Buenas, no tengo mucha idea de informática pero tengo razones para pensar que tiene algún tipo de software malicioso. Como no tengo mucha idea, espero sus instrucciones. Gracias.
Buenas @Galicha.
Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.
Desactiva temporalmente el Antivirus [Cómo deshabilitar temporalmente su Antivirus , mientras estemos realizando TODOS los pasos.
Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :
-
Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
-
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.
Ejecutas las herramientas de una en una y en el orden indicado :
CCleaner.-
-
Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
-
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
-
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).
Malwarebytes.-
-
Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
-
Realiza un Análisis Personalizado.
-
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
-
En el apartado del programa Historial de detecciones encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.
AdwCleaner.-
-
Ejecuta Adwcleaner.exe.
-
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
-
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt
Junkware Removal Tool.-
-
Ejecuta JRT.exe.
-
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
-
Si en algún momento te pide Reiniciar hazlo.
-
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
-
Copia y pega el contenido de JRT.txt en tu próxima respuesta.
Farbar Recovery Scan Tool.-
-
Ejecuta FRST.exe.
-
En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes
-
En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.
-
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los informes en tu próxima respuesta de :
- Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).
Y nos cuentas como funciona tu equipo en relación al problema planteado.
Saludos Javier.
Hola otra vez. Parece que va mejor. Pego el reporte:
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 3/8/20
Hora del análisis: 18:49
Archivo de registro: 5b86d960-d5a9-11ea-9e22-e840f23db05f.json
-Información del software-
Versión: 4.1.2.73
Versión de los componentes: 1.0.990
Versión del paquete de actualización: 1.0.27879
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 18362.959)
CPU: x86
Sistema de archivos: NTFS
Usuario: PC_ALMACEN\usuario
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 487727
Amenazas detectadas: 101
Amenazas en cuarentena: 99
Tiempo transcurrido: 22 hr, 1 min, 29 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 1
PUP.Optional.NextLive, C:\USERS\USUARIO\APPDATA\ROAMING\NEWNEXT.ME\NENGINE.DLL, En cuarentena, 1406, 241212, , , ,
Clave del registro: 16
PUP.Optional.CouponMarvel, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\lollipop, En cuarentena, 2540, 253334, 1.0.27879, , ame,
PUP.Optional.OfferBox, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\OfferBox, En cuarentena, 2357, 256801, 1.0.27879, , ame,
PUP.Optional.CrossRider, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, En cuarentena, 507, 237370, 1.0.27879, , ame,
PUP.Optional.ReMarkIt, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\APPDATALOW\SOFTWARE\Re_markit, En cuarentena, 5840, 242309, 1.0.27879, , ame,
PUP.Optional.ReMarkIt, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En cuarentena, 5840, -1, 0.0.0, , action,
PUP.Optional.DriverAgentPlus, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\ESUPPORT.COM\DriverAgent, En cuarentena, 1120, 262210, 1.0.27879, , ame,
PUP.Optional.CrossRider, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D8E024B-AE7E-4106-B9C4-DE6C27E350CB}, En cuarentena, 507, 237488, 1.0.27879, , ame,
PUP.Optional.Babylon, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, En cuarentena, 396, 235650, 1.0.27879, , ame,
PUP.Optional.NationZoom.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, En cuarentena, 1393, 233694, , , ,
PUP.Optional.NationZoom.ShrtCln, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, En cuarentena, 1393, 233694, 1.0.27879, , ame,
PUP.Optional.NationZoom.ShrtCln, HKLM\SOFTWARE\nationzoomSoftware, En cuarentena, 1393, 230225, 1.0.27879, , ame,
PUP.Optional.OfferBox, HKLM\SOFTWARE\OfferBox, En cuarentena, 2357, 256807, 1.0.27879, , ame,
PUP.Optional.SupTab, HKLM\SOFTWARE\supWPM, En cuarentena, 1638, 243703, 1.0.27879, , ame,
Adware.MoboGenie, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\MobogenieAdd, En cuarentena, 3212, 477441, 1.0.27879, , ame,
Adware.Agent.OL, HKLM\SOFTWARE\CLASSES\Prod.cap, En cuarentena, 6927, 830817, 1.0.27879, , ame,
PUP.Optional.Elex, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ifohbjbgfchkkfhphahclmkpgejiplfo, En cuarentena, 991, 238075, 1.0.27879, , ame,
Valor del registro: 13
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 2540, -1, 0.0.0, , action,
PUP.Optional.ReMarkIt, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Error durante la eliminación, 5840, -1, 0.0.0, , action,
PUP.Optional.ReMarkIt, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 5840, -1, 0.0.0, , action,
PUP.Optional.ReMarkIt, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 5840, -1, 0.0.0, , action,
PUP.Optional.ReMarkIt, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En cuarentena, 5840, -1, 0.0.0, , action,
PUP.Optional.ReMarkIt, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Error durante la eliminación, 5840, -1, 0.0.0, , action,
PUP.Optional.NextLive, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NEXTLIVE, En cuarentena, 1406, 241212, 1.0.27879, , ame,
PUP.Optional.CrossRider, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D8E024B-AE7E-4106-B9C4-DE6C27E350CB}|APPNAME, En cuarentena, 507, 237488, 1.0.27879, , ame,
PUP.Optional.Babylon, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, En cuarentena, 396, 235650, 1.0.27879, , ame,
PUP.Optional.NationZoom.ShrtCln, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DISPLAYNAME, En cuarentena, 1393, 233694, 1.0.27879, , ame,
PUP.Optional.NationZoom.ShrtCln, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, En cuarentena, 1393, 233694, 1.0.27879, , ame,
PUP.Optional.Elex, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|IFOHBJBGFCHKKFHPHAHCLMKPGEJIPLFO, En cuarentena, 991, 238075, , , ,
PUP.Optional.Lightning, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|cekcjpgehmohobmdiikfnopibipmgnml, En cuarentena, 1952, 177971, , , ,
Datos del registro: 5
PUP.Optional.NationZoom.ShrtCln, HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|DEFAULT_PAGE_URL, Sustituido, 1393, 291317, 1.0.27879, , ame,
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Sustituido, 5258, 292819, 1.0.27879, , ame,
PUP.Optional.NationZoom.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|DEFAULT_SEARCH_URL, Sustituido, 1393, 291320, 1.0.27879, , ame,
PUP.Optional.NationZoom.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|DEFAULT_PAGE_URL, Sustituido, 1393, 291320, 1.0.27879, , ame,
PUP.Optional.NationZoom.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Sustituido, 1393, 291320, 1.0.27879, , ame,
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 20
PUP.Optional.Elex, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\IFOHBJBGFCHKKFHPHAHCLMKPGEJIPLFO, En cuarentena, 991, 238075, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\es, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro, En cuarentena, 3028, 319821, 1.0.27879, , ame,
Adware.MobileGenie, C:\Users\usuario\AppData\Local\genienext, En cuarentena, 2638, 770848, 1.0.27879, , ame,
PUP.Optional.Lightning, C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml, En cuarentena, 1952, 177971, 1.0.27879, , ame,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\Download\Picture, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\Download\Music, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\Download\Video, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\Download\Apk, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\Download, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\backup, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\device, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\driver, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\Data, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie, En cuarentena, 2672, 322690, 1.0.27879, , ame,
PUP.Optional.NextLive, C:\Users\usuario\AppData\Roaming\newnext.me\cache, En cuarentena, 1406, 178681, , , ,
PUP.Optional.NextLive, C:\Users\usuario\AppData\Roaming\newnext.me, En cuarentena, 1406, 178681, 1.0.27879, , ame,
PUP.Optional.OfferBox, C:\Users\usuario\AppData\Roaming\OfferBox\http_app.offerbox.com\sdch, En cuarentena, 2357, 256794, , , ,
PUP.Optional.OfferBox, C:\Users\usuario\AppData\Roaming\OfferBox\http_app.offerbox.com, En cuarentena, 2357, 256794, , , ,
PUP.Optional.OfferBox, C:\USERS\USUARIO\APPDATA\ROAMING\OFFERBOX, En cuarentena, 2357, 256794, 1.0.27879, , ame,
Archivo: 46
PUP.Optional.NextLive, C:\USERS\USUARIO\APPDATA\ROAMING\NEWNEXT.ME\NENGINE.DLL, En cuarentena, 1406, 241212, , , ,
PUP.Optional.Elex, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 991, 238075, , , ,
PUP.Optional.Elex, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, 991, 238075, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\es\DevExpress.XtraBars.v12.1.resources.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\DevExpress.Data.v12.1.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\DevExpress.Utils.v12.1.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\DevExpress.XtraBars.v12.1.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Licensing.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Localization.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Views.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Views.Document.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Views.Media.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\DevExpress.RichEdit.v12.1.Core.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\DevExpress.XtraEditors.v12.1.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.exe, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Views.Message.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Views.Xps.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\ICSharpCode.TextEditor.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Views.Mime.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Views.Pdf.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Views.Wpd.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Views.Wps.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\FileViewPro.Common.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\IsLicense50.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\O2S.Components.PDFView4NET.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.FileViewPro, C:\Program Files\FileViewPro\QlmLicenseLib.dll, En cuarentena, 3028, 319821, , , ,
PUP.Optional.Downloader, C:\PROGRAM FILES\UNINSTALLER\UNINSTALL.EXE, En cuarentena, 541, 301037, 1.0.27879, , ame,
Adware.MobileGenie, C:\Users\usuario\AppData\Local\genienext\nengine.dll, En cuarentena, 2638, 770848, , , ,
PUP.Optional.Lightning, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 1952, 177971, , , ,
PUP.Optional.NewTab, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NEWTAB.CRX, En cuarentena, 330, 443461, 1.0.27879, , ame,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\Data\mobogenie_u_user_dl.mg, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\client.time, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\driverresult.log, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\mobo.uuid, En cuarentena, 2672, 322690, , , ,
PUP.Optional.MoboGenie, C:\Users\usuario\AppData\Local\Mobogenie\Source.mu, En cuarentena, 2672, 322690, , , ,
PUP.Optional.NextLive, C:\Users\usuario\AppData\Roaming\newnext.me\cache\spark.bin, En cuarentena, 1406, 178681, , , ,
PUP.Optional.NextLive, C:\Users\usuario\AppData\Roaming\newnext.me\nengine.cookie, En cuarentena, 1406, 178681, , , ,
PUP.Optional.OfferBox, C:\USERS\USUARIO\APPDATA\ROAMING\OFFERBOX\CONFIG.XML, En cuarentena, 2357, 256794, 1.0.27879, , ame,
PUP.Optional.OfferBox, C:\Users\usuario\AppData\Roaming\OfferBox\http_app.offerbox.com\country.sxe, En cuarentena, 2357, 256794, , , ,
PUP.Optional.OfferBox, C:\Users\usuario\AppData\Roaming\OfferBox\http_app.offerbox.com\history.db, En cuarentena, 2357, 256794, , , ,
PUP.Optional.OfferBox, C:\Users\usuario\AppData\Roaming\OfferBox\http_app.offerbox.com\profile.sxe, En cuarentena, 2357, 256794, , , ,
PUP.Optional.OfferBox, C:\Users\usuario\AppData\Roaming\OfferBox\http_app.offerbox.com\update.sxe, En cuarentena, 2357, 256794, , , ,
PUP.Optional.OfferBox, C:\Users\usuario\AppData\Roaming\OfferBox\http_app.offerbox.com\update.xml, En cuarentena, 2357, 256794, , , ,
MachineLearning/Anomalous.97%, C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPPOUMDN.EXE, En cuarentena, 0, 392687, 1.0.27879, , shuriken,
PUP.Optional.WinThruster, C:\WINDOWS\SYSTEM32\ROBOOT.EXE, En cuarentena, 1622, 461217, 1.0.27879, , ame,
Backdoor.Bot, C:\WINDOWS\SYSTEM32\REGSVR.EXE, En cuarentena, 3525, 204603, 1.0.27879, , ame,
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
El de ADWCLEANER
# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-04-2020
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 32
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\DriverWhiz
Deleted C:\Program Files\MyPC Backup
Deleted C:\Program Files\myfree codec
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverWhiz
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Deleted C:\Users\usuario\AppData\Local\FileViewPro
Deleted C:\Users\usuario\AppData\Local\YSearchUtil
Deleted C:\Users\usuario\AppData\Local\lollipop
Deleted C:\Users\usuario\AppData\Roaming\Coupons
Deleted C:\Users\usuario\AppData\Roaming\Solvusoft
Deleted C:\Users\usuario\Documents\Mobogenie
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Deleted C:\Users\usuario\daemonprocess.txt
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8233E789-9C0C-448C-9410-96DDB847AF7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDF8BF2E-1331-4F24-8A35-327B4815DE68}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7E468E5-DD1-41D7-9FCC-C1D2107A9834}
Deleted HKCU\Software\Classes\Applications\lollipop.exe
Deleted HKCU\Software\DriverWhiz
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted HKCU\Software\Myfree Codec
Deleted HKCU\Software\Softonic
Deleted HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Deleted HKLM\Software\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Deleted HKLM\Software\Classes\SpeedUpMyPC
Deleted HKLM\Software\DomaIQ
Deleted HKLM\Software\Myfree Codec
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Wpm
***** [ Chromium (and derivatives) ] *****
Deleted MSN Homepage & Bing Search Engine - fcfenmboojpjinhpgggodefccipikbpd
Deleted Re-markit - dcpfhaghaadpjpgocojgnlhjcieeooel
***** [ Chromium URLs ] *****
Deleted http://www.nationzoom.com/?type=hp&ts=1389177188&from=tugs&uid=WDCXWD5000AAKX-083CA1_WD-WMAYUM69659696596
Deleted nationzoom
Deleted nationzoom
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3896 octets] - [04/08/2020 18:09:29]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
JUNKWARE
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x86
Ran by usuario (Administrator) on 04/08/2020 at 18:12:24,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\ProgramData\babylon (Folder)
Successfully deleted: C:\user.js (File)
Successfully deleted: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage (File)
Successfully deleted: C:\Users\usuario\AppData\Roaming\babylon (Folder)
Registry: 1
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/08/2020 at 18:13:54,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x86) Versión: 02-08-2020
Ejecutado por usuario (administrador) sobre PC_ALMACEN (04-08-2020 18:15:49)
Ejecutado desde C:\Users\usuario\Desktop
Perfiles cargados: usuario
Platform: Microsoft Windows 10 Pro Versión 1909 18363.959 (X86) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Intel Client Boards Division -> Intel(R) Corporation) C:\Program Files\Intel\Intel Desktop Utilities\iduServ.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) [Archivo no firmado] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe
(Wondershare) [Archivo no firmado] C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9742952 2010-10-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM\...\Run: [ipTray.exe] => C:\Program Files\Intel\Intel Desktop Utilities\ipTray.exe [1645256 2012-03-01] (Intel Client Boards Division -> Intel(R) Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [7658496 2020-07-20] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare software CO., LIMITED -> Wondershare)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-3259171313-655239791-2591294695-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows NT x86\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDAA.DLL [29184 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows NT x86\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\W32X86\hpzppwn7.dll [90624 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\ModiPrint: C:\Windows\System32\spool\prtprocs\W32X86\mdippr.dll [30512 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\OneNotePrint2007: C:\Windows\System32\spool\prtprocs\W32X86\msonpppr.dll [33104 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\WINDOWS\system32\CNMLMAA.DLL [311296 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Color LaserJet Monitor: C:\WINDOWS\system32\HPPOUMON.dll [114688 2003-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Oak Technology, Inc.)
HKLM\...\Print\Monitors\Microsoft Document Imaging Writer Monitor: C:\WINDOWS\system32\mdimon.dll [29552 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\PCL hpz3lwn7: C:\WINDOWS\system32\hpz3lwn7.dll [30720 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\Send To Microsoft OneNote Monitor: C:\WINDOWS\system32\msonpmon.dll [31640 2009-02-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\84.0.4147.105\Installer\chrmstp.exe [2020-07-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{71C5A887-11E0-4c5a-9B9B-D4A074555692}] -> C:\WINDOWS\system32\Client32Provider.dll [2015-01-28] (NetSupport Ltd -> NetSupport Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MadisaNetStatus.lnk [2014-10-09]
ShortcutTarget: MadisaNetStatus.lnk -> C:\Windows\Installer\{D972B060-F4A8-4692-A5FE-8EAC1CC8575F}\_17248BA8C79B8A7E91CC35.exe () [Archivo no firmado]
Startup: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rápido de OneNote 2007.lnk [2015-05-06]
ShortcutTarget: Recorte de pantalla e Inicio rápido de OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {00F6E5D7-A6F3-4610-945A-8B1830962161} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {05C4EBD0-C9FF-490F-83BF-6FEAF438AB09} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0670B0C5-7D2D-4502-914F-F24E81159FC7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {06CFE544-6F9B-4A1B-A967-AEE2746F910B} - System32\Tasks\{108A0843-78C5-49FD-A360-4669E182A02D} => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {0B803FA1-81F9-4E91-8DAF-0228BBFF39E9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C52900C-5D69-42A2-9088-BA94C7AD7469} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Task: {0CCECAAE-C513-4D8A-BB0D-A701F6D970D8} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {11823596-E9E2-4867-AB17-316F630D2E63} - System32\Tasks\{0F88FB28-88BA-42FD-AD21-9A1C5AFD46CB} => C:\Windows\system32\pcalua.exe -a D:\Setup.Exe -d D:\
Task: {12F5F421-060B-4F41-91D8-F85E5647F3B6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_403_pepper.exe [1471032 2020-07-15] (Adobe Inc. -> Adobe)
Task: {1317F418-7394-48B2-9CBC-0177BC04A68B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {1510C85F-9E1E-4892-8A01-8686C2DB22A0} - System32\Tasks\{19C840CA-8B2F-4E00-8AC8-60FAFC6FCD1F} => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {19F526A5-7704-443A-B340-37AB321C6176} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1ACD2657-B4F4-4C43-8075-833FEAE1B9F0} - System32\Tasks\{D32774E1-31EC-4B6F-B23B-00433C3A8A67} => C:\Telynet\Pda\ComSocio.exe [40960 2008-09-25] () [Archivo no firmado]
Task: {20FD9728-6D67-4658-A25C-915705B7A546} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {22FBCBA0-6DBC-4C2C-B8DC-9237FD4BC1AD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2355BEC2-9B01-44A6-8A23-B6C487DD5B10} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {291A8673-A05E-4477-AC3F-C5BFBA9A2B77} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {3092CC35-44A8-4FFE-974E-ED1667DCFA61} - System32\Tasks\{B55E246A-C165-4365-B7B1-D2FCCE8165D4} => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {3652E888-CF65-43D8-8EA3-5AC0A31CE323} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {3A717F81-AE1E-42A1-92B4-6B1D8E02CF93} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {4026C466-BE2A-4705-B493-56609C449C32} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D3AF667-6569-4658-8612-2061FB555E6F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {57901787-D99B-48F0-8E6B-406B1FC7154C} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {5F81A927-F514-42DE-BB26-082602862302} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {6170A3CB-0A75-4B22-AC50-198CDE13A193} - System32\Tasks\{5C43D155-9743-4FB5-8CF4-3A701361393E} => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {64F93EDD-EF4E-412E-B9D7-4EFEC721C271} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6DA42C20-7384-4B09-BF56-2CA58420998D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {749CEABC-8CF0-414C-92BB-E649FD28FD72} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {7761B930-DA2C-47A3-BD91-98D367C71B41} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7B8F7AF9-A7A2-4CE6-9881-EF09797B5EBD} - System32\Tasks\{BF2A4085-C5F8-47BD-8D80-913147A15C2F} => C:\Windows\system32\pcalua.exe -a D:\UsbWin98\240075ES.exe -d D:\UsbWin98
Task: {83F78DFA-FCC7-4B93-80C4-60B76CEBF00E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {868E54E5-80FB-4A09-B68B-A2FF7097EC4C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {88607D2C-7EEB-4D9E-BCFE-5A1C3A0C6EE7} - System32\Tasks\{F470101C-1CDF-44AD-A60C-844497206096} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\Downloads\bvreditor_setup.exe -d C:\Users\usuario\Downloads
Task: {97101553-6850-4BE9-BBAF-E0A006105492} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {988F3C02-4E96-458D-9079-5B667CC290EA} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9FC59529-1B94-4F70-8996-31F42080A4D3} - System32\Tasks\{23AB5EAF-87FB-47D5-B03E-8158980CE1E3} => C:\Telynet\Pda\ComSocio.exe [40960 2008-09-25] () [Archivo no firmado]
Task: {A5655506-6B9A-462C-8C48-0020E75715EB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [192704 2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5A14865-3214-4C6E-A14A-32B364007B6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {A92C7255-5983-429A-BEC6-5E2F7DDCD1F7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A949F6CB-B467-4D74-B8F4-1CCE5209FB12} - System32\Tasks\{CCB92B47-AF67-43DE-97C1-93388D124791} => C:\Program Files\iTunes\iTunes.exe
Task: {AB4EE68D-4183-472E-92C0-96BA46E99E45} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE03AC14-FD13-4E5C-8BA7-A23CF108BAF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {AEE75390-2953-4FC0-8F7B-F76AAAEFD00A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
Task: {B0C9A424-9539-4F1B-9653-818D1C6F342B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B82A5D43-16F3-416A-9A7A-2ECA1FDD98EA} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B8EB9FD7-FDB9-4764-BC03-A7B7C402A154} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CBB649C7-6418-418C-9A54-F456CB4D151B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D13ED3A1-27A5-42B0-BD6F-A6B39A8CF5E6} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {DCB499A0-05CD-48CE-873F-617977A9FA17} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E3A2C1FC-A7F1-4449-AE2F-E91FDEB25563} - System32\Tasks\{97E80B74-41DD-4F38-A255-DE8E1913D740} => C:\Program Files\iTunes\iTunes.exe
Task: {E517304B-6429-4C2E-8496-2C4DFC25E0AE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {E91615A2-0DD8-4EA8-B1CC-659546110672} - System32\Tasks\{312E9B52-FDA7-4135-9EA3-B37C3AB50772} => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {EBB79669-1006-4870-AE49-DC52982F2774} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EC107C43-046C-4119-84C3-BF2258553CDB} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {F181D82D-5FDF-449C-990C-E582955C44DB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F9ACDB5A-3834-483A-B08B-F8D7A54C52BC} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3259171313-655239791-2591294695-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781}
Task: {FC003963-8386-4435-AFE1-5E4835168F68} - System32\Tasks\{C0EAE5B0-0E8B-4E8E-A71B-0BB76B29F5EE} => C:\Windows\system32\pcalua.exe -a C:\AUTOCOMM\ComSocios\Setup.Exe -d C:\AUTOCOMM\ComSocios
Task: {FD7C26CE-52BB-4392-BD14-711B1E189850} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.231.6.7 46.6.113.34
Tcpip\..\Interfaces\{D0CEB861-A162-4587-8F5B-AD9FDAA782BF}: [DhcpNameServer] 212.231.6.7 46.6.113.34
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3259171313-655239791-2591294695-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.unide.es/st/unide.do
SearchScopes: HKU\S-1-5-21-3259171313-655239791-2591294695-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3259171313-655239791-2591294695-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3259171313-655239791-2591294695-1000 -> {BD005D03-B126-4458-8E8E-52CA1422CBF2} URL = hxxps://es.search.yahoo.com/search?p={searchTerms}&intl=es&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (Canon Inc. -> CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2020-03-05] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-3259171313-655239791-2591294695-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (Canon Inc. -> CANON INC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\usuario\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3259171313-655239791-2591294695-1000 -> hxxps://www.unide.es/st/unide.do
Edge Profile: C:\Users\usuario\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-04]
Edge HomePage: Default -> hxxps://www.unide.es/st/unide.do
FireFox:
========
FF DefaultProfile: r9jetphp.default-1544261395485
FF ProfilePath: C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\r9jetphp.default-1544261395485 [2020-08-04]
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) [Archivo no firmado]
FF Plugin: @dialcom.com/spontania,version=1.0.1.9 -> C:\Program Files\Dialcom\Spontania Updater\npspontania.dll [2010-07-02] (Dialcom Networks SL -> Dialcom Networks)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2020-03-05] (Sun Microsystems, Inc.) [Archivo no firmado]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default [2020-08-04]
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.es/"
CHR Extension: (Documentos) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Búsqueda de Google) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Adobe Acrobat) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-07-16]
CHR Extension: (Video Downloader professional) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-25]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-07-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Player para ver Movistar+) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2020-01-23]
CHR Extension: (Video DownloadHelper) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2020-04-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-17]
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\System Profile [2020-08-03]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169032 2020-05-07] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
S2 Client32; C:\Program Files\NetSupport\NetSupport Manager\client32.exe [101712 2015-01-28] (NetSupport Ltd -> NetSupport Ltd)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [300120 2017-03-10] (Intel(R) pGFX -> Intel Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [37384 2020-07-20] (Dropbox, Inc -> Dropbox, Inc.)
R2 IduService; C:\Program Files\Intel\Intel Desktop Utilities\iduServ.exe [647880 2012-03-01] (Intel Client Boards Division -> Intel(R) Corporation)
S2 Intel(R) Desktop Boards FSC Application Service; C:\Program Files\Intel\FSC\FSCAppServ.exe [61440 2012-03-01] (Intel Corporation) [Archivo no firmado]
R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [87712 2010-08-12] (Intel Corporation -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5578952 2020-08-03] (Malwarebytes Inc -> Malwarebytes)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Archivo no firmado]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [54272 2009-07-14] (Microsoft Windows -> Hewlett-Packard)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3828288 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [1693128 2009-04-03] (uvnc bvba -> UltraVNC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [1496216 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [86600 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare) [Archivo no firmado]
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [165376 2019-10-07] (Microsoft Corporation) [Archivo no firmado]
S3 cpuio; C:\Windows\System32\Drivers\cpuio.sys [8192 2012-06-19] (Intel Corporation) [Archivo no firmado]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [113000 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 gdihook5; C:\WINDOWS\System32\drivers\gdihook5.sys [68576 2011-08-17] (NetSupport Ltd -> NetSupport Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17360 2020-08-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [213912 2020-08-03] (Malwarebytes Inc -> Malwarebytes)
R3 MEI; C:\WINDOWS\System32\drivers\HECI.sys [41088 2010-10-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 nskbfltr; C:\WINDOWS\system32\drivers\nskbfltr.sys [31064 2014-11-12] (NetSupport Ltd -> NetSupport Ltd)
R1 PCISys; C:\WINDOWS\System32\drivers\pcisys.sys [32830 2014-01-21] (NetSupport Ltd) [Archivo no firmado]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [148328 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15872 2019-10-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [37768 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [316128 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [45792 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-08-04 18:15 - 2020-08-04 18:16 - 000029635 _____ C:\Users\usuario\Desktop\FRST.txt
2020-08-04 18:15 - 2020-08-04 18:16 - 000000000 ____D C:\FRST
2020-08-04 18:13 - 2020-08-04 18:13 - 000001049 _____ C:\Users\usuario\Desktop\JRT.txt
2020-08-04 18:08 - 2020-08-04 18:09 - 000000000 ____D C:\AdwCleaner
2020-08-03 18:46 - 2020-08-03 18:46 - 000128333 _____ C:\Users\usuario\Desktop\Equipo lento, motores de búsqueda, etc - Eliminar Malwares - ForoSpyware.pdf
2020-08-03 18:41 - 2020-08-04 18:13 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-08-03 18:41 - 2020-08-03 18:41 - 000002882 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-08-03 18:41 - 2020-08-03 18:41 - 000001034 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-08-03 18:41 - 2020-08-03 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-08-03 18:41 - 2020-08-03 18:41 - 000000000 ____D C:\Program Files\CCleaner
2020-08-03 18:39 - 2020-08-03 18:39 - 002014208 _____ (Farbar) C:\Users\usuario\Desktop\FRST.exe
2020-08-03 18:37 - 2020-08-03 18:38 - 001790024 _____ (Malwarebytes) C:\Users\usuario\Desktop\JRT.exe
2020-08-03 18:37 - 2020-08-03 18:37 - 008414384 _____ (Malwarebytes) C:\Users\usuario\Desktop\adwcleaner_8.0.7.exe
2020-08-03 18:36 - 2020-08-03 18:36 - 025838336 _____ (Piriform Software Ltd) C:\Users\usuario\Desktop\ccsetup568.exe
2020-08-03 17:42 - 2020-08-03 17:42 - 000213912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-08-03 17:42 - 2020-08-03 17:42 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-03 17:42 - 2020-08-03 17:42 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-03 17:42 - 2020-08-03 17:42 - 000000000 ____D C:\Users\usuario\AppData\Local\mbam
2020-08-03 17:42 - 2020-08-03 17:41 - 000129056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2020-08-03 17:42 - 2020-08-03 17:41 - 000017360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-08-03 17:41 - 2020-08-03 17:41 - 001988280 _____ (Malwarebytes) C:\Users\usuario\Desktop\MBSetup-009996.009996-consumer.exe
2020-08-03 17:41 - 2020-08-03 17:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-03 17:41 - 2020-08-03 17:41 - 000000000 ____D C:\Program Files\Malwarebytes
2020-08-03 17:41 - 2020-08-03 17:41 - 000000000 ____D C:\Malwarebytes
2020-08-03 11:13 - 2020-08-03 11:13 - 002114110 _____ C:\Users\usuario\Downloads\Ciclismo_al_anochecer.gpx
2020-07-23 08:12 - 2020-07-23 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-07-20 14:20 - 2020-07-20 14:20 - 000037384 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-07-20 14:20 - 2020-07-20 14:20 - 000036848 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-07-20 14:20 - 2020-07-20 14:20 - 000036848 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-07-20 14:20 - 2020-07-20 14:20 - 000036848 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-07-15 10:41 - 2020-07-15 10:41 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 018031104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 007071032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 006523856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 006292992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 006089512 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 005765648 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 005099384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 004869480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 004756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 004576656 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 003974368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 003743048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 003002880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 002860544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-07-15 10:41 - 2020-07-15 10:41 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 002628096 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 002078392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 002059264 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-07-15 10:41 - 2020-07-15 10:41 - 001991592 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001952880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001910784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001882936 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001737728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001655472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001540200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001434808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001306944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 001140224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001070592 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000945176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000895600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000844096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000793320 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000779080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000778872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000700328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000695208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000685384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000673448 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000636704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000594992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000582056 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000538664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000504632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-07-15 10:41 - 2020-07-15 10:41 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000478296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000442096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000406992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000405944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000345560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-07-15 10:41 - 2020-07-15 10:41 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000311440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000303416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnclient.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000279920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000268552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000266552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-07-15 10:41 - 2020-07-15 10:41 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000199496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000193600 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000190056 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-07-15 10:41 - 2020-07-15 10:41 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000176952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.Desktop.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleBand.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000162104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-07-15 10:41 - 2020-07-15 10:41 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000150336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000142656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-07-15 10:41 - 2020-07-15 10:41 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWorkflowService.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000115016 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourcePolicyServer.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000086272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemUWPLauncher.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiverExt.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000052152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourcePolicyClient.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIMgrBroker.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000027960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkPS.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerClient.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWorkflowProxy.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteFXvGPUDisablement.exe
2020-07-15 10:41 - 2020-07-15 10:41 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIManagerBrokerps.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-07-15 10:41 - 2020-07-15 10:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-07-15 10:36 - 2020-06-30 06:32 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-07-15 08:10 - 2020-07-15 08:10 - 008774200 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerInstaller.exe
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-08-04 18:14 - 2020-03-04 23:20 - 001946918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-08-04 18:14 - 2019-03-19 09:13 - 000845456 _____ C:\WINDOWS\system32\perfh00A.dat
2020-08-04 18:14 - 2019-03-19 09:13 - 000182946 _____ C:\WINDOWS\system32\perfc00A.dat
2020-08-04 18:14 - 2019-03-19 04:44 - 000000000 ____D C:\WINDOWS\INF
2020-08-04 18:12 - 2019-03-19 04:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-04 18:10 - 2020-03-04 23:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-08-04 18:10 - 2019-09-18 13:02 - 000158889 ____H C:\WINDOWS\system32\picdev.sys
2020-08-04 18:10 - 2019-09-18 13:01 - 000000008 _____ C:\WINDOWS\system32\pcisys.ntk
2020-08-04 18:09 - 2020-03-04 23:20 - 000000000 ____D C:\Users\usuario
2020-08-04 18:09 - 2019-03-19 04:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-08-04 18:07 - 2015-06-22 11:40 - 000000000 ____D C:\Users\usuario\AppData\Local\Dropbox
2020-08-04 18:06 - 2020-03-04 23:18 - 000470976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-04 18:06 - 2020-03-04 23:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-08-04 18:06 - 2014-01-08 12:37 - 000000000 ____D C:\Program Files\Uninstaller
2020-08-04 14:42 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-04 13:32 - 2012-06-20 19:18 - 000022016 _____ C:\Users\usuario\Desktop\tabla kilos.xls
2020-08-04 12:55 - 2018-07-03 13:27 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\Mozilla
2020-08-04 11:17 - 2012-07-11 13:39 - 000000000 ____D C:\Telynet
2020-08-03 18:47 - 2020-03-04 22:40 - 000000000 ___DC C:\WINDOWS\Panther
2020-08-03 17:42 - 2019-03-19 04:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-03 10:48 - 2012-06-20 19:18 - 000033792 _____ C:\Users\usuario\Desktop\TOTAL KILOS.xls
2020-08-03 08:03 - 2020-03-04 23:27 - 000000000 ___RD C:\Users\usuario\OneDrive
2020-08-03 08:02 - 2018-12-08 11:29 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-08-03 08:02 - 2015-06-22 11:40 - 000000982 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-08-03 08:02 - 2015-06-22 11:40 - 000000978 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-08-02 09:29 - 2020-02-20 13:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-08-02 09:29 - 2018-12-08 11:29 - 000001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-08-02 08:18 - 2020-06-20 09:35 - 000002386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-01 08:10 - 2019-03-19 04:46 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-30 08:08 - 2013-10-03 13:01 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-28 11:33 - 2019-05-28 09:33 - 000136552 _____ C:\Users\usuario\Desktop\dias libres (Autoguardado).xlsx
2020-07-27 12:20 - 2014-03-15 10:40 - 000000000 ____D C:\Users\usuario\Desktop\JORGE
2020-07-24 08:01 - 2020-03-04 23:23 - 000004042 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-24 08:01 - 2020-03-04 23:23 - 000003810 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-23 18:07 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-07-23 08:12 - 2015-06-22 11:40 - 000000000 ____D C:\Program Files\Dropbox
2020-07-21 10:20 - 2020-03-04 23:27 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3259171313-655239791-2591294695-1000
2020-07-21 10:20 - 2020-03-04 23:20 - 000002443 _____ C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-07-16 08:02 - 2020-03-04 23:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-07-16 08:02 - 2020-03-04 23:24 - 000000000 ___RD C:\Users\usuario\3D Objects
2020-07-15 21:07 - 2019-03-19 04:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-07-15 21:07 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\SystemResources
2020-07-15 21:07 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-07-15 21:07 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-07-15 21:07 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-07-15 21:07 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-07-15 21:07 - 2019-03-19 04:46 - 000000000 ____D C:\Program Files\Common Files\System
2020-07-15 10:44 - 2019-03-19 04:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-07-15 08:10 - 2020-03-04 23:23 - 000004620 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-07-15 08:10 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-07-11 20:19 - 2012-06-19 16:50 - 000101976 _____ C:\Users\usuario\AppData\Local\GDIPFONTCACHEV1.DAT
2020-07-09 08:06 - 2014-11-26 20:19 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Skype
2020-07-08 11:48 - 2020-03-04 23:23 - 000004550 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-07-08 11:47 - 2016-04-13 08:54 - 000002106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-08 08:05 - 2020-06-20 09:35 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-07-08 08:05 - 2020-06-20 09:35 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Archivos en la raíz de algunos directorios ========
2016-06-28 11:58 - 2016-06-28 13:18 - 000003584 _____ () C:\Users\usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-05-02 10:35 - 2020-05-02 10:35 - 000004096 ____H () C:\Users\usuario\AppData\Local\keyfile3.drm
2016-04-20 11:27 - 2017-10-23 13:27 - 000007602 _____ () C:\Users\usuario\AppData\Local\Resmon.ResmonCfg
2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\usuario\AppData\Local\setup.txt
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================
Y EL ADDITION
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x86) Versión: 02-08-2020
Ejecutado por usuario (04-08-2020 18:16:41)
Ejecutado desde C:\Users\usuario\Desktop
Microsoft Windows 10 Pro Versión 1909 18363.959 (X86) (2020-03-04 21:23:44)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-3259171313-655239791-2591294695-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3259171313-655239791-2591294695-1005 - Limited - Enabled)
DefaultAccount (S-1-5-21-3259171313-655239791-2591294695-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3259171313-655239791-2591294695-1003 - Limited - Enabled)
Invitado (S-1-5-21-3259171313-655239791-2591294695-501 - Limited - Disabled)
usuario (S-1-5-21-3259171313-655239791-2591294695-1000 - Administrator - Enabled) => C:\Users\usuario
WDAGUtilityAccount (S-1-5-21-3259171313-655239791-2591294695-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Actualización del controlador del Centro de dispositivos de Windows Mobile (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.403 - Adobe)
Attribute Changer 9.10c (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 9.10c - Romain Petges)
AyD v7.0 (HKLM\...\AyD) (Version: - )
Bkool Indoor versión 3.52 (HKLM\...\{B16838DD-95AA-4875-9123-A40DF977D99E}_is1) (Version: 3.52 - Bkool)
BKOOL Video Route Editor (HKLM\...\{B7BACFCB-FA59-2B71-09D7-B115EE23F760}) (Version: 0.2.3 - BKOOL SOCIEDAD LIMITADA) Hidden
BKOOL Video Route Editor (HKLM\...\BkoolVideoRouteEditor) (Version: 0.2.3 - BKOOL SOCIEDAD LIMITADA)
CANAL+ YOMVI (HKLM\...\{6C53679C-5779-4048-BF29-8174BF1E30C7}) (Version: 1.3.6.0 - CANAL+ YOMVI)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.1.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 3.1.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Centro de dispositivos de Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Comunicación Socios (HKLM\...\{25A3BEF5-726E-4B86-8F5E-46A3926BC35C}) (Version: 2.2 - IGT Microelectronics, S.A.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM\...\Dropbox) (Version: 102.4.431 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
Galería de fotos (HKLM\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garmin BaseCamp (HKLM\...\{52212c77-b309-478b-9073-27ea7ca4373b}) (Version: 4.7.1.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM\...\{BF450036-EE1E-4B8A-B514-787A0D6D4EAE}) (Version: 4.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 84.0.4147.105 - Google LLC)
Google Earth Pro (HKLM\...\{7A3374DE-3D99-4BD9-9FE8-A76498632D98}) (Version: 7.3.3.7699 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Desktop Utilities (HKLM\...\{F01CBA59-B5BD-4608-A834-1CBE8C292A71}) (Version: 1.0.0 - Intel Corporation)
Intel(R) Desktop Utilities (HKLM\...\InstallShield_{0E02023C-6F29-4FB7-964A-C6A0A0AC6DF8}) (Version: 3.2.2 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) SMBus (HKLM\...\SMBus) (Version: - )
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
MadisaNet (HKLM\...\{D972B060-F4A8-4692-A5FE-8EAC1CC8575F}) (Version: 1.0.0 - MADISA)
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 84.0.522.52 - Microsoft Corporation)
Microsoft Edge Update (HKLM\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-3259171313-655239791-2591294695-1000\...\OneDriveSetup.exe) (Version: 20.114.0607.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Movie Maker (HKLM\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 79.0 (x86 es-ES) (HKLM\...\Mozilla Firefox 79.0 (x86 es-ES)) (Version: 79.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0.0.7506 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NetSupport Manager (HKLM\...\{64893459-B4B8-403D-8E2D-8395D2BA3F1F}) (Version: 12.01.0014 - NetSupport Ltd)
OpenOffice.org 3.4 (HKLM\...\{5D3A23FA-06EF-4640-BC24-FFD687BF3D2E}) (Version: 3.4.9590 - OpenOffice.org)
Paquete de controladores de Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Paquete de controladores de Windows - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\498B9978CE49397903524B0761200F43EC650044) (Version: 07/12/2010 2.08.02 - FTDI)
Paquete de controladores de Windows - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\67170FB0228B69BCCBEF8CE14A76953A5505D8EA) (Version: 07/12/2010 2.08.02 - FTDI)
Paquete de controladores de Windows - Polar Electro Oy (usbser) Ports (03/12/2015 6.0.2600.5) (HKLM\...\4C9F407EFEE71D7ED12BA7F50C69857CD776B651) (Version: 03/12/2015 6.0.2600.5 - Polar Electro Oy)
Polar FlowSync versión 3.0.0.1337 (HKLM\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 3.0.0.1337 - Polar Electro Oy)
Prism, convertidor de vídeos (HKLM\...\Prism) (Version: 2.44 - NCH Software)
ProRealTime (HKU\S-1-5-21-3259171313-655239791-2591294695-1000\...\ProRealTime_is1) (Version: 1.7 - IT-Finance)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6215 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Spontania Updater 1.0.1.9 (HKLM\...\Spontania Updater) (Version: 1.0.1.9 - Dialcom Networks)
UltraVNC 1.0.5.6 (HKLM\...\Ultravnc2_is1) (Version: 1.0.5.6 - 1.0.5.6)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VisualChart 6 (HKU\S-1-5-21-3259171313-655239791-2591294695-1000\...\{CD21810C-DC1F-43AC-A2AF-46F3C6FD652E}) (Version: 6.2.2.0 - VisualChart Group)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile Developer Power Toys (HKLM\...\{2E7E6323-863A-4A62-878C-CA1085AE793B}) (Version: 1.0.0 - Microsoft)
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.10.5.0_x86__kgqvnymyfvs32 [2020-06-18] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.39.4.0_x86__kgqvnymyfvs32 [2020-06-24] (king.com)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.7162.0_x86__8wekyb3d8bbwe [2020-07-22] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x86__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
HKU\S-1-5-21-3259171313-655239791-2591294695-1000\...\ChromeHTML: -> <==== ATENCIÓN
CustomCLSID: HKU\S-1-5-21-3259171313-655239791-2591294695-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\usuario\Dropbox [2015-06-22 11:42]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-09-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> Ningún archivo
ContextMenuHandlers2: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2018-12-29] (Romain Petges) [Archivo no firmado]
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2018-12-29] (Romain Petges) [Archivo no firmado]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.43.0.dll [2020-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-09-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\usuario\Favorites\Sitio para descargas de NCH Software.lnk -> hxxp://www.nchsoftware.com/es/index.htm
==================== Módulos cargados (Lista blanca) =============
2012-06-19 16:37 - 2010-10-05 14:43 - 001892352 ____R (Apache Software Foundation) [Archivo no firmado] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2010-11-18 18:08 - 2010-11-18 18:08 - 000055808 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2012-06-19 16:37 - 2010-10-05 14:38 - 000069632 ____R (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2012-02-28 10:08 - 2012-02-28 10:08 - 000588288 _____ (Intel(R) Corporation) [Archivo no firmado] C:\Program Files\Intel\Intel Desktop Utilities\Provider\ISensorPlug.dll
2003-04-03 19:05 - 2003-04-03 19:05 - 000024576 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\3082\mdmui.dll
2006-10-26 13:44 - 2006-10-26 13:44 - 000123904 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files\Common Files\Microsoft Shared\VS7Debug\csm.dll
2006-10-26 13:45 - 2006-10-26 13:45 - 000247296 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2020-03-04 23:17 - 2020-03-04 23:17 - 000097280 _____ (Microsoft Corporation) [Archivo no firmado] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2016-01-19 09:23 - 2015-02-27 11:35 - 000489984 _____ (Newtonsoft) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Wondershare\WAF\2.1.5.0\Newtonsoft.Json.dll
2019-01-02 10:25 - 2018-12-29 18:54 - 000378368 _____ (Romain Petges) [Archivo no firmado] C:\Program Files\Attribute Changer\acshell.dll
2016-01-19 09:23 - 2015-12-02 10:52 - 000072704 _____ (Wondershare) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppCollect.dll
2016-01-19 09:23 - 2015-12-02 10:52 - 000315904 _____ (Wondershare) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Wondershare\WAF\2.1.5.0\WsAppCommon.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE trusted site: HKU\S-1-5-21-3259171313-655239791-2591294695-1000\...\unide.es -> hxxps://www.unide.es
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2009-07-14 04:04 - 2014-11-06 19:51 - 000000922 _____ C:\WINDOWS\system32\drivers\etc\hosts
192.168.1.5 Serv_15150
192.168.1.58 usuario-PC
213.0.59.204 cezannecv
213.0.59.209 madisadesa
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\DMIX;C:\Program Files\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3259171313-655239791-2591294695-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\usuario\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\VIRB0003.JPG
DNS Servers: El medio no está conectado a internet.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{377E6C18-0190-45F9-B15B-D15751316374}] => (Allow) LPort=5354
FirewallRules: [{978532A9-6D6E-46E0-A0A0-2B89295E053F}] => (Allow) LPort=5354
FirewallRules: [{B636A5CA-BB32-475B-8D1D-08B2295E070B}] => (Allow) LPort=5354
FirewallRules: [{F3B08183-FE41-48B9-91DD-DABED1677F98}] => (Allow) LPort=5354
FirewallRules: [{5FE8C52C-ED88-40A6-BFAE-FF721B319E17}] => (Allow) LPort=5354
FirewallRules: [{94BC968D-1B63-4F44-8CA1-368761C63443}] => (Allow) LPort=5354
FirewallRules: [{644AE43D-23F4-4AF3-A860-9F572E903C84}] => (Allow) LPort=5354
FirewallRules: [{BA5E6655-0B6E-4399-819E-C995AA9B2772}] => (Allow) LPort=5354
FirewallRules: [{0CBE0B27-B341-4424-9FA1-645C8A64A8E8}] => (Allow) C:\Windows\System32\muzapp.exe (Musiccity Co.Ltd.) [Archivo no firmado]
FirewallRules: [{A17E4F05-4A8E-4D32-80E0-018DF288F9A4}] => (Allow) C:\Windows\System32\muzapp.exe (Musiccity Co.Ltd.) [Archivo no firmado]
FirewallRules: [{07CC17B2-4146-42F9-B839-6FE668051392}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8A0DF01E-16CE-435E-A0CE-CED64CB43063}] => (Allow) LPort=5354
FirewallRules: [{F9BDA37E-82FA-450E-B2FB-8C758818554F}] => (Allow) LPort=5354
FirewallRules: [{83BD35E3-EFDE-41CC-B053-F3B5AE8298DC}] => (Allow) LPort=5354
FirewallRules: [{367DD084-8EA3-489D-A33C-56057CCD5AE5}] => (Allow) LPort=5354
FirewallRules: [UDP Query User{E987398D-0790-416E-AB3F-BAF8187FE0A0}C:\program files\windows mobile developer power toys\activesync_remote_display\asrdisp.exe] => (Allow) C:\program files\windows mobile developer power toys\activesync_remote_display\asrdisp.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{BCAF5685-7B41-4826-A880-129DE63CFF54}C:\program files\windows mobile developer power toys\activesync_remote_display\asrdisp.exe] => (Allow) C:\program files\windows mobile developer power toys\activesync_remote_display\asrdisp.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{71DC35F4-665D-40B3-AC04-1414C78D22D1}C:\program files\bkool indoor\bkoolindoor.exe] => (Allow) C:\program files\bkool indoor\bkoolindoor.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{DD951399-9CAE-430D-81BD-A789F0185756}C:\program files\bkool indoor\bkoolindoor.exe] => (Allow) C:\program files\bkool indoor\bkoolindoor.exe () [Archivo no firmado]
FirewallRules: [{FCC90EA7-410F-45F3-96CA-39B66810FBD3}] => (Allow) LPort=5354
FirewallRules: [{F3EB5848-9801-458C-8831-DA9A96433EC3}] => (Allow) LPort=5354
FirewallRules: [{5A42DB79-0715-4BFB-94B7-153341D470E3}] => (Allow) LPort=5354
FirewallRules: [{EE702B11-AF39-4833-9B7C-C5C701325C79}] => (Allow) LPort=5354
FirewallRules: [UDP Query User{EFB0A74D-2EC9-4D44-9814-098CD9A97969}C:\users\usuario\appdata\local\it-finance\prorealtime\runtime\bin\java.exe] => (Allow) C:\users\usuario\appdata\local\it-finance\prorealtime\runtime\bin\java.exe
FirewallRules: [TCP Query User{71E08C7B-5273-43C7-B92D-48BA1E65F8FC}C:\users\usuario\appdata\local\it-finance\prorealtime\runtime\bin\java.exe] => (Allow) C:\users\usuario\appdata\local\it-finance\prorealtime\runtime\bin\java.exe
FirewallRules: [{E142932D-BD6D-4A93-865A-D8B83139C84B}] => (Allow) LPort=1900
FirewallRules: [{B9DE79D3-D0E2-4587-8222-5A82DC55C63A}] => (Allow) LPort=2869
FirewallRules: [{8969BD34-C3B5-42A6-967C-F54A0E23B066}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFB6BBEE-B131-4695-8E35-ECDD76D32896}] => (Allow) C:\Program Files\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{9F6B0BA9-D466-40BB-B7BB-A1605B1A05E5}] => (Allow) C:\Program Files\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{E68C50C7-C96C-4119-8F14-044F0F370E2A}] => (Allow) LPort=5800
FirewallRules: [{B29C8453-74DC-4B71-96E6-BA959F872961}] => (Allow) LPort=5900
FirewallRules: [UDP Query User{68FA998B-66B7-4370-8004-8D036BA874A3}C:\users\usuario\showmypc\2994\tvnserver.exe] => (Allow) C:\users\usuario\showmypc\2994\tvnserver.exe (ShowMyPC -> GlavSoft LLC.)
FirewallRules: [TCP Query User{B4FA4873-D5E4-4D3E-92E8-18DE4ED23C56}C:\users\usuario\showmypc\2994\tvnserver.exe] => (Allow) C:\users\usuario\showmypc\2994\tvnserver.exe (ShowMyPC -> GlavSoft LLC.)
FirewallRules: [UDP Query User{C5C2418A-40E2-4A32-8DBC-72356F5B6DAE}C:\program files\madisa\madisanet\bin\madisanetstatus.exe] => (Allow) C:\program files\madisa\madisanet\bin\madisanetstatus.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{3EDD8B40-B250-46A3-BE18-3B14630D0089}C:\program files\madisa\madisanet\bin\madisanetstatus.exe] => (Allow) C:\program files\madisa\madisanet\bin\madisanetstatus.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{CD711035-AD99-4B41-B41A-5094006F64FE}C:\program files\madisa\madisanet\bin\madisanetstatus.exe] => (Allow) C:\program files\madisa\madisanet\bin\madisanetstatus.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{1A74AC17-BC95-4725-A6C6-8605396A309F}C:\program files\madisa\madisanet\bin\madisanetstatus.exe] => (Allow) C:\program files\madisa\madisanet\bin\madisanetstatus.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{C845321B-7AB7-42FA-94B0-FBF04EC62D2A}C:\program files\ultravnc\winvnc.exe] => (Allow) C:\program files\ultravnc\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [TCP Query User{BB04BFD9-4FB2-40FA-8D20-28CA328A0588}C:\program files\ultravnc\winvnc.exe] => (Allow) C:\program files\ultravnc\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{01201964-63A2-4B47-976F-2D160A017DAA}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E9DD4AA-02C3-4883-81DF-0FFCE129EC75}] => (Allow) LPort=5354
FirewallRules: [{A036FAF8-FE0F-47B0-A63B-18CB895DEA21}] => (Allow) LPort=5354
FirewallRules: [{5B37C6A8-C175-455F-BE0C-45AD007BC7C4}] => (Allow) LPort=5354
FirewallRules: [{B7C139A9-D1C6-4268-AE99-537050A58095}] => (Allow) LPort=5354
FirewallRules: [{52E547EB-2256-4CA9-8E00-281D3CC2482F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7E9A6C86-1274-4EE1-AA98-FD7385C8689A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{96A72C83-53C7-461C-84DA-8C49D5D85CD1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39DDCA42-2B52-4133-BB22-69799D2B8ABA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3634A6B7-A976-4A72-87A4-31E884FB4052}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{0B23CD8C-D090-4664-899A-B2107B0A2D21}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CA828E40-AD95-4A93-AE7B-F37D769567DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => Ningún archivo
FirewallRules: [{A4A53FBB-E72E-45E2-9BC7-C93EF1CEB4AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => Ningún archivo
FirewallRules: [{12CA8429-9AE7-4844-B91F-92F517DDDC33}] => (Allow) C:\Program Files\NetSupport\NetSupport Manager\client32.exe (NetSupport Ltd -> NetSupport Ltd)
FirewallRules: [{95904DA5-00A3-4AEF-BF96-8E473C980A0E}] => (Allow) C:\Program Files\NetSupport\NetSupport Manager\client32.exe (NetSupport Ltd -> NetSupport Ltd)
FirewallRules: [{D682C716-FD76-4F78-AC78-0650689B516B}] => (Allow) C:\Program Files\NetSupport\NetSupport Manager\client32.exe (NetSupport Ltd -> NetSupport Ltd)
FirewallRules: [{31E4055B-7785-4D55-A7A0-ED7B368A7017}] => (Allow) C:\Program Files\NetSupport\NetSupport Manager\client32.exe (NetSupport Ltd -> NetSupport Ltd)
==================== Puntos de Restauración =========================
15-07-2020 10:35:57 Windows Update
22-07-2020 12:48:48 Punto de control programado
30-07-2020 17:06:15 Removed Bonjour
04-08-2020 10:25:06 Removed Bonjour
04-08-2020 18:12:25 JRT Pre-Junkware Removal
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (08/04/2020 06:12:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.
System Error:
Acceso denegado.
.
Error: (08/04/2020 06:08:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_RapiMgr, versión: 10.0.18362.1, marca de tiempo: 0x68f17365
Nombre del módulo con errores: ntdll.dll, versión: 10.0.18362.815, marca de tiempo: 0x3d532d7e
Código de excepción: 0xc0000008
Desplazamiento de errores: 0x0009169e
Identificador del proceso con errores: 0xdb4
Hora de inicio de la aplicación con errores: 0x01d66a7942697b28
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\svchost.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 982be8ee-2193-48c9-8087-fedfb55a01b8
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (08/04/2020 05:56:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12148,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (08/04/2020 04:56:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8400,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (08/04/2020 03:57:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9776,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (08/04/2020 02:56:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3856,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (08/04/2020 02:47:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3020,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (08/04/2020 01:57:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7552,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Errores del sistema:
=============
Error: (08/04/2020 06:12:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio uvnc_service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (08/04/2020 06:12:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Client32 se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (08/04/2020 06:09:50 PM) (Source: RapiMgr) (EventID: 8) (User: )
Description: El dispositivo basado en Windows Mobile no ha podido realizar la conexión debido a un error de communication (0x8007274a) (consulte los datos para ver el código de error).
Error: (08/04/2020 06:09:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Management and Security Application User Notification Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (08/04/2020 06:09:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Wondershare Application Framework Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (08/04/2020 06:09:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Message Queue Server terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.
Error: (08/04/2020 06:09:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Machine Debug Manager se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (08/04/2020 06:09:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio DbxSvc terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.
CodeIntegrity:
===================================
Date: 2020-08-04 18:05:17.618
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-04 18:05:15.402
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-04 18:05:15.366
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-04 16:51:13.404
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-08-04 16:51:09.367
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-08-04 15:08:28.950
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-08-04 15:04:13.500
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-08-04 15:04:05.103
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Información de la memoria ===========================
BIOS: Intel Corp. BLH6710H.86A.0146.2011.1222.1415 12/22/2011
Placa base: Intel Corporation DH67BL
Procesador: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Porcentaje de memoria en uso: 49%
RAM física total: 3493.4 MB
RAM física disponible: 1778.01 MB
Virtual total: 7077.4 MB
Virtual disponible: 5537.34 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:465.22 GB) (Free:404.35 GB) NTFS
\\?\Volume{fcd1e045-5e57-11ea-8957-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{0fea128e-0000-0000-0000-505474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 0FEA128E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 MB) - (Type=27)
==================== Final Addition.txt =======================
Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
-
Para hacerlo descarga DelFix.exe(en tu escritorio).
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-3259171313-655239791-2591294695-1000\...\ChromeHTML: -> <==== ATENCIÓN
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Ningún archivo
HKU\S-1-5-21-3259171313-655239791-2591294695-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\84.0.4147.105\Installer\chrmstp.exe [2020-07-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
ShortcutTarget: MadisaNetStatus.lnk -> C:\Windows\Installer\{D972B060-F4A8-4692-A5FE-8EAC1CC8575F}\_17248BA8C79B8A7E91CC35.exe () [Archivo no firmado]
Task: {05C4EBD0-C9FF-490F-83BF-6FEAF438AB09} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0670B0C5-7D2D-4502-914F-F24E81159FC7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B803FA1-81F9-4E91-8DAF-0228BBFF39E9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C52900C-5D69-42A2-9088-BA94C7AD7469} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Task: {0CCECAAE-C513-4D8A-BB0D-A701F6D970D8} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {11823596-E9E2-4867-AB17-316F630D2E63} - System32\Tasks\{0F88FB28-88BA-42FD-AD21-9A1C5AFD46CB} => C:\Windows\system32\pcalua.exe -a D:\Setup.Exe -d D:\
Task: {19F526A5-7704-443A-B340-37AB321C6176} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {20FD9728-6D67-4658-A25C-915705B7A546} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {22FBCBA0-6DBC-4C2C-B8DC-9237FD4BC1AD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2355BEC2-9B01-44A6-8A23-B6C487DD5B10} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {291A8673-A05E-4477-AC3F-C5BFBA9A2B77} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {3A717F81-AE1E-42A1-92B4-6B1D8E02CF93} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {4026C466-BE2A-4705-B493-56609C449C32} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D3AF667-6569-4658-8612-2061FB555E6F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {5F81A927-F514-42DE-BB26-082602862302} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {64F93EDD-EF4E-412E-B9D7-4EFEC721C271} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6DA42C20-7384-4B09-BF56-2CA58420998D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B8F7AF9-A7A2-4CE6-9881-EF09797B5EBD} - System32\Tasks\{BF2A4085-C5F8-47BD-8D80-913147A15C2F} => C:\Windows\system32\pcalua.exe -a D:\UsbWin98\240075ES.exe -d D:\UsbWin98
Task: {83F78DFA-FCC7-4B93-80C4-60B76CEBF00E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {88607D2C-7EEB-4D9E-BCFE-5A1C3A0C6EE7} - System32\Tasks\{F470101C-1CDF-44AD-A60C-844497206096} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\Downloads\bvreditor_setup.exe -d C:\Users\usuario\Downloads
Task: {97101553-6850-4BE9-BBAF-E0A006105492} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {988F3C02-4E96-458D-9079-5B667CC290EA} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A92C7255-5983-429A-BEC6-5E2F7DDCD1F7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AB4EE68D-4183-472E-92C0-96BA46E99E45} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B82A5D43-16F3-416A-9A7A-2ECA1FDD98EA} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {CBB649C7-6418-418C-9A54-F456CB4D151B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DCB499A0-05CD-48CE-873F-617977A9FA17} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E517304B-6429-4C2E-8496-2C4DFC25E0AE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {EBB79669-1006-4870-AE49-DC52982F2774} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F181D82D-5FDF-449C-990C-E582955C44DB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC003963-8386-4435-AFE1-5E4835168F68} - System32\Tasks\{C0EAE5B0-0E8B-4E8E-A71B-0BB76B29F5EE} => C:\Windows\system32\pcalua.exe -a C:\AUTOCOMM\ComSocios\Setup.Exe -d C:\AUTOCOMM\ComSocios
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2020-03-05] (Sun Microsystems, Inc.) [Archivo no firmado]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
U3 idsvc; no ImagePath
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
-
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
-
Presionar el botón FIX/Corregir y aguardar a que termine.
-
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
El PC parece que va mejor. Muchas gracias. Ahora sólo tengo 2 dudas: 1 - ¿Cómo elimino todas las herramientas que hemos usado? 2 - En realidad este PC pertenece a una red local, estoy pasando los mismos programas que me recomendaste en el primer mensaje en otros 3 PCs. ¿Te importaría revisarme también esos reportes? En tal caso ¿los pego aquí o cada uno en un hilo?
Resultados de la corrección de Farbar Recovery Scan Tool (x86) Versión: 02-08-2020
Ejecutado por usuario (04-08-2020 19:28:00) Run:1
Ejecutado desde C:\Users\usuario\Desktop
Perfiles cargados: usuario
Modo de Inicio: Safe Mode (with Networking)
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-3259171313-655239791-2591294695-1000\...\ChromeHTML: -> <==== ATENCIÓN
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Ningún archivo
HKU\S-1-5-21-3259171313-655239791-2591294695-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\84.0.4147.105\Installer\chrmstp.exe [2020-07-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
ShortcutTarget: MadisaNetStatus.lnk -> C:\Windows\Installer\{D972B060-F4A8-4692-A5FE-8EAC1CC8575F}\_17248BA8C79B8A7E91CC35.exe () [Archivo no firmado]
Task: {05C4EBD0-C9FF-490F-83BF-6FEAF438AB09} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0670B0C5-7D2D-4502-914F-F24E81159FC7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B803FA1-81F9-4E91-8DAF-0228BBFF39E9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C52900C-5D69-42A2-9088-BA94C7AD7469} - \Microsoft\Windows\Setup\EOSNotify -> Ningún archivo <==== ATENCIÓN
Task: {0CCECAAE-C513-4D8A-BB0D-A701F6D970D8} - \Microsoft\Windows\Setup\EOSNotify2 -> Ningún archivo <==== ATENCIÓN
Task: {11823596-E9E2-4867-AB17-316F630D2E63} - System32\Tasks\{0F88FB28-88BA-42FD-AD21-9A1C5AFD46CB} => C:\Windows\system32\pcalua.exe -a D:\Setup.Exe -d D:\
Task: {19F526A5-7704-443A-B340-37AB321C6176} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {20FD9728-6D67-4658-A25C-915705B7A546} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {22FBCBA0-6DBC-4C2C-B8DC-9237FD4BC1AD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2355BEC2-9B01-44A6-8A23-B6C487DD5B10} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {291A8673-A05E-4477-AC3F-C5BFBA9A2B77} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {3A717F81-AE1E-42A1-92B4-6B1D8E02CF93} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {4026C466-BE2A-4705-B493-56609C449C32} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D3AF667-6569-4658-8612-2061FB555E6F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {5F81A927-F514-42DE-BB26-082602862302} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {64F93EDD-EF4E-412E-B9D7-4EFEC721C271} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6DA42C20-7384-4B09-BF56-2CA58420998D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B8F7AF9-A7A2-4CE6-9881-EF09797B5EBD} - System32\Tasks\{BF2A4085-C5F8-47BD-8D80-913147A15C2F} => C:\Windows\system32\pcalua.exe -a D:\UsbWin98\240075ES.exe -d D:\UsbWin98
Task: {83F78DFA-FCC7-4B93-80C4-60B76CEBF00E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {88607D2C-7EEB-4D9E-BCFE-5A1C3A0C6EE7} - System32\Tasks\{F470101C-1CDF-44AD-A60C-844497206096} => C:\Windows\system32\pcalua.exe -a C:\Users\usuario\Downloads\bvreditor_setup.exe -d C:\Users\usuario\Downloads
Task: {97101553-6850-4BE9-BBAF-E0A006105492} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {988F3C02-4E96-458D-9079-5B667CC290EA} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A92C7255-5983-429A-BEC6-5E2F7DDCD1F7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AB4EE68D-4183-472E-92C0-96BA46E99E45} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B82A5D43-16F3-416A-9A7A-2ECA1FDD98EA} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {CBB649C7-6418-418C-9A54-F456CB4D151B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DCB499A0-05CD-48CE-873F-617977A9FA17} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E517304B-6429-4C2E-8496-2C4DFC25E0AE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {EBB79669-1006-4870-AE49-DC52982F2774} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F181D82D-5FDF-449C-990C-E582955C44DB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC003963-8386-4435-AFE1-5E4835168F68} - System32\Tasks\{C0EAE5B0-0E8B-4E8E-A71B-0BB76B29F5EE} => C:\Windows\system32\pcalua.exe -a C:\AUTOCOMM\ComSocios\Setup.Exe -d C:\AUTOCOMM\ComSocios
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2020-03-05] (Sun Microsystems, Inc.) [Archivo no firmado]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
U3 idsvc; no ImagePath
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKU\S-1-5-21-3259171313-655239791-2591294695-1000_Classes\ChromeHTML => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => eliminado correctamente
"HKU\S-1-5-21-3259171313-655239791-2591294695-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => eliminado correctamente
C:\Windows\Installer\{D972B060-F4A8-4692-A5FE-8EAC1CC8575F}\_17248BA8C79B8A7E91CC35.exe => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05C4EBD0-C9FF-490F-83BF-6FEAF438AB09}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05C4EBD0-C9FF-490F-83BF-6FEAF438AB09}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0670B0C5-7D2D-4502-914F-F24E81159FC7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0670B0C5-7D2D-4502-914F-F24E81159FC7}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B803FA1-81F9-4E91-8DAF-0228BBFF39E9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B803FA1-81F9-4E91-8DAF-0228BBFF39E9}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C52900C-5D69-42A2-9088-BA94C7AD7469}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C52900C-5D69-42A2-9088-BA94C7AD7469}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0CCECAAE-C513-4D8A-BB0D-A701F6D970D8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CCECAAE-C513-4D8A-BB0D-A701F6D970D8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify2" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11823596-E9E2-4867-AB17-316F630D2E63}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11823596-E9E2-4867-AB17-316F630D2E63}" => eliminado correctamente
C:\Windows\System32\Tasks\{0F88FB28-88BA-42FD-AD21-9A1C5AFD46CB} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0F88FB28-88BA-42FD-AD21-9A1C5AFD46CB}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19F526A5-7704-443A-B340-37AB321C6176}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19F526A5-7704-443A-B340-37AB321C6176}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20FD9728-6D67-4658-A25C-915705B7A546}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20FD9728-6D67-4658-A25C-915705B7A546}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22FBCBA0-6DBC-4C2C-B8DC-9237FD4BC1AD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22FBCBA0-6DBC-4C2C-B8DC-9237FD4BC1AD}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2355BEC2-9B01-44A6-8A23-B6C487DD5B10}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2355BEC2-9B01-44A6-8A23-B6C487DD5B10}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{291A8673-A05E-4477-AC3F-C5BFBA9A2B77}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{291A8673-A05E-4477-AC3F-C5BFBA9A2B77}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A717F81-AE1E-42A1-92B4-6B1D8E02CF93}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A717F81-AE1E-42A1-92B4-6B1D8E02CF93}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\StartRecording => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4026C466-BE2A-4705-B493-56609C449C32}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4026C466-BE2A-4705-B493-56609C449C32}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D3AF667-6569-4658-8612-2061FB555E6F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D3AF667-6569-4658-8612-2061FB555E6F}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify2" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5F81A927-F514-42DE-BB26-082602862302}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F81A927-F514-42DE-BB26-082602862302}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify1" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64F93EDD-EF4E-412E-B9D7-4EFEC721C271}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64F93EDD-EF4E-412E-B9D7-4EFEC721C271}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DA42C20-7384-4B09-BF56-2CA58420998D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DA42C20-7384-4B09-BF56-2CA58420998D}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B8F7AF9-A7A2-4CE6-9881-EF09797B5EBD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B8F7AF9-A7A2-4CE6-9881-EF09797B5EBD}" => eliminado correctamente
C:\Windows\System32\Tasks\{BF2A4085-C5F8-47BD-8D80-913147A15C2F} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BF2A4085-C5F8-47BD-8D80-913147A15C2F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83F78DFA-FCC7-4B93-80C4-60B76CEBF00E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83F78DFA-FCC7-4B93-80C4-60B76CEBF00E}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88607D2C-7EEB-4D9E-BCFE-5A1C3A0C6EE7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88607D2C-7EEB-4D9E-BCFE-5A1C3A0C6EE7}" => eliminado correctamente
C:\Windows\System32\Tasks\{F470101C-1CDF-44AD-A60C-844497206096} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F470101C-1CDF-44AD-A60C-844497206096}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97101553-6850-4BE9-BBAF-E0A006105492}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97101553-6850-4BE9-BBAF-E0A006105492}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{988F3C02-4E96-458D-9079-5B667CC290EA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{988F3C02-4E96-458D-9079-5B667CC290EA}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A92C7255-5983-429A-BEC6-5E2F7DDCD1F7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A92C7255-5983-429A-BEC6-5E2F7DDCD1F7}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB4EE68D-4183-472E-92C0-96BA46E99E45}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB4EE68D-4183-472E-92C0-96BA46E99E45}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B82A5D43-16F3-416A-9A7A-2ECA1FDD98EA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B82A5D43-16F3-416A-9A7A-2ECA1FDD98EA}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBB649C7-6418-418C-9A54-F456CB4D151B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBB649C7-6418-418C-9A54-F456CB4D151B}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCB499A0-05CD-48CE-873F-617977A9FA17}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCB499A0-05CD-48CE-873F-617977A9FA17}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E517304B-6429-4C2E-8496-2C4DFC25E0AE}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E517304B-6429-4C2E-8496-2C4DFC25E0AE}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBB79669-1006-4870-AE49-DC52982F2774}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBB79669-1006-4870-AE49-DC52982F2774}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F181D82D-5FDF-449C-990C-E582955C44DB}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F181D82D-5FDF-449C-990C-E582955C44DB}" => eliminado correctamente
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC003963-8386-4435-AFE1-5E4835168F68}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC003963-8386-4435-AFE1-5E4835168F68}" => eliminado correctamente
C:\Windows\System32\Tasks\{C0EAE5B0-0E8B-4E8E-A71B-0BB76B29F5EE} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C0EAE5B0-0E8B-4E8E-A71B-0BB76B29F5EE}" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => eliminado correctamente
HKLM\Software\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} => eliminado correctamente
HKLM\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => eliminado correctamente
HKLM\Software\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => eliminado correctamente
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin => eliminado correctamente
HKLM\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
HKLM\SOFTWARE\Google\Chrome\Extensions\fdbpcigaolookbahgdofnimidinicfid => eliminado correctamente
HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => eliminado correctamente
HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd => eliminado correctamente
HKLM\System\CurrentControlSet\Services\idsvc => eliminado correctamente
idsvc => servicio eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3259171313-655239791-2591294695-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
Adaptador de Ethernet Conexi¢n de rea local:
Sufijo DNS espec¡fico para la conexi¢n. . : Home
V¡nculo: direcci¢n IPv6 local. . . : fe80::10b0:f793:8762:d390%14
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.134
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.1.1
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8937472 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12788266 B
Java, Flash, Steam htmlcache => 1173 B
Windows/system/drivers => 1528134 B
Edge => 207898 B
Chrome => 316191569 B
Firefox => 50295804 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 33058 B
Users => 33058 B
ProgramData => 33058 B
Public => 33058 B
systemprofile => 33058 B
LocalService => 60652 B
NetworkService => 69002 B
usuario => 7828136 B
RecycleBin => 0 B
EmptyTemp: => 379.6 MB datos temporales Eliminados.
================================
El sistema necesita reiniciarse.
==== Final Fixlog 19:28:33 ====
Hola.
Si ya vi que era un equipo en RED.
Puedes poner los informes del siguiente equipo en otro tema, y puedes “citarme” poniendo mi nombre con la @ delante(@Javierhf) de esa manera me llegara la notificación y podre atenderte.
Cuando revisemos esos informes y terminemos el otro equipo haces lo mismo con el siguiente.
En cuanto a este tema @Galicha excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.
Para hacerlo descarga DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos.
Tema Solucionado.
Saludos, Javier.