04-16 16:54 - 000000000 __SHD C:\Users\Jeronimo\IntelGraphicsProfiles
2022-12-25 10:11 - 2021-04-16 17:26 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-12-25 10:10 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2022-12-25 10:10 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2022-12-24 13:02 - 2021-04-16 17:00 - 000003598 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3362883406-455209763-3099670529-1001
2022-12-24 09:30 - 2021-04-16 17:34 - 000000000 ____D C:\Users\Jeronimo\AppData\Local\JDownloader 2.0
2022-12-24 09:11 - 2022-02-03 20:27 - 000004104 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1643916440
2022-12-24 09:11 - 2022-02-03 20:27 - 000001353 _____ C:\Users\Jeronimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2022-12-19 19:38 - 2022-08-21 21:09 - 000003780 _____ C:\windows\system32\Tasks\EOSv3 Scheduler onLogOn
2022-12-19 19:38 - 2022-08-21 21:09 - 000003340 _____ C:\windows\system32\Tasks\EOSv3 Scheduler onTime
2022-12-17 17:22 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2022-12-16 20:06 - 2021-04-16 16:07 - 000002192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-16 20:06 - 2021-04-16 16:07 - 000002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-12-15 18:32 - 2021-04-16 16:06 - 000000000 ____D C:\Program Files\Google
2022-12-15 14:06 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2022-12-14 21:33 - 2022-07-09 16:00 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\CyberLink
2022-12-14 21:33 - 2022-05-29 17:07 - 000000000 ___HD C:\ProgramData\CyberLink
2022-12-14 21:33 - 2014-04-29 17:51 - 000000000 ____D C:\ProgramData\install_clap
2022-12-14 21:33 - 2014-04-29 13:20 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-12-14 21:32 - 2021-05-05 13:20 - 000000000 ____D C:\windows\system32\Drivers\CLFCL5.20
2022-12-14 21:21 - 2014-04-28 17:48 - 000791238 _____ C:\windows\system32\perfh013.dat
2022-12-14 21:21 - 2014-04-28 17:48 - 000159044 _____ C:\windows\system32\perfc013.dat
2022-12-14 21:21 - 2014-04-28 17:35 - 000804020 _____ C:\windows\system32\perfh00A.dat
2022-12-14 21:21 - 2014-04-28 17:35 - 000163958 _____ C:\windows\system32\perfc00A.dat
2022-12-14 21:21 - 2014-03-18 16:25 - 002773164 _____ C:\windows\system32\PerfStringBackup.INI
2022-12-14 21:13 - 2013-08-22 15:44 - 000486832 _____ C:\windows\system32\FNTCACHE.DAT
2022-12-14 21:08 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-14 19:21 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2022-12-13 22:11 - 2021-04-17 03:58 - 000000000 ____D C:\windows\system32\MRT
2022-12-13 22:05 - 2014-04-29 10:41 - 148633544 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2022-12-08 13:37 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-12-08 13:21 - 2021-04-16 16:06 - 000000000 ____D C:\Users\Jeronimo\AppData\Local\Google
2022-12-08 09:37 - 2022-01-18 11:14 - 000001221 _____ C:\Users\Public\Desktop\Media Player Classic.lnk
2022-12-08 09:37 - 2021-04-18 13:24 - 000003242 _____ C:\windows\system32\Tasks\klcp_update
2022-12-08 09:37 - 2021-04-18 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-12-08 09:37 - 2021-04-18 13:24 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2022-12-07 05:24 - 2021-04-17 18:33 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\dvdcss
2022-12-07 05:22 - 2022-09-13 20:51 - 000000891 _____ C:\Users\Public\Desktop\VLC media player.lnk
2022-12-04 19:17 - 2021-04-27 12:55 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\MPC-HC
2022-12-04 19:17 - 2021-04-27 09:46 - 000000000 ____D C:\Users\Jeronimo\AppData\Roaming\uTorrent
2022-12-04 19:16 - 2022-10-18 19:42 - 000000000 ____D C:\windows\Minidump
2022-12-02 10:04 - 2022-08-22 15:44 - 000000000 ____D C:\KVRT2020_Data
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2022-12-15 19:14
==================== Final de FRST.txt ========================Hola el resto:
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 23-12-2022
Ejecutado por Jeronimo (25-12-2022 20:32:32)
Ejecutado desde C:\Users\Jeronimo\Desktop
Microsoft Windows 8.1 con Bing (Update) (X64) (2021-04-16 15:54:18)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
(Si una entrada es incluida en el fixlist, será eliminada.)
Administrador (S-1-5-21-3362883406-455209763-3099670529-500 - Administrator - Disabled)
Invitado (S-1-5-21-3362883406-455209763-3099670529-501 - Limited - Disabled)
Jeronimo (S-1-5-21-3362883406-455209763-3099670529-1001 - Administrator - Enabled) => C:\Users\Jeronimo
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat Reader - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 22.003.20282 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
Avira Phantom VPN 2.41.1.25731 (HKLM-x32\...\Avira Phantom VPN_is1) (Version: 2.41.1.25731 - lrepacks.net)
Betternet for Windows 5.3.0.433 (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF9CA03A4B}) (Version: 5.3.0.433 - Betternet Technologies Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1208.2 - Piriform Software) Hidden
CyberLink PowerDVD Copy 1.5 (HKLM-x32\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.0.3725a - CyberLink Corp.) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
ForoSpyware (HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\b7b26827fcdd9752fe8f9a7a40c5a858) (Version: 1.0 - Google\Chrome)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{85E3592A-8C11-44F4-AABD-F82EF41167AD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{5FF3045E-4A36-4B98-9F7F-48B49F4469C7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{6F19A9AE-85C6-4EBB-BADC-CC1B8B9F3F91}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\{10D621C6-BD1E-3A58-BD25-41541CF277DB}) (Version: 108.0.5359.125 - Google LLC)
Icecream Ebook Reader versión 5.31 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.31 - Icecream Apps)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{BCCACFE6-91A0-4F32-80A0-ADC0CA048C7B}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{3685B5E8-A0A8-494B-B035-B221547A4B63}) (Version: 1.0.0.1050 - Intel Corporation) Hidden
Java 8 Update 351 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
K-Lite Codec Pack 17.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.3.0 - KLCP)
Kodi (HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Kodi) (Version: - XBMC Foundation)
Malwarebytes version 4.5.18.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.18.226 - Malwarebytes)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.11.25325 (HKLM-x32\...\{568CD07E-0824-3EEB-AEC1-8FD51F3C85CF}) (Version: 14.11.25325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.11.25325 (HKLM-x32\...\{029DA848-1A80-34D3-BFC1-A6447BFC8E7F}) (Version: 14.11.25325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.21.27702 (HKLM\...\{12578975-C765-4BDF-8DDC-3284BC0E855F}) (Version: 14.21.27702 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.21.27702 (HKLM\...\{F7CAC7DF-3524-4C2D-A7DB-E16140A3D5E6}) (Version: 14.21.27702 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{0A0C9DBA-5AB2-43F1-9932-A60DAA6EBEFC}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{26E474C7-E63A-4EC2-A08C-909B996AA75D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5D3B997B-DF28-4BC1-82E6-E6C29A53AF6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B44E699A-94F8-406C-9A1B-C2574F5863CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F78F19A8-F3F5-4407-B98B-F23ACC82DBF5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
Opera Stable 94.0.4606.38 (HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Opera 94.0.4606.38) (Version: 94.0.4606.38 - Opera Software)
Photo Common (HKLM-x32\...\{1971235B-AE41-4B68-BCFF-8057DF6952BF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{296B992A-D3F5-4BD5-9B4F-D02718242742}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{3751BF9B-5F23-4976-AA62-1BF4D791DCFE}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{3EEF6B1E-38AA-4F22-BA70-30A73BB06AAE}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{678DD68F-DD35-47FC-9ABA-3B705FBA831B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{6C2475D4-C20C-4CA3-9352-C3E1BA967798}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{75E724F3-AED9-43E1-B45D-FC0CF32903DD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{9526857B-0005-4B22-977F-20379BE4118B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{98A61E19-257C-47E1-9E3B-63CA31AEC4D9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{9F981901-3080-416F-B90E-8E30FA6D14B5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{B1D0122C-6BE2-47A2-82AE-0BB3F6C91C49}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{BD5276FF-89D4-45F2-AAD0-2DF4950C316C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{BEEBDEDF-1FEF-43D1-825C-B045FFC5F184}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{C3538BF4-735B-45F3-B09E-C541A007E4E8}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{EE7C798F-E0EF-42E0-A443-E31761C3628F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{961ED0FA-AF05-4BB5-8A9E-5FD127AB32CF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{B6A96E8C-FC88-46F5-800E-6845B4ACA459}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{F4DEB840-B638-4BCE-AC6B-057EF31E0012}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.4.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.0 - VS Revo Group, Ltd.)
Spotify (HKLM-x32\...\Spotify_is1) (Version: 1.1.4.197.g92d52c4f - Spotify Ltd)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.16.8 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.3.1 - Telegram FZ-LLC)
Valokuvavalikoima (HKLM-x32\...\{B315ABA6-8217-484E-9AC5-38806E265664}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebView2 Runtime de Microsoft Edge (HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Windows Live (HKLM-x32\...\{B99F248C-B4B3-4D61-9FFC-AE59A1F13723}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{0686A35C-31E4-4E87-8735-0FE414C516F5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{1B905A9B-EB74-4C70-B81B-5F446C178566}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{546980F9-DD2A-45D4-92E2-AC2DAAA61512}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66233218-CA57-4AB2-BA43-A97AA4635960}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{718957FF-26D7-4B90-A6E1-E6EF5571DAA3}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{8C74CE01-0FE5-440F-BD20-BCA115F67EC1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{914CF575-57ED-48C4-891F-D0830BFB797E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{91BCA11A-D01D-4E6F-9444-58970078CD9B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{A428A7B1-8C7A-40BA-AD87-8F8DB44359D8}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{B400EF92-0350-4330-B4EF-7D36EA107C70}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{B9011B53-5148-4992-B33B-88E7AEC8C2FB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{F8F630A7-6789-44D5-8653-3B27969CF337}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (HKLM-x32\...\{10267977-5258-48A2-A458-D379CB624E28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{215B3584-8246-4717-BCA4-ED43779740D4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{290C2B0A-CEE1-4F55-AB46-4571EC01DA96}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{33B992ED-B59B-4E25-9F3F-CF2D79BBA914}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{60212DCA-93F2-448C-9056-95BB80D9B5D5}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{7F60B581-9BAB-4CE1-8D5F-782632C44F9A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{835BFEDD-FDBC-4662-9873-A6C47B8D120A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{9E3AA498-47E5-40C9-BA09-1CC2B6D2C22F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{A0332229-4EF7-4A36-AED8-E5876EB2DF86}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{AC57543E-EC54-4AB7-A18C-4B04BB1CF09A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{ADEA376B-D5A6-4918-9A5C-B6488455EF03}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{B8F42F14-57DE-4429-9D76-81945CCF7370}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{D08C060C-2E1B-4C1A-ACF0-FE932B55E0B6}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{DC91214B-C50F-4727-A0BC-6AEB1BCA6B60}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E18F5C38-A4C9-437A-A65A-4F1BD5056CD1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{FC071B45-4A5F-408F-92F8-4D9D693E866F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{FC0BC4D9-22D7-4BDD-89D7-A8621CEF072F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (HKLM-x32\...\{65FD10C6-0D53-4754-A4AA-AEFFA29E86CB}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Συλλογή φωτογραφιών (HKLM-x32\...\{2D5C287A-1D2D-46BA-8EF8-D2747575DB6E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Sigue:
Packages:
=========
Adera - Lite -> C:\Program Files\WindowsApps\Microsoft.Adera-Lite_1.2.0.25927_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios)
Ashampoo ImageFX for Medion -> C:\Program Files\WindowsApps\AshampooMedion.AshampooImageFXforMedion_1.0.2.14_x64__g53hytncy48pj [2014-04-29] (Ashampoo GmbH & Co. KG)
Cyberlink PowerDVD_BE -> C:\Program Files\WindowsApps\CyberLinkCorp.me.PowerDVDforMedion_1.1.918.19562_x86__fyjd2029wheaw [2014-04-29] (CYBERLINK COM)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2021-04-17] (eBay, Inc)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-04-29] (Microsoft Corporation) [MS Ad]
Medion Mediathek -> C:\Program Files\WindowsApps\D305113D.MedionMediathek_1.1.0.12_neutral__ka6x32c4zxtnt [2014-04-29] (Tune In)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.9.1913.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN Salud y Bienestar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2021-04-17] (Skype) [MS Ad]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Corporation) [MS Ad]
Wordament -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_2.8.4.0_x86__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-3362883406-455209763-3099670529-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3362883406-455209763-3099670529-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3362883406-455209763-3099670529-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3362883406-455209763-3099670529-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\Jeronimo\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-12-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll [2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2021-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2021-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-12-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\Jeronimo\Desktop\ForoSpyware.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gmlcodhckhpmidifbdkmlnakmhpfgjfl
ShortcutWithArgument: C:\Users\Jeronimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\ForoSpyware.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gmlcodhckhpmidifbdkmlnakmhpfgjfl
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
==================== Módulos cargados (Lista blanca) =============
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-10-22] (Oracle America, Inc. -> Oracle Corporation)
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\localhost -> localhost
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jeronimo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaper.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKLM\...\StartupApproved\Run: => "PowerDVD20Agent"
HKLM\...\StartupApproved\Run32: => "PowerDVD20Agent"
HKU\S-1-5-21-3362883406-455209763-3099670529-1001\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{02948D05-2DFC-44D2-99C8-E31FFE7F7384}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF382509-BCD9-4672-8881-62C820F51983}] => (Allow) LPort=2869
FirewallRules: [{1399A5AA-B4D4-4233-888F-B02D9E2DF7C1}] => (Allow) LPort=1900
FirewallRules: [{18FBAB01-8324-420E-BA27-27020543D302}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C5A5FDB4-DAA3-4238-9EFE-2F51D9BC9922}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ED9369E1-0F87-4F7F-95B8-B684B6EA9E60}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FB05E275-DAAE-4447-BD4D-C20508EC83EA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{79853FBA-A8EC-4E15-8E31-8BFC5844EAA1}C:\users\jeronimo\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\jeronimo\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{424DAB9D-8289-4AC5-8FD0-8E6888162261}C:\users\jeronimo\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\jeronimo\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{A519091E-8827-4A91-8BAE-7EA6688B989C}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [Archivo no firmado]
FirewallRules: [UDP Query User{777FCC3F-B42B-4C4C-A5F7-49B97DB8C09D}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [Archivo no firmado]
FirewallRules: [{FD14722C-57A0-476C-9B39-C5207ED8DD05}] => (Allow) C:\Users\Jeronimo\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{81578A79-DDC4-4D1B-8CE2-59E9488A06F2}] => (Allow) C:\Users\Jeronimo\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{88E3A2B0-161B-4C97-859A-3533583ABAFF}C:\users\jeronimo\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\jeronimo\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{A2384886-CE65-40CD-8CAD-29B21DA01FAC}C:\users\jeronimo\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\jeronimo\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{0E7DC410-EED9-4E3A-B357-A5CF55A1706E}C:\users\jeronimo\appdata\local\jdownloader 2.0\jdownloader2update.exe] => (Allow) C:\users\jeronimo\appdata\local\jdownloader 2.0\jdownloader2update.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{99DBAD99-0961-4BE5-BAB5-646D044645C2}C:\users\jeronimo\appdata\local\jdownloader 2.0\jdownloader2update.exe] => (Allow) C:\users\jeronimo\appdata\local\jdownloader 2.0\jdownloader2update.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{92263F0B-91C8-4950-9237-2470701CA95D}C:\users\jeronimo\appdata\local\jdownloader 2.0\jre\bin\javaw.exe] => (Allow) C:\users\jeronimo\appdata\local\jdownloader 2.0\jre\bin\javaw.exe
FirewallRules: [UDP Query User{C10753D8-0BF0-4940-A2D9-7194EF75D151}C:\users\jeronimo\appdata\local\jdownloader 2.0\jre\bin\javaw.exe] => (Allow) C:\users\jeronimo\appdata\local\jdownloader 2.0\jre\bin\javaw.exe
FirewallRules: [TCP Query User{15B4C731-20EC-497F-A9DD-062F33BEAB6C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{307DD079-5C31-4C38-9F36-DBE2BD935C4D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8DF339F0-43A4-49E2-B698-A3C7D056AF7C}] => (Allow) C:\Program Files (x86)\Avira\VPN\OpenVpn\phantomvpn.exe (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
FirewallRules: [{E9BF38D3-359E-4C0B-9962-EEA7FADC69FE}] => (Allow) C:\Program Files (x86)\Avira\VPN\OpenVpn\phantomvpn.exe (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
FirewallRules: [TCP Query User{896669EC-2048-4D89-A818-5875551CB25B}C:\users\jeronimo\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\jeronimo\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{3A23A602-3FD1-42F8-ACA4-DBC92A3C8A1C}C:\users\jeronimo\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\jeronimo\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{B61A11CF-C272-48C5-876F-D28037096B21}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Puntos de Restauración =========================
08-12-2022 13:33:38 Revo Uninstaller Pro's restore point - Microsoft Office Profesional Plus 2016 - es-es
13-12-2022 22:02:11 Windows Update
15-12-2022 18:30:37 Removed Google Earth Pro
15-12-2022 18:32:13 Removed Google Earth Pro
25-12-2022 08:48:42 Punto de control programado
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (12/16/2022 09:08:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AcroRd32.exe, versión: 22.3.20282.0, marca de tiempo: 0x63728700
Nombre del módulo con errores: ieframe.dll_unloaded, versión: 11.0.9600.20671, marca de tiempo: 0x63646396
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0065003f
Identificador del proceso con errores: 0x600
Hora de inicio de la aplicación con errores: 0x01d9118a10309501
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Ruta de acceso del módulo con errores: ieframe.dll
Identificador del informe: 63717e8b-7d7d-11ed-82f2-c03fd5a03921
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/16/2022 09:07:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa AcroRd32.exe, versión 22.3.20282.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: e58
Hora de inicio: 01d91189f91f3f20
Hora de finalización: 1
Ruta de acceso de la aplicación: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Identificador de informe: 43382db0-7d7d-11ed-82f2-c03fd5a03921
Nombre completo de paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/14/2022 09:20:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa LiveComm.exe, versión 17.5.9600.22013, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: d98
Hora de inicio: 01d90ff8bff1084f
Hora de finalización: 4294967295
Ruta de acceso de la aplicación: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
Identificador de informe: b4203d8d-7bec-11ed-82f2-c03fd5a03921
Nombre completo de paquete con errores: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/04/2022 09:09:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa LiveComm.exe, versión 17.5.9600.22013, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: 1698
Hora de inicio: 01d9081b9320b390
Hora de finalización: 4294967295
Ruta de acceso de la aplicación: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
Identificador de informe: 874f1e6d-740f-11ed-82f0-c03fd5a03921
Nombre completo de paquete con errores: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/04/2022 08:39:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa LiveComm.exe, versión 17.5.9600.22013, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: e70
Hora de inicio: 01d90817611c7f7c
Hora de finalización: 4294967295
Ruta de acceso de la aplicación: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
Identificador de informe: 556730b0-740b-11ed-82f0-c03fd5a03921
Nombre completo de paquete con errores: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/04/2022 08:09:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa LiveComm.exe, versión 17.5.9600.22013, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: 7ac
Hora de inicio: 01d9081331f08a17
Hora de finalización: 4294967295
Ruta de acceso de la aplicación: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
Identificador de informe: 2595bbc6-7407-11ed-82f0-c03fd5a03921
Nombre completo de paquete con errores: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: ppleae38af2e007f4358a809ac99a64a67c1
Error: (12/04/2022 07:35:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.
Operación:
Recopilando datos del escritor
Contexto:
Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
Nombre del escritor: System Writer
Id. de instancia del escritor: {21e2edab-ed68-4d98-b1d4-66a0431a2f15}
Error: (12/04/2022 02:10:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa LiveComm.exe, versión 17.5.9600.22013, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: 14c4
Hora de inicio: 01d907e11b5c539e
Hora de finalización: 4294967295
Ruta de acceso de la aplicación: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe
Identificador de informe: 0f897db4-73d5-11ed-82f0-c03fd5a03921
Nombre completo de paquete con errores: microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: ppleae38af2e007f4358a809ac99a64a67c1
Errores del sistema:
=============
Error: (12/25/2022 08:37:36 PM) (Source: DCOM) (EventID: 10010) (User: PC-JERONIMO)
Description: El servidor {BB6DF56B-CACE-11DC-9992-0019B93A3A84} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2022 08:35:36 PM) (Source: DCOM) (EventID: 10010) (User: PC-JERONIMO)
Description: El servidor {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2022 08:03:06 PM) (Source: DCOM) (EventID: 10010) (User: PC-JERONIMO)
Description: El servidor {BB6DF56B-CACE-11DC-9992-0019B93A3A84} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2022 08:01:06 PM) (Source: DCOM) (EventID: 10010) (User: PC-JERONIMO)
Description: El servidor {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2022 10:09:19 AM) (Source: DCOM) (EventID: 10010) (User: PC-JERONIMO)
Description: El servidor {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2022 10:07:53 AM) (Source: DCOM) (EventID: 10010) (User: PC-JERONIMO)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2022 10:07:53 AM) (Source: DCOM) (EventID: 10010) (User: PC-JERONIMO)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2022 09:58:49 AM) (Source: DCOM) (EventID: 10010) (User: PC-JERONIMO)
Description: El servidor {BB6DF56B-CACE-11DC-9992-0019B93A3A84} no se registró con DCOM dentro del tiempo de espera requerido.
Windows Defender:
================
Date: 2022-12-17 17:49:41.402
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {E794937A-BFF5-4014-B859-7EF5EFA7E280}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2022-12-17 14:42:25.409
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {6C860ED7-1347-4B99-9078-B4A40A314835}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2022-12-17 08:57:30.732
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {7BA1102A-9644-4C20-BF81-998806978CCD}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2022-12-16 20:35:14.457
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {AE3919BC-A4E6-46C5-AD31-7638382F9DD5}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2022-12-15 14:05:31.264
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {6E2045DD-C6F5-46EB-9FC2-816F63835EE1}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2022-12-19 19:48:46.414
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.381.638.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.19900.2
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta.
Date: 2022-12-19 19:48:46.414
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.381.638.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.19900.2
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta.
Date: 2022-12-19 19:48:45.055
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior:
Origen de actualización: Usuario
Tipo de firma:
Tipo de actualización:
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior:
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta.
Date: 2022-12-19 19:48:45.055
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior:
Origen de actualización: Usuario
Tipo de firma:
Tipo de actualización:
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior:
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta.
Date: 2022-12-19 19:48:37.633
Description:
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.381.638.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.19900.2
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. BTLTW08.106 05/22/2014
Placa base: MEDION BTDD-LT
Procesador: Intel(R) Celeron(R) CPU J1900 @ 1.99GHz
Porcentaje de memoria en uso: 35%
RAM física total: 3969.26 MB
RAM física disponible: 2548.14 MB
Virtual total: 4737.26 MB
Virtual disponible: 2994.12 MB
==================== Unidades ================================
Drive c: (Boot) (Fixed) (Total:435.36 GB) (Free:151.01 GB) (Model: TOSHIBA DT01ACA100) NTFS
Drive d: (Descargas y otros) (Fixed) (Total:434.01 GB) (Free:160.75 GB) (Model: TOSHIBA DT01ACA100) NTFS
Drive e: (Recover) (Fixed) (Total:59.99 GB) (Free:42.59 GB) (Model: TOSHIBA DT01ACA100) NTFS
\\?\Volume{ee4da079-9866-468c-b430-e1c7d7bd0e7a}\ () (Fixed) (Total:0.49 GB) (Free:0.24 GB) NTFS
\\?\Volume{1f07ed59-87b8-4ccc-aa80-468587093521}\ () (Fixed) (Total:0.44 GB) (Free:0.41 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Final de Addition.txt =======================