Soy usuario nuevo y tengo un problema con un Troyano (Autoit v3 script (beta) no veo la forma de eliminarlo, soy una persona de cierta edad que no domina bien la informática, me gustaría que me pudierais ayudar . Mi sistema operativo es Win 7, mi equipo va muy lento tengo unos 70G libres en el disco duro. Gracias de antemano.
Hola @23223979 bienvenido al ForoSpyware
Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:
1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.
- Realiza un Análisis personalizado, actualizando si te lo pide.
- Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
- En el apartado del manual Historial de detecciones encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.
2) Descarga AdwCleaner | InfoSpyware en el escritorio.
- Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
- Cierra también todos los programas que tengas abiertos.
- Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
- Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
- Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
- Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
- El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt
3) Descarga CCleaner
- Instala Ccleaner
- Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
- Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
- Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.
Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.
¿Cómo pegar reportes en el foro?
Un saludo
Buenas Tardes Daniela: He seguido los pasos que me has indicado pero sigo teniendo el mismo problema, AutoIt v3 Script (Beta) no consigo eliminarlo del menú de Inicio de Windows. Gracias por adelantado, te pego los reportes.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-11-2019
# Duration: 00:01:12
# OS: Windows 7 Professional
# Cleaned: 16
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
***** [ Chromium (and derivatives) ] *****
Deleted Bing Search Engine
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.CyberLinkLabelPrint File C:\Users\Public\Desktop\CyberLink LabelPrint 2.5.lnk
Deleted Preinstalled.CyberLinkLabelPrint Folder C:\Program Files (x86)\CYBERLINK\LABELPRINT
Deleted Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Deleted Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Papito\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Papito\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer_For_P2G9
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\CLVirtualDrive9
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3059 octets] - [11/12/2019 20:10:03]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 11/12/19
Hora del análisis: 19:24
Archivo de registro: 7341a366-1c43-11ea-a074-bc5ff4b6f368.json
-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.770
Versión del paquete de actualización: 1.0.16010
Licencia: Gratis
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Papito-PC\Papito
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 271416
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 37 min, 57 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Hola
Te indiqué que realizaras con Malwarebytes un análisis personalizado y lo has hecho de amenazas.
Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus
Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1]
¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]
- Ejecuta FRST.exe.
- En el mensaje de la ventana del Disclaimer, pulsamos Yes
- En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
- Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Pon los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Un saludo
Daniela aqui te mando los informes de FRST.exe, te los tengo que mandar en dos bloques pues no me permite hacerlo en uno, no se si estara bien. Un Saludo
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by Papito (administrator) on PAPITO-PC (19-12-2019 18:13:20)
Running from C:\Users\Papito\jDownloads
Loaded Profiles: Papito (Available Profiles: Papito)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrobat_sl.exe
(Disc Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Trusted Connect Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nlssrv32.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-12-11] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04923506-6479-483D-9182-6F91E172A09B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {0C842462-523B-4665-9926-768A3BFECD80} - \SUPERAntiSpyware Scheduled Task 9463c4e5-726b-49dd-a236-c2af9451b9c1 -> No File <==== ATTENTION
Task: {20874699-6BE8-46DD-BE6B-574E0E3F160D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-04-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2D52079C-7C68-497F-94B2-5E5E58076B6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {36DB3197-D20C-4334-AE65-FA8D295210D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {4BE9073D-60CE-4CCD-B1B2-8EB4C85E63C9} - System32\Tasks\{47C87962-EA37-4869-B78E-F7B9FBA3BCA2} => C:\Windows\system32\pcalua.exe -a "K:\Programas\Progamas para este PC\Programas para cargar\WinRar 3.5\crack winrar.exe" -d "K:\Programas\Progamas para este PC\Programas para cargar\WinRar 3.5"
Task: {4E1F8BF3-889E-400D-BE3B-AAC51950E1E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {4E4C2B36-3693-4760-B6A5-C4C702BE9427} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {56AE0E30-BFE1-4D1F-9D39-DAADB403D44E} - System32\Tasks\HPCustPartic.exe_{D3A72248-6964-4754-8D01-FA76B16ED81E} => C:\Program Files\HP\HP Officejet Pro 6230\Bin\HPCustPartic.exe
Task: {56C0C41F-CCCE-4FA1-BD52-85130F1B8EA0} - System32\Tasks\HPCustPartic.exe_{97AB398D-468C-431B-BE9F-4DDD368DD492} => C:\Program Files\HP\HP Officejet Pro 6230\Bin\HPCustPartic.exe
Task: {688C00E8-912C-4D39-9FD8-5EB25EF36A0C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {8232BC2B-0FE2-4B85-BD29-64DCABEA6109} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {897C0EC4-394F-467D-8BE5-58089CAAE44F} - \SUPERAntiSpyware Scheduled Task 495f86d9-6833-41d5-82df-6c53b86ac270 -> No File <==== ATTENTION
Task: {913C9277-72D0-4139-9DCE-0C8D701047A3} - System32\Tasks\{85EC2869-654F-48F8-AE69-1245CBD5E49C} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [962760 2019-08-14] (VideoLAN -> VideoLAN)
Task: {9987B339-C016-43B0-BB7D-90E39ED5F237} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-01-13] (Google Inc -> Google Inc.)
Task: {AB02C05E-17B3-4C9D-B43A-94C12D264034} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-12-11] (Piriform Software Ltd -> Piriform Ltd)
Task: {B033206E-C187-460B-BC5F-6707855C6E43} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-12-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BF11A372-4155-476C-A1D0-59E332433362} - System32\Tasks\{DDBE826A-8335-4866-BE80-803856A473A9} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {C5208862-3600-4121-9DC7-0E07A6B8D239} - System32\Tasks\{70370F6C-58F1-4D36-A93C-70F547636801} => C:\Users\Papito\AppData\Local\JDownloader v2.0\JDownloader2.exe [425208 2015-03-20] (Appwork GmbH -> AppWork GmbH)
Task: {D0856BD1-F148-46AE-8D05-F7ACD999BABF} - System32\Tasks\{946CAA40-D8E3-4F30-A8FD-772D3932C364} => C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe [1987768 2018-09-30] (BitTorrent Inc -> BitTorrent Inc.)
Task: {D1D8313E-0862-4039-8351-806ED9084C66} - System32\Tasks\{C2D6990E-BB1C-498E-9BE2-B799C0AB37E3} => C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe [1987768 2018-09-30] (BitTorrent Inc -> BitTorrent Inc.)
Task: {D2D90B52-4A44-44AA-9146-0E9B2674DDAB} - System32\Tasks\{2CD2886A-5AEA-4E72-86CB-F49EFF463002} => C:\Windows\system32\pcalua.exe -a "E:\Software\HP Monitor Drivers\HP Display Installer.exe" -d "E:\Software\HP Monitor Drivers"
Task: {DA5A52EC-B5A0-49ED-A7AF-0AB6FA27ABFA} - System32\Tasks\HPCeeScheduleForPapito => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {DCFF1E3C-1A6C-4B63-9C08-C87D6FC437E1} - System32\Tasks\{BFDA55CA-5371-4D60-B667-6F804011C45E} => C:\Windows\system32\pcalua.exe -a C:\Users\Papito\jDownloads\mp3gain-win-full-1_3_4.exe -d C:\Users\Papito\jDownloads
Task: {E85FC595-361E-4F96-9F9A-A79A51B5DF2B} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-01-13] (Google Inc -> Google Inc.)
Task: {EDCE1FDD-B993-4BCD-B902-D01C9C88B17B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {EF30C3B6-A282-45CA-BDE5-81A3C6E77D9F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {F493EF8F-288F-47ED-8C11-9289B9F843FF} - System32\Tasks\AdobeAAMUpdater-1.0-Papito-PC-Papito => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\HPCeeScheduleForPapito.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4050F601-A613-4CE2-A237-A46DE0FFEE87}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42CB44D8-4BA6-4775-8966-FE1CB3C7DB82}: [NameServer] 87.216.1.65,87.216.1.66
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,-1]
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1089716657-1759760612-2350703969-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-10-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR Notifications: Default -> hxxps://atinhenfortwa.info; hxxps://audienceline.com; hxxps://hadmatontrin.com; hxxps://icutit.ca; hxxps://jzx7s.cnewvi.com; hxxps://livermony.info; hxxps://p7.regardensy.mobi; hxxps://relstemportsin.club; hxxps://wishes2.com; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://www93.zippyshare.com; hxxps://za.gl
CHR Profile: C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default [2019-12-19]
CHR Extension: (Presentaciones) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Documentos) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-13]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (uBlock Origin) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-10-29]
CHR Extension: (Búsqueda de Google) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-13]
CHR Extension: (Fair AdBlocker App) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnofaichneijfbkdkghmhjjbepjmble [2017-05-22]
CHR Extension: (Web for Instagram plus DM) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkhjjcoidmkfegigfdedmafpfemccpk [2019-11-29]
CHR Extension: (App) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebmgfcblnnjcpobbpmohbbppbipploob [2018-05-06]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-08]
CHR Extension: (Hojas de cálculo) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-27]
CHR Extension: (Ad Block - AdFilter Español) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgekbffcnpflnhfjkdfdlhffigdfbnae [2016-12-15]
CHR Extension: (Download with JDownloader) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpmbokkdeapjommajdfmmheiiakdlgo [2018-11-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-19]
CHR HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165664 2012-08-23] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-11] (Malwarebytes Inc -> Malwarebytes)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-09-05] (Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed]
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-02-27] (Geek Software GmbH -> Geek Software GmbH)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2212328 2018-03-16] (Plex, Inc -> Plex, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive1.1; C:\Windows\System32\DRIVERS\CLVirtualDrive1_1.sys [91912 2013-06-03] (CyberLink Corp. -> CyberLink)
S3 CXPLRCAP; C:\Windows\System32\drivers\CxPlrCap.sys [235904 2010-01-06] (Beijing Geniatech Inc. Ltd. -> Conexant Systems, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2017-06-02] (DT Soft Ltd -> DT Soft Ltd)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] (Intel(R) Smart Connect software -> )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2019-12-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2019-12-19] (Malwarebytes Inc -> Malwarebytes)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 CLVirtualBus01; system32\DRIVERS\CLVirtualBus01.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-19 17:39 - 2019-12-19 17:39 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-12-19 17:38 - 2019-12-19 17:38 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-12-18 23:03 - 2019-12-19 18:15 - 000000000 ____D C:\FRST
2019-12-13 22:35 - 2019-12-17 23:32 - 000000000 ____D C:\Users\Papito\AppData\LocalLow\uTorrent
2019-12-11 21:03 - 2019-12-11 21:03 - 000030004 _____ C:\Users\Papito\Documents\cc_20191211_210323.reg
2019-12-11 20:57 - 2019-12-18 18:29 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-11 20:56 - 2019-12-11 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-11 20:28 - 2019-12-11 20:28 - 000003059 _____ C:\Users\Papito\Desktop\AdwCleaner[S00] Informe 2.txt
2019-12-11 20:27 - 2019-12-11 20:27 - 000003387 _____ C:\Users\Papito\Desktop\AdwCleaner[C00] Informe.txt
2019-12-11 20:04 - 2019-12-11 20:04 - 000001540 _____ C:\Users\Papito\Desktop\Analisis Malware.txt
2019-12-06 22:57 - 2019-12-06 22:57 - 000000000 ____D C:\Users\Papito\AppData\Local\cache
2019-12-01 12:21 - 2019-12-01 12:22 - 000000000 ____D C:\testintel2
2019-11-23 18:50 - 2019-11-23 18:50 - 000000000 ____D C:\testintel
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-19 18:14 - 2016-01-13 13:07 - 000000000 ____D C:\Users\Papito\AppData\Local\Adobe
2019-12-19 18:12 - 2016-01-13 11:21 - 000000000 ___RD C:\Users\Papito\jDownloads
2019-12-19 17:36 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-19 00:10 - 2009-07-14 05:45 - 000049264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-19 00:09 - 2009-07-14 05:45 - 000049264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-18 20:58 - 2017-06-12 21:59 - 000000000 ____D C:\Users\Papito\AppData\Roaming\vlc
2019-12-18 20:55 - 2017-06-04 17:03 - 000000000 ____D C:\Users\Papito\Desktop\Utorrent
2019-12-18 19:44 - 2016-01-13 14:25 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 19:32 - 2019-10-04 10:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-18 19:32 - 2019-10-04 10:46 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-18 18:21 - 2018-11-02 21:04 - 005092224 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-17 23:39 - 2017-06-02 14:06 - 000000000 ____D C:\Users\Papito\AppData\Roaming\uTorrent
2019-12-17 18:15 - 2010-11-21 08:09 - 000747720 _____ C:\Windows\system32\perfh00A.dat
2019-12-17 18:15 - 2010-11-21 08:09 - 000159192 _____ C:\Windows\system32\perfc00A.dat
2019-12-17 18:15 - 2009-07-14 06:13 - 001678218 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-17 18:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-12-16 19:53 - 2019-07-25 20:42 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-16 18:52 - 2018-03-16 22:18 - 000000336 _____ C:\Windows\Tasks\HPCeeScheduleForPapito.job
2019-12-16 18:51 - 2018-03-16 22:18 - 000003192 _____ C:\Windows\system32\Tasks\HPCeeScheduleForPapito
2019-12-14 21:16 - 2016-01-13 14:24 - 000003536 _____ C:\Windows\system32\Tasks\googleupdatetaskmachineua
2019-12-14 21:16 - 2016-01-13 14:24 - 000003408 _____ C:\Windows\system32\Tasks\googleupdatetaskmachinecore
2019-12-11 21:13 - 2016-02-05 21:34 - 000000000 ____D C:\Program Files\CCleaner
2019-12-11 21:04 - 2017-06-05 17:24 - 000000000 ___HD C:\temp
2019-12-11 21:01 - 2017-06-02 19:09 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint 2.5
2019-12-11 20:56 - 2018-04-15 11:50 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-11 20:56 - 2018-04-15 11:50 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-11 20:16 - 2018-03-15 20:05 - 000000000 ____D C:\Users\Papito\AppData\Roaming\Hewlett-Packard
2019-12-11 20:16 - 2018-03-15 19:36 - 000000000 ____D C:\Users\Papito\AppData\Local\Hewlett-Packard
2019-12-11 20:16 - 2018-03-15 19:36 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-12-11 20:10 - 2018-02-18 17:51 - 000000000 ____D C:\AdwCleaner
2019-12-11 19:10 - 2019-07-25 20:42 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-11 19:10 - 2019-07-25 20:42 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-10 22:28 - 2016-01-13 12:40 - 000000000 ____D C:\ProgramData\Temp
2019-12-10 21:32 - 2016-05-22 10:08 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-01 21:29 - 2018-03-10 22:26 - 000000000 ____D C:\Users\Papito\Desktop\Banderas del mundo
2019-11-28 22:23 - 2019-03-02 19:00 - 000000000 ____D C:\Users\Papito\Desktop\Documentos Excel
==================== Files in the root of some directories ========
2018-04-30 20:01 - 2018-04-30 20:01 - 000326325 _____ () C:\Users\Papito\AppData\Roaming\PE.bin
2016-01-15 23:31 - 2016-01-15 23:31 - 000033134 _____ () C:\Users\Papito\AppData\Roaming\UserTile.png
2018-02-14 14:17 - 2018-02-14 14:17 - 000000043 _____ () C:\Users\Papito\AppData\Roaming\WB.CFG
2016-01-19 23:38 - 2016-01-19 23:39 - 229845735 _____ () C:\Users\Papito\AppData\Local\ACCCx3_4_3_189.zip.aamdownload
2016-01-19 23:38 - 2016-01-19 23:39 - 000002657 _____ () C:\Users\Papito\AppData\Local\ACCCx3_4_3_189.zip.aamdownload.aamd
2016-06-27 21:57 - 2019-05-25 19:34 - 000001456 _____ () C:\Users\Papito\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2018-09-30 10:49 - 2018-09-30 10:49 - 000000000 _____ () C:\Users\Papito\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-12-10 02:02
==================== End of FRST.txt ========================Aqui te mando el otro, quedo a la espera de tu respuesta y muchas gracias por tu AYUDA.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by Papito (administrator) on PAPITO-PC (19-12-2019 18:13:20)
Running from C:\Users\Papito\jDownloads
Loaded Profiles: Papito (Available Profiles: Papito)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrobat_sl.exe
(Disc Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Trusted Connect Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nlssrv32.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-12-11] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04923506-6479-483D-9182-6F91E172A09B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {0C842462-523B-4665-9926-768A3BFECD80} - \SUPERAntiSpyware Scheduled Task 9463c4e5-726b-49dd-a236-c2af9451b9c1 -> No File <==== ATTENTION
Task: {20874699-6BE8-46DD-BE6B-574E0E3F160D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-04-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2D52079C-7C68-497F-94B2-5E5E58076B6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {36DB3197-D20C-4334-AE65-FA8D295210D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {4BE9073D-60CE-4CCD-B1B2-8EB4C85E63C9} - System32\Tasks\{47C87962-EA37-4869-B78E-F7B9FBA3BCA2} => C:\Windows\system32\pcalua.exe -a "K:\Programas\Progamas para este PC\Programas para cargar\WinRar 3.5\crack winrar.exe" -d "K:\Programas\Progamas para este PC\Programas para cargar\WinRar 3.5"
Task: {4E1F8BF3-889E-400D-BE3B-AAC51950E1E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {4E4C2B36-3693-4760-B6A5-C4C702BE9427} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {56AE0E30-BFE1-4D1F-9D39-DAADB403D44E} - System32\Tasks\HPCustPartic.exe_{D3A72248-6964-4754-8D01-FA76B16ED81E} => C:\Program Files\HP\HP Officejet Pro 6230\Bin\HPCustPartic.exe
Task: {56C0C41F-CCCE-4FA1-BD52-85130F1B8EA0} - System32\Tasks\HPCustPartic.exe_{97AB398D-468C-431B-BE9F-4DDD368DD492} => C:\Program Files\HP\HP Officejet Pro 6230\Bin\HPCustPartic.exe
Task: {688C00E8-912C-4D39-9FD8-5EB25EF36A0C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {8232BC2B-0FE2-4B85-BD29-64DCABEA6109} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {897C0EC4-394F-467D-8BE5-58089CAAE44F} - \SUPERAntiSpyware Scheduled Task 495f86d9-6833-41d5-82df-6c53b86ac270 -> No File <==== ATTENTION
Task: {913C9277-72D0-4139-9DCE-0C8D701047A3} - System32\Tasks\{85EC2869-654F-48F8-AE69-1245CBD5E49C} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [962760 2019-08-14] (VideoLAN -> VideoLAN)
Task: {9987B339-C016-43B0-BB7D-90E39ED5F237} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-01-13] (Google Inc -> Google Inc.)
Task: {AB02C05E-17B3-4C9D-B43A-94C12D264034} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-12-11] (Piriform Software Ltd -> Piriform Ltd)
Task: {B033206E-C187-460B-BC5F-6707855C6E43} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-12-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BF11A372-4155-476C-A1D0-59E332433362} - System32\Tasks\{DDBE826A-8335-4866-BE80-803856A473A9} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {C5208862-3600-4121-9DC7-0E07A6B8D239} - System32\Tasks\{70370F6C-58F1-4D36-A93C-70F547636801} => C:\Users\Papito\AppData\Local\JDownloader v2.0\JDownloader2.exe [425208 2015-03-20] (Appwork GmbH -> AppWork GmbH)
Task: {D0856BD1-F148-46AE-8D05-F7ACD999BABF} - System32\Tasks\{946CAA40-D8E3-4F30-A8FD-772D3932C364} => C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe [1987768 2018-09-30] (BitTorrent Inc -> BitTorrent Inc.)
Task: {D1D8313E-0862-4039-8351-806ED9084C66} - System32\Tasks\{C2D6990E-BB1C-498E-9BE2-B799C0AB37E3} => C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe [1987768 2018-09-30] (BitTorrent Inc -> BitTorrent Inc.)
Task: {D2D90B52-4A44-44AA-9146-0E9B2674DDAB} - System32\Tasks\{2CD2886A-5AEA-4E72-86CB-F49EFF463002} => C:\Windows\system32\pcalua.exe -a "E:\Software\HP Monitor Drivers\HP Display Installer.exe" -d "E:\Software\HP Monitor Drivers"
Task: {DA5A52EC-B5A0-49ED-A7AF-0AB6FA27ABFA} - System32\Tasks\HPCeeScheduleForPapito => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {DCFF1E3C-1A6C-4B63-9C08-C87D6FC437E1} - System32\Tasks\{BFDA55CA-5371-4D60-B667-6F804011C45E} => C:\Windows\system32\pcalua.exe -a C:\Users\Papito\jDownloads\mp3gain-win-full-1_3_4.exe -d C:\Users\Papito\jDownloads
Task: {E85FC595-361E-4F96-9F9A-A79A51B5DF2B} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2016-01-13] (Google Inc -> Google Inc.)
Task: {EDCE1FDD-B993-4BCD-B902-D01C9C88B17B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {EF30C3B6-A282-45CA-BDE5-81A3C6E77D9F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {F493EF8F-288F-47ED-8C11-9289B9F843FF} - System32\Tasks\AdobeAAMUpdater-1.0-Papito-PC-Papito => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\HPCeeScheduleForPapito.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4050F601-A613-4CE2-A237-A46DE0FFEE87}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42CB44D8-4BA6-4775-8966-FE1CB3C7DB82}: [NameServer] 87.216.1.65,87.216.1.66
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,-1]
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1089716657-1759760612-2350703969-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-10-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR Notifications: Default -> hxxps://atinhenfortwa.info; hxxps://audienceline.com; hxxps://hadmatontrin.com; hxxps://icutit.ca; hxxps://jzx7s.cnewvi.com; hxxps://livermony.info; hxxps://p7.regardensy.mobi; hxxps://relstemportsin.club; hxxps://wishes2.com; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://www93.zippyshare.com; hxxps://za.gl
CHR Profile: C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default [2019-12-19]
CHR Extension: (Presentaciones) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Documentos) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-13]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (uBlock Origin) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-10-29]
CHR Extension: (Búsqueda de Google) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-13]
CHR Extension: (Fair AdBlocker App) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnofaichneijfbkdkghmhjjbepjmble [2017-05-22]
CHR Extension: (Web for Instagram plus DM) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkhjjcoidmkfegigfdedmafpfemccpk [2019-11-29]
CHR Extension: (App) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebmgfcblnnjcpobbpmohbbppbipploob [2018-05-06]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-08]
CHR Extension: (Hojas de cálculo) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-27]
CHR Extension: (Ad Block - AdFilter Español) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgekbffcnpflnhfjkdfdlhffigdfbnae [2016-12-15]
CHR Extension: (Download with JDownloader) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpmbokkdeapjommajdfmmheiiakdlgo [2018-11-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-19]
CHR HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165664 2012-08-23] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-11] (Malwarebytes Inc -> Malwarebytes)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-09-05] (Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed]
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-02-27] (Geek Software GmbH -> Geek Software GmbH)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2212328 2018-03-16] (Plex, Inc -> Plex, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive1.1; C:\Windows\System32\DRIVERS\CLVirtualDrive1_1.sys [91912 2013-06-03] (CyberLink Corp. -> CyberLink)
S3 CXPLRCAP; C:\Windows\System32\drivers\CxPlrCap.sys [235904 2010-01-06] (Beijing Geniatech Inc. Ltd. -> Conexant Systems, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2017-06-02] (DT Soft Ltd -> DT Soft Ltd)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] (Intel(R) Smart Connect software -> )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2019-12-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2019-12-19] (Malwarebytes Inc -> Malwarebytes)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 CLVirtualBus01; system32\DRIVERS\CLVirtualBus01.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-19 17:39 - 2019-12-19 17:39 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-12-19 17:38 - 2019-12-19 17:38 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-12-18 23:03 - 2019-12-19 18:15 - 000000000 ____D C:\FRST
2019-12-13 22:35 - 2019-12-17 23:32 - 000000000 ____D C:\Users\Papito\AppData\LocalLow\uTorrent
2019-12-11 21:03 - 2019-12-11 21:03 - 000030004 _____ C:\Users\Papito\Documents\cc_20191211_210323.reg
2019-12-11 20:57 - 2019-12-18 18:29 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-11 20:56 - 2019-12-11 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-11 20:28 - 2019-12-11 20:28 - 000003059 _____ C:\Users\Papito\Desktop\AdwCleaner[S00] Informe 2.txt
2019-12-11 20:27 - 2019-12-11 20:27 - 000003387 _____ C:\Users\Papito\Desktop\AdwCleaner[C00] Informe.txt
2019-12-11 20:04 - 2019-12-11 20:04 - 000001540 _____ C:\Users\Papito\Desktop\Analisis Malware.txt
2019-12-06 22:57 - 2019-12-06 22:57 - 000000000 ____D C:\Users\Papito\AppData\Local\cache
2019-12-01 12:21 - 2019-12-01 12:22 - 000000000 ____D C:\testintel2
2019-11-23 18:50 - 2019-11-23 18:50 - 000000000 ____D C:\testintel
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-19 18:14 - 2016-01-13 13:07 - 000000000 ____D C:\Users\Papito\AppData\Local\Adobe
2019-12-19 18:12 - 2016-01-13 11:21 - 000000000 ___RD C:\Users\Papito\jDownloads
2019-12-19 17:36 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-19 00:10 - 2009-07-14 05:45 - 000049264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-19 00:09 - 2009-07-14 05:45 - 000049264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-18 20:58 - 2017-06-12 21:59 - 000000000 ____D C:\Users\Papito\AppData\Roaming\vlc
2019-12-18 20:55 - 2017-06-04 17:03 - 000000000 ____D C:\Users\Papito\Desktop\Utorrent
2019-12-18 19:44 - 2016-01-13 14:25 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 19:32 - 2019-10-04 10:46 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-18 19:32 - 2019-10-04 10:46 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-18 18:21 - 2018-11-02 21:04 - 005092224 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-17 23:39 - 2017-06-02 14:06 - 000000000 ____D C:\Users\Papito\AppData\Roaming\uTorrent
2019-12-17 18:15 - 2010-11-21 08:09 - 000747720 _____ C:\Windows\system32\perfh00A.dat
2019-12-17 18:15 - 2010-11-21 08:09 - 000159192 _____ C:\Windows\system32\perfc00A.dat
2019-12-17 18:15 - 2009-07-14 06:13 - 001678218 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-17 18:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-12-16 19:53 - 2019-07-25 20:42 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-16 18:52 - 2018-03-16 22:18 - 000000336 _____ C:\Windows\Tasks\HPCeeScheduleForPapito.job
2019-12-16 18:51 - 2018-03-16 22:18 - 000003192 _____ C:\Windows\system32\Tasks\HPCeeScheduleForPapito
2019-12-14 21:16 - 2016-01-13 14:24 - 000003536 _____ C:\Windows\system32\Tasks\googleupdatetaskmachineua
2019-12-14 21:16 - 2016-01-13 14:24 - 000003408 _____ C:\Windows\system32\Tasks\googleupdatetaskmachinecore
2019-12-11 21:13 - 2016-02-05 21:34 - 000000000 ____D C:\Program Files\CCleaner
2019-12-11 21:04 - 2017-06-05 17:24 - 000000000 ___HD C:\temp
2019-12-11 21:01 - 2017-06-02 19:09 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint 2.5
2019-12-11 20:56 - 2018-04-15 11:50 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-11 20:56 - 2018-04-15 11:50 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-11 20:16 - 2018-03-15 20:05 - 000000000 ____D C:\Users\Papito\AppData\Roaming\Hewlett-Packard
2019-12-11 20:16 - 2018-03-15 19:36 - 000000000 ____D C:\Users\Papito\AppData\Local\Hewlett-Packard
2019-12-11 20:16 - 2018-03-15 19:36 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-12-11 20:10 - 2018-02-18 17:51 - 000000000 ____D C:\AdwCleaner
2019-12-11 19:10 - 2019-07-25 20:42 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-11 19:10 - 2019-07-25 20:42 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-10 22:28 - 2016-01-13 12:40 - 000000000 ____D C:\ProgramData\Temp
2019-12-10 21:32 - 2016-05-22 10:08 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-01 21:29 - 2018-03-10 22:26 - 000000000 ____D C:\Users\Papito\Desktop\Banderas del mundo
2019-11-28 22:23 - 2019-03-02 19:00 - 000000000 ____D C:\Users\Papito\Desktop\Documentos Excel
==================== Files in the root of some directories ========
2018-04-30 20:01 - 2018-04-30 20:01 - 000326325 _____ () C:\Users\Papito\AppData\Roaming\PE.bin
2016-01-15 23:31 - 2016-01-15 23:31 - 000033134 _____ () C:\Users\Papito\AppData\Roaming\UserTile.png
2018-02-14 14:17 - 2018-02-14 14:17 - 000000043 _____ () C:\Users\Papito\AppData\Roaming\WB.CFG
2016-01-19 23:38 - 2016-01-19 23:39 - 229845735 _____ () C:\Users\Papito\AppData\Local\ACCCx3_4_3_189.zip.aamdownload
2016-01-19 23:38 - 2016-01-19 23:39 - 000002657 _____ () C:\Users\Papito\AppData\Local\ACCCx3_4_3_189.zip.aamdownload.aamd
2016-06-27 21:57 - 2019-05-25 19:34 - 000001456 _____ () C:\Users\Papito\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2018-09-30 10:49 - 2018-09-30 10:49 - 000000000 _____ () C:\Users\Papito\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-12-10 02:02
==================== End of FRST.txt ========================Hola
Ya puedes perdonar por el retraso, te respondí pero no debí dar clic en responder 
Pusiste dos veces el reporte de FRST.txt, faltaría el de Addition,txt.
Conoces estas dos carpetas?
C:\testintel2
C:\testintel
Si no sabes que es, ve a esa ruta y mira a ver que hay dentro de ellas, haz una captura de pantalla y subes la imagen en tu próxima respuesta.
Un saludo
Daniela te mando el contenido de estas 2 carpetas, las dos son documentos de texto que abre Bloc de Nota, en los dos hay solo estas tres letras y nada mas( meh) no se si esto te sirve de ayuda, un saludo y felices fiestas.
Hola
Para revisar de que es me sirve, ya voy viendo unos cuantos reportes con esas mismas carpetas, gracias 
Pon el reporte de Addition.txt, pusiste los dos reportes iguales de FRST.
Un saludo
Perdóname creo que me he vuelto a equivocarme, aquí te mando el nuevo informe.
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 25-12-2019
Ejecutado por Papito (26-12-2019 13:17:44)
Ejecutado desde C:\Users\Papito\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-13 10:21:41)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-1089716657-1759760612-2350703969-500 - Administrator - Disabled)
Invitado (S-1-5-21-1089716657-1759760612-2350703969-501 - Limited - Disabled)
Papito (S-1-5-21-1089716657-1759760612-2350703969-1000 - Administrator - Enabled) => C:\Users\Papito
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-042D-0000-0000000FF1CE}_ENTERPRISE_{017A6981-5E03-4A97-830A-35FE0927BB7F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0456-0000-0000000FF1CE}_ENTERPRISE_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0C0A-1000-0000000FF1CE}_ENTERPRISE_{430AE3E6-E982-4958-90FC-1C062BC74E22}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{430AE3E6-E982-4958-90FC-1C062BC74E22}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20100 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Argente - Registry Cleaner 2.0.0.5 (HKLM-x32\...\Argente - Registry Cleaner_is1) (Version: 2.0.0.5 - Argente Software)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
calibre 64bit (HKLM\...\{AA76C33C-0778-4CA0-BD95-147EC22E7767}) (Version: 4.0.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4728.0 - Nombre de su organización) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4728.0 - CyberLink Corp.)
CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.1002.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.0.4203 - CyberLink Corp.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Driver Install 64-Bit (HKLM-x32\...\{AA107568-1B58-407E-9867-D51F71C9F446}) (Version: 6.0.107.0 - China) Hidden
Driver Install 64-Bit (HKLM-x32\...\InstallShield_{AA107568-1B58-407E-9867-D51F71C9F446}) (Version: 6.0.107.0 - China)
Elements 11 Organizer (HKLM-x32\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Nombre de su organización) Hidden
eMule (HKLM-x32\...\eMule) (Version: - )
EPSON Attach To Email (HKLM-x32\...\{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 1.80.00 - )
EPSON File Manager (HKLM-x32\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HP Officejet Pro 6230 Software básico del dispositivo (HKLM\...\{A94951D7-E9A7-42AB-888B-E18B276785B0}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft .NET Framework 4.6.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e9d78d68-c26c-4da7-9158-99355d8ef3ad}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{58b3beca-b999-4f6f-a48c-81681136a620}) (Version: 14.10.25017.0 - Microsoft Corporation)
Paquete de compatibilidad para 2007 Office system (HKLM-x32\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
PDF24 Creator 8.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PerfV350 Manual de usuario (HKLM-x32\...\PerfV350 Manual de usuario) (Version: - )
Plex Media Server (HKLM-x32\...\{b75df829-7b5f-4ff5-8fa7-97f261f23960}) (Version: 1.12.1.4885 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{BBC1706D-098F-4839-ABC1-30D8CBE344DC}) (Version: 1.12.1885 - Plex, Inc.) Hidden
PSE11 STI Installer (HKLM-x32\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6813 - Realtek Semiconductor Corp.)
Stopping Plex (HKLM-x32\...\{366AF62D-D58F-4F59-B409-5DB072FE3028}) (Version: 1.12.1885 - Plex, Inc.) Hidden
TP-LINK 300Mbps Wireless USB Adapter Controlador (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare PDFelement 6 Pro(Build 6.8.8) (HKLM-x32\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.8.8.4159 - Wondershare Software Co.,Ltd.)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\...\ChromeHTML: -> <==== ATENCIÓN
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20170602_20_09_03.dll [2013-11-08] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-10-23] (Disc Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20170602_20_09_03.dll [2013-11-08] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-10-23] (Disc Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]
==================== Accesos directos & WMI ========================
Hola
El reporte de Addition no está completo, pon la parte que falta.
Un saludo
Te vuelvo a pedir perdón como ves soy un poco torpe, espero que ahora este completo. Gracias
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-12-2019
Ejecutado por Papito (26-12-2019 19:22:44)
Ejecutado desde C:\Users\Papito\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-13 10:21:41)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-1089716657-1759760612-2350703969-500 - Administrator - Disabled)
Invitado (S-1-5-21-1089716657-1759760612-2350703969-501 - Limited - Disabled)
Papito (S-1-5-21-1089716657-1759760612-2350703969-1000 - Administrator - Enabled) => C:\Users\Papito
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-042D-0000-0000000FF1CE}_ENTERPRISE_{017A6981-5E03-4A97-830A-35FE0927BB7F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0456-0000-0000000FF1CE}_ENTERPRISE_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0C0A-1000-0000000FF1CE}_ENTERPRISE_{430AE3E6-E982-4958-90FC-1C062BC74E22}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{430AE3E6-E982-4958-90FC-1C062BC74E22}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version: - Microsoft) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20100 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Argente - Registry Cleaner 2.0.0.5 (HKLM-x32\...\Argente - Registry Cleaner_is1) (Version: 2.0.0.5 - Argente Software)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
calibre 64bit (HKLM\...\{AA76C33C-0778-4CA0-BD95-147EC22E7767}) (Version: 4.0.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4728.0 - Nombre de su organización) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4728.0 - CyberLink Corp.)
CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.1002.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.0.4203 - CyberLink Corp.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Driver Install 64-Bit (HKLM-x32\...\{AA107568-1B58-407E-9867-D51F71C9F446}) (Version: 6.0.107.0 - China) Hidden
Driver Install 64-Bit (HKLM-x32\...\InstallShield_{AA107568-1B58-407E-9867-D51F71C9F446}) (Version: 6.0.107.0 - China)
Elements 11 Organizer (HKLM-x32\...\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}) (Version: 11.0 - Nombre de su organización) Hidden
eMule (HKLM-x32\...\eMule) (Version: - )
EPSON Attach To Email (HKLM-x32\...\{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 1.80.00 - )
EPSON File Manager (HKLM-x32\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HP Officejet Pro 6230 Software básico del dispositivo (HKLM\...\{A94951D7-E9A7-42AB-888B-E18B276785B0}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft .NET Framework 4.6.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e9d78d68-c26c-4da7-9158-99355d8ef3ad}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{58b3beca-b999-4f6f-a48c-81681136a620}) (Version: 14.10.25017.0 - Microsoft Corporation)
Paquete de compatibilidad para 2007 Office system (HKLM-x32\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
PDF24 Creator 8.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PerfV350 Manual de usuario (HKLM-x32\...\PerfV350 Manual de usuario) (Version: - )
Plex Media Server (HKLM-x32\...\{b75df829-7b5f-4ff5-8fa7-97f261f23960}) (Version: 1.12.1.4885 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{BBC1706D-098F-4839-ABC1-30D8CBE344DC}) (Version: 1.12.1885 - Plex, Inc.) Hidden
PSE11 STI Installer (HKLM-x32\...\{98CE8819-87AA-4814-8167-ADDDD513485F}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6813 - Realtek Semiconductor Corp.)
Stopping Plex (HKLM-x32\...\{366AF62D-D58F-4F59-B409-5DB072FE3028}) (Version: 1.12.1885 - Plex, Inc.) Hidden
TP-LINK 300Mbps Wireless USB Adapter Controlador (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare PDFelement 6 Pro(Build 6.8.8) (HKLM-x32\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.8.8.4159 - Wondershare Software Co.,Ltd.)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\...\ChromeHTML: -> <==== ATENCIÓN
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20170602_20_09_03.dll [2013-11-08] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-10-23] (Disc Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt9] -> {4E20B104-5D9F-4E01-A01E-100F08E345C9} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt9_20170602_20_09_03.dll [2013-11-08] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll [2012-10-23] (Disc Soft Ltd -> DT Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Papito\Desktop\App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ebmgfcblnnjcpobbpmohbbppbipploob
ShortcutWithArgument: C:\Users\Papito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ebmgfcblnnjcpobbpmohbbppbipploob
ShortcutWithArgument: C:\Users\Papito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Fair AdBlocker App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=dcnofaichneijfbkdkghmhjjbepjmble
==================== Módulos cargados (Lista blanca) =============
2017-06-02 21:06 - 2012-11-17 00:30 - 000107520 _____ () [Archivo no firmado] C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 000013824 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2012-10-23 09:24 - 2012-11-17 00:31 - 005749376 _____ (Disc Soft Ltd -> DT Soft Ltd) [Archivo no firmado] C:\Program Files (x86)\DAEMON Tools Pro\DTCommonRes.dll
2016-01-19 18:34 - 2016-01-19 18:34 - 000097280 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2019-03-09 22:25 - 2017-10-19 10:17 - 000271360 _____ (Wondershare Software) [Archivo no firmado] C:\Windows\System32\WSPDFelementMonitor.dll
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\Windows:nlsPreferences [770]
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [152]
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2009-07-14 03:34 - 2018-05-20 18:55 - 000004189 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 crl.verisign.net
127.0.0.1 CRL.VERISIGN.NET.*
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Calibre2\
HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Papito\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está deshabilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: AdobeActiveFileMonitor11.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: nlsX86cc => 2
MSCONFIG\Services: PDF24 => 2
MSCONFIG\Services: PlexUpdateService => 2
MSCONFIG\startupfolder: C:^Users^Papito^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Recorte de pantalla e Inicio rápido de OneNote 2007.lnk => C:\Windows\pss\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk.Startup
MSCONFIG\startupreg: 1d0e0e48e990b59215c23b3ae8ad46b5 => C:\ProgramData\1d0e0e48e990b59215c23b3ae8ad46b5\AutoIt3.exe C:\ProgramData\1d0e0e48e990b59215c23b3ae8ad46b5\test.au3
MSCONFIG\startupreg: a33153e0 => C:\ProgramData\Intel\Wireless\9f2da96\fkhdcbc.exe C:\ProgramData\Intel\Wireless\9f2da96\a801d3a.au3
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: Ashampoo WinOptimizer Live-Tuner2 => "C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 15\LiveTuner2.exe" -TRAY
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chromium => "c:\users\papito\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Google Update => C:\Users\Papito\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
MSCONFIG\startupreg: Power2GoExpress9 => "C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe" /Startup
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe Ningún archivo
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe Ningún archivo
FirewallRules: [{061AB843-7061-4C56-AC43-9FA3784B6B64}] => (Allow) C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6B77266F-1C6C-49B5-B49E-7A2768A99E32}] => (Allow) C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A1A9A7B4-4F70-467D-8E3C-F7A2E7055A4C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6230\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{529FCB27-36FC-4B90-A789-9711E05E261C}] => (Allow) LPort=5357
FirewallRules: [{8442585E-77AB-45C7-8FA7-52D42D1D40F9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6230\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{CF710495-6019-4C16-B589-94A846E7519C}] => (Allow) C:\Program Files (x86)\eMule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [{56CFF345-FACA-466A-9604-46761A586DC6}] => (Allow) C:\Program Files (x86)\eMule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [{CB89D58A-4ACC-440D-9C22-CA8A804C3D65}] => (Allow) C:\Program Files (x86)\eMule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [{DEA714C6-4E6E-4C72-9C8F-0439DB023D16}] => (Allow) C:\Program Files (x86)\eMule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [{7BB6269F-9AAB-4F09-B875-0AD306B4413B}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{3ECEBF0D-2452-4A34-8E01-D79AEBA10E43}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [{CB0F2CB0-C36B-4E3E-90CB-9D79A44C1556}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{53675007-3279-41DD-8EED-A7C9FF0ED54C}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> Plex)
FirewallRules: [{3AEE65CB-128D-4A95-A825-EA6B5C19E3D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Puntos de Restauración =========================
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: 300Mbps Wireless USB Adapter
Description: 300Mbps Wireless USB Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TP-LINK
Service: RTL8192cu
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (12/26/2019 12:58:14 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (1308) Al intentar abrir el archivo "C:\Users\Papito\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acceso de sólo lectura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (12/26/2019 12:51:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (12/26/2019 12:49:50 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.
Error: (12/26/2019 12:49:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x80070005
Error: (12/26/2019 12:15:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (12/26/2019 12:13:12 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x00000000.
Error: (12/26/2019 12:13:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
0x80070005
Error: (12/25/2019 08:00:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa uTorrent.exe, versión 3.5.4.44632, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: 604
Hora de inicio: 01d5bb4ed1bd2156
Hora de finalización: 12519
Ruta de acceso de la aplicación: C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe
Identificador de informe: 9046f8f0-2746-11ea-b4c5-bc5ff4b6f368
Errores del sistema:
=============
Error: (12/26/2019 12:35:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Programador de tareas depende del servicio Registro de eventos de Windows, el cual no pudo iniciarse debido al siguiente error:
No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.
Error: (12/25/2019 10:07:00 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.
Error: (12/25/2019 10:05:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2019 10:04:25 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2019 06:17:17 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.
Error: (12/25/2019 05:47:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2019 05:42:18 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {995C996E-D918-4A8C-A302-45719A6F4EA7} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/25/2019 05:37:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (60000 ms) para la respuesta de transacción del servicio WPDBusEnum.
Windows Defender:
===================================
Date: 2017-12-18 08:22:23.206
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{39DB0D79-AB92-41B6-971A-C84DED2C47FC}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. P1.30 05/13/2013
Placa base: ASRock H61M-VG4
Procesador: Intel(R) Pentium(R) CPU G2030 @ 3.00GHz
Porcentaje de memoria en uso: 94%
RAM física total: 4057.12 MB
RAM física disponible: 228.04 MB
Virtual total: 8130.3 MB
Virtual disponible: 1478.61 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:232.88 GB) (Free:125.42 GB) NTFS ==>[unidad con componentes de arranque (obtenido de BCD)]
Drive d: (Jose) (Fixed) (Total:931.5 GB) (Free:280.56 GB) NTFS
Drive k: (TOSHIBA EXT de la F a la L) (Fixed) (Total:2794.39 GB) (Free:1572.03 GB) NTFS
Drive l: (TOSHIBA EXT de la A a la E) (Fixed) (Total:3725.9 GB) (Free:2158.69 GB) NTFS
Drive o: (SAMSUNG) (Fixed) (Total:1863.01 GB) (Free:899.13 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1E2D4F30)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0F Extended)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: ACCFACCF)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
==========================================================
Disk: 6 (Size: 2794.5 GB) (Disk ID: 31A2D097)
Partition: GPT.
==========================================================
Disk: 7 (Size: 3726 GB) (Disk ID: 510CE734)
Partition: GPT.
==========================================================
Disk: 8 (Size: 1863 GB) (Disk ID: 5F5DB0DE)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Final de Addition.txt =======================
Hola
Nada que perdonar, ahora está perfecto!!! 
MUY Importante 
Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe( en tu escritorio). -
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación 
con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
Task: {0C842462-523B-4665-9926-768A3BFECD80} - \SUPERAntiSpyware Scheduled Task 9463c4e5-726b-49dd-a236-c2af9451b9c1 -> No File <==== ATTENTION
Task: {897C0EC4-394F-467D-8BE5-58089CAAE44F} - \SUPERAntiSpyware Scheduled Task 495f86d9-6833-41d5-82df-6c53b86ac270 -> No File <==== ATTENTION
Task: {D0856BD1-F148-46AE-8D05-F7ACD999BABF} - System32\Tasks\{946CAA40-D8E3-4F30-A8FD-772D3932C364} => C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe [1987768 2018-09-30] (BitTorrent Inc -> BitTorrent Inc.)
Task: {D1D8313E-0862-4039-8351-806ED9084C66} - System32\Tasks\{C2D6990E-BB1C-498E-9BE2-B799C0AB37E3} => C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe [1987768 2018-09-30] (BitTorrent Inc -> BitTorrent Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1089716657-1759760612-2350703969-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (App) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebmgfcblnnjcpobbpmohbbppbipploob [2018-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-19]
CHR HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S3 CLVirtualBus01; system32\DRIVERS\CLVirtualBus01.sys [X]
2019-12-01 12:21 - 2019-12-01 12:22 - 000000000 ____D C:\testintel2
2019-11-23 18:50 - 2019-11-23 18:50 - 000000000 ____D C:\testintel
ShortcutWithArgument: C:\Users\Papito\Desktop\App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ebmgfcblnnjcpobbpmohbbppbipploob
ShortcutWithArgument: C:\Users\Papito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ebmgfcblnnjcpobbpmohbbppbipploob
AlternateDataStreams: C:\Windows:nlsPreferences [770]
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [152]
C:\ProgramData\1d0e0e48e990b59215c23b3ae8ad46b5
C:\ProgramData\Intel\Wireless\9f2da96
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
- Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
- Presionar el botón FIX y aguardar a que termine.
- La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
Muchisimas gracias Daniela: El problema del (Autoit v3 script) parece que ha desaparecido en los próximos dia te contare como esta funcionando el PC, te pego el informe Fixlog.txt.
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 28-12-2019
Ejecutado por Papito (30-12-2019 19:09:33) Run:1
Ejecutado desde C:\Users\Papito\Desktop
Perfiles cargados: Papito (Perfiles disponibles: Papito)
Modo de Inicio: Normal
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
Task: {0C842462-523B-4665-9926-768A3BFECD80} - \SUPERAntiSpyware Scheduled Task 9463c4e5-726b-49dd-a236-c2af9451b9c1 -> No File <==== ATTENTION
Task: {897C0EC4-394F-467D-8BE5-58089CAAE44F} - \SUPERAntiSpyware Scheduled Task 495f86d9-6833-41d5-82df-6c53b86ac270 -> No File <==== ATTENTION
Task: {D0856BD1-F148-46AE-8D05-F7ACD999BABF} - System32\Tasks\{946CAA40-D8E3-4F30-A8FD-772D3932C364} => C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe [1987768 2018-09-30] (BitTorrent Inc -> BitTorrent Inc.)
Task: {D1D8313E-0862-4039-8351-806ED9084C66} - System32\Tasks\{C2D6990E-BB1C-498E-9BE2-B799C0AB37E3} => C:\Users\Papito\AppData\Roaming\uTorrent\uTorrent.exe [1987768 2018-09-30] (BitTorrent Inc -> BitTorrent Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1089716657-1759760612-2350703969-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (App) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebmgfcblnnjcpobbpmohbbppbipploob [2018-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-19]
CHR HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S3 CLVirtualBus01; system32\DRIVERS\CLVirtualBus01.sys [X]
2019-12-01 12:21 - 2019-12-01 12:22 - 000000000 ____D C:\testintel2
2019-11-23 18:50 - 2019-11-23 18:50 - 000000000 ____D C:\testintel
ShortcutWithArgument: C:\Users\Papito\Desktop\App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ebmgfcblnnjcpobbpmohbbppbipploob
ShortcutWithArgument: C:\Users\Papito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ebmgfcblnnjcpobbpmohbbppbipploob
AlternateDataStreams: C:\Windows:nlsPreferences [770]
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [152]
C:\ProgramData\1d0e0e48e990b59215c23b3ae8ad46b5
C:\ProgramData\Intel\Wireless\9f2da96
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
*****************
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C842462-523B-4665-9926-768A3BFECD80}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C842462-523B-4665-9926-768A3BFECD80}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task 9463c4e5-726b-49dd-a236-c2af9451b9c1" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{897C0EC4-394F-467D-8BE5-58089CAAE44F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{897C0EC4-394F-467D-8BE5-58089CAAE44F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task 495f86d9-6833-41d5-82df-6c53b86ac270" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0856BD1-F148-46AE-8D05-F7ACD999BABF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0856BD1-F148-46AE-8D05-F7ACD999BABF}" => eliminado correctamente
C:\Windows\System32\Tasks\{946CAA40-D8E3-4F30-A8FD-772D3932C364} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{946CAA40-D8E3-4F30-A8FD-772D3932C364}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1D8313E-0862-4039-8351-806ED9084C66}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1D8313E-0862-4039-8351-806ED9084C66}" => eliminado correctamente
C:\Windows\System32\Tasks\{C2D6990E-BB1C-498E-9BE2-B799C0AB37E3} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2D6990E-BB1C-498E-9BE2-B799C0AB37E3}" => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => eliminado correctamente
HKLM\Software\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => eliminado correctamente
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => eliminado correctamente
"HKLM\Software\Wow6432Node\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => eliminado correctamente
"HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => eliminado correctamente
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => eliminado correctamente
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => eliminado correctamente
CHR Extension: (App) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebmgfcblnnjcpobbpmohbbppbipploob [2018-05-06] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Chrome Media Router) - C:\Users\Papito\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-19] => Error: Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\SOFTWARE\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
HKLM\System\CurrentControlSet\Services\CLVirtualBus01 => eliminado correctamente
CLVirtualBus01 => servicio eliminado correctamente
C:\testintel2 => movido correctamente
C:\testintel => movido correctamente
C:\Users\Papito\Desktop\App.lnk => Acceso directo argumento eliminado correctamente
C:\Users\Papito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\App.lnk => Acceso directo argumento eliminado correctamente
C:\Windows => ":nlsPreferences" ADS eliminado correctamente
C:\ProgramData\Temp => ":1CE11B51" ADS eliminado correctamente
"C:\ProgramData\1d0e0e48e990b59215c23b3ae8ad46b5" => no encontrado
C:\ProgramData\Intel\Wireless\9f2da96 => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1089716657-1759760612-2350703969-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Adaptador de Ethernet Conexi¢n de rea local:
Sufijo DNS espec¡fico para la conexi¢n. . : home
V¡nculo: direcci¢n IPv6 local. . . : fe80::fdeb:6c68:3400:335c%11
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.116
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.1.1
Adaptador de t£nel isatap.home:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . : home
Adaptador de t£nel Teredo Tunneling Pseudo-Interface:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
{E26E605C-5175-449C-BF0B-581938E728E6} canceled.
{12E7B19E-03D6-43F6-926D-472A9C9266F0} canceled.
{4C133204-0071-4004-AC9F-FF83310784C0} canceled.
{DD0262AE-2918-42CD-8FBE-E0F5A3846376} canceled.
{154CF618-E4B4-46A0-800C-F7AAB54C0FE9} canceled.
{A55D2718-5681-4E76-B523-E6CE273891A4} canceled.
{62BCE355-DDD7-46A0-B57F-25E4972ED029} canceled.
{82B8BB17-D78D-4B1E-A6D2-4B3F12299082} canceled.
8 out of 8 jobs canceled.
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9850961 B
Java, Flash, Steam htmlcache => 1080 B
Windows/system/drivers => 1876198 B
Edge => 0 B
Chrome => 150922070 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 149953 B
systemprofile32 => 49880892 B
LocalService => 50013136 B
NetworkService => 50014084 B
Papito => 78980241 B
RecycleBin => 0 B
EmptyTemp: => 381.7 MB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 19:13:03 ====
Un saludo y feliz entrada y salida de año.
Hola
De acuerdo, pruebalo durante unos días, pero no olvides volver a comentar 
Gracias, Feliz Año Nuevo.
Un saludo
Feliz año nuevo Daniela, te estoy muy agradecido por tu ayuda, ya estaba pensando en formatear el PC , bueno yo no. El ordenador va muy bien y ha desaparecido el Autoit v3, el único problema que me queda es que cuando enciendo el PC no me arranca el Win directamente tengo que pulsar F-1, pero eso no me preocupa mucho comparado con lo que me pasaba. Muchas gracias por todo y Felices Fiestas. Un saludo.
Hola
Pudiste solucionar lo del arranque?
Sigue estos pasos, para eliminar las herramientas utilizadas:
Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Comenta si sigue bien el problema por el que iniciaste el tema.
Un saludo
Hola Daniela: Feliz año nuevo. En lo referente al tema por el que inicie esta consulta está totalmente solucionado, por lo que te doy las gracias encarecidamente. Creo que podemos cerrar la consulta, para que dediques tu tiempo a ayudar a otras personas. Un saludo y vuelvo a darte las gracias.
1 me gusta
Hola @23223979
Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte 
Nos alegramos que se te haya resuelto Damos el tema por solucionado.
Solucionado
Feliz Año Nuevo!!!
Un saludo