Incapaz de eliminar AcroTray.exe

buenos dias

No tengo claro como debo proceder ya que es mi primer mensaje, pero no soy capaz de eliminar un problema con acotray.exe, me ha salido de repente y como digo no soy capaz, paso el malwarebytes, etc pero ahi sigue, lo he eliminado del inicio y no hay manera

es un malware? es un problema general? os ha pasado antes…

Gracias por vuestra ayuda

Abre el administrador de tareas de windows. pestaña inicio. boton derecho sobre esa entrada…abrir ubicacion y ponme una captura o la ruta exacta.

En teoria ese ejecutable es de Adobe

1 me gusta

si es un archivo ejecutable de adobe, pero no hay manera de eliminarlo y leyendo en algun sitio lo pone virus, lo quito de inicio, lo quito de otras cosa y nada,

aparte tambien algo debo tener porque el visor de eventos como me pone tambien me da un error, busco los errores con cmd… y no puedo acceder al log, porque me sale el mensajito este

no me deja poner imagenes…

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Si.

  • En la nueva ventana que se abre, presiona el botón Analizar y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x86) Versión: 08-03-2020
Ejecutado por Chisco (administrador) sobre CHISCO-PC (20-03-2020 13:53:45)
Ejecutado desde C:\Users\Chisco\Downloads
Perfiles cargados: Chisco (Perfiles disponibles: Chisco)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Cristi) [Archivo no firmado] C:\Program Files\Dual Monitor\DualMonitor.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NexusQA Pty Ltd -> NexusDB Pty Ltd) C:\gms\nexus\nxServer_Trial.exe
(NVIDIA Corporation -> Node.js) C:\Program Files\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
(philandro Software GmbH -> ) C:\Program Files\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> ) C:\Program Files\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> ) C:\Program Files\AnyDesk\AnyDesk.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(The Firebird Project) [Archivo no firmado] C:\Program Files\Common Files\firebird\bin\fbguard.exe
(The Firebird Project) [Archivo no firmado] C:\Program Files\Common Files\firebird\bin\fbserver.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [109824 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [267576 2020-01-16] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3576664 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [43965064 2019-12-22] (Google LLC -> )
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-11-21] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\Run: [dualmonitor] => C:\Program Files\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi) [Archivo no firmado]
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: H - H:\Setup.exe -auto
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {c4888e49-527b-11e5-a4f9-00252239ad03} - H:\Setup.exe -auto
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {c4888e4c-527b-11e5-a4f9-00252239ad03} - H:\instapls.exe /AUTORUN
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {ef612835-5143-11e5-b00c-806e6f6e6963} - E:\DVDSetup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-03-18]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {01FF42D6-531F-486A-850B-649C4AF71D7A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {0E64D64C-9CEC-46A8-9F57-88E2657ED84C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12D5236C-66FD-4DE8-A1E5-2B775E6DA558} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [192704 2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {191180EA-7E95-4C5D-8991-892033AE7131} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [282800 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {197D5D6A-4A54-445A-B942-3215BB8BD308} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [554944 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1E6441F2-8675-4B08-BC08-CC55D4895FF5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {226821CF-0C10-42E4-B340-1607C4B5756F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-11-21] (Piriform Ltd -> Piriform Ltd)
Task: {254A565F-026A-4BF1-BCA4-570D6203D47E} - System32\Tasks\{B260C81F-2CED-4A0C-B41F-C8BD6644D364} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\iWebar\Uninstall.exe" -c /fcp=1
Task: {2927776E-0267-4C47-A5B6-E2A8CE87687C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2D383C52-36DF-4F92-8A39-F3161F0892A4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1051864 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {35E2C85B-BCA0-48FB-94E6-351B4A07D842} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [282800 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {44D64B91-C0B7-4461-ADF0-8A1D1F7D118D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {50AD2A7E-3CFF-42A0-AE8C-B16490D18494} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {52C329DF-00AF-4018-979F-06F0F27CA8B6} - System32\Tasks\{53ED4961-12A0-4D92-855B-2CC8CB1B895A} => C:\Windows\system32\pcalua.exe -a C:\Users\Chisco\AppData\Roaming\Easeware\DriverEasy\drivers\znk3jejw.4xl\nvusmb.exe -d C:\Users\Chisco\AppData\Roaming\Easeware\DriverEasy\drivers\znk3jejw.4xl
Task: {5888BCE1-CBE1-41BD-8F33-0980C26F5B05} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1410152 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {60D3BF2D-0C7B-43BC-A697-4E45F103FC95} - System32\Tasks\{EBFA842C-2DBC-4BAF-9A54-A8DC00470373} => C:\Windows\system32\pcalua.exe -a E:\DVDSetup.exe -d E:\
Task: {733D0B40-D3B5-4221-956F-E28B564B705A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {8C553A42-A47B-48FE-AC28-6CA202581F47} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {96C6DB91-A7B1-41A8-87C3-C2AB22862869} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [554944 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9A531318-F848-4BA8-8D69-7FA8678EFBA5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A3FAE56F-DCDA-4737-8CB2-0A3C68EE9360} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [1923584 2015-09-03] () [Archivo no firmado]
Task: {B4467F09-A46A-4851-93E6-80CEB703BD55} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D355754B-E09A-45E7-902B-8F06F1C7A7B1} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [686592 2013-11-11] () [Archivo no firmado]
Task: {D6ABE2AE-7B5D-4D63-9BC4-1DFEB12AB0C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {DEAA5B67-34D8-484A-8E8A-64E8B25D7DC4} - System32\Tasks\{DA712A7B-E2CF-44F5-930F-715DE6EC62D3} => C:\Windows\system32\pcalua.exe -a "C:\Users\Chisco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NSRL36OY\JavaSetup8u131.exe" -d C:\Users\Chisco\Desktop
Task: {F41DBF28-D59B-449B-8020-A5F811477E2C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB00565A-2B04-434A-87AB-39DB67410A98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.58.61.254 80.58.61.250
Tcpip\..\Interfaces\{896A1512-5E58-416F-9558-9423ABCF0E5D}: [DhcpNameServer] 80.58.61.254 80.58.61.250

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130897574901708984&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.deporteadaptadocyl.org/
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.es/
hxxp://www.seg-social.es/wps/portal/wss/internet/Inicio
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: sagetp - {EB0D4937-D3F4-4CEC-9EB4-2B9DAA1676EC} - C:\GrupoSP\NOM2012\Contrata\SageProtocol.dll [2012-09-25] (SAGE SP) [Archivo no firmado]

FireFox:
========
FF DefaultProfile: jjafp8lg.default
FF ProfilePath: C:\Users\Chisco\AppData\Roaming\Mozilla\Firefox\Profiles\jjafp8lg.default [2020-03-20]
FF Extension: (Tab Reloader (page auto refresh)) - C:\Users\Chisco\AppData\Roaming\Mozilla\Firefox\Profiles\jjafp8lg.default\Extensions\[email protected] [2020-03-20]
FF Extension: (Mega.nz Button) - C:\Users\Chisco\AppData\Roaming\Mozilla\Firefox\Profiles\jjafp8lg.default\Extensions\[email protected] [2017-08-11] [Heredado]
FF Extension: (Google Translator for Firefox) - C:\Users\Chisco\AppData\Roaming\Mozilla\Firefox\Profiles\jjafp8lg.default\Extensions\[email protected] [2019-03-04]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default [2020-03-20]
CHR Notifications: Default -> hxxps://ntrasenioraconsolacion-am-valladolid.educamos.com
CHR HomePage: Default -> hxxps://www.google.es/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.es/"
CHR Extension: (Presentaciones) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Documentos) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Búsqueda de Google) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Hojas de cálculo) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-10]
CHR Extension: (Cisco Webex Extension) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-07-11]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-04-20]
CHR Extension: (LINE) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\menkifleemblimdogmoihpfopnplikde [2019-07-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Amigos Vigo) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnimalgojidacpollieoiidgjjmijnba [2019-08-09]
CHR Extension: (LINE) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ophjlpahpchlmihnnnihgmmeilfjmjjc [2020-03-16]
CHR Extension: (Gmail) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR Profile: C:\Users\Chisco\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-20]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo]
CHR HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
R2 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files\AnyDesk\AnyDesk.exe [3025872 2019-11-29] (philandro Software GmbH -> )
R2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [9412320 2020-03-19] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Common Files\firebird\bin\fbguard.exe [65536 2004-12-13] (The Firebird Project) [Archivo no firmado]
R3 FirebirdServerDefaultInstance; C:\Program Files\Common Files\firebird\bin\fbserver.exe [1527893 2004-12-13] (The Firebird Project) [Archivo no firmado]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [153096 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NXDBServerV4; C:\gms\nexus\nxServer_Trial.exe [12866952 2016-05-06] (NexusQA Pty Ltd -> NexusDB Pty Ltd)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [47096 2017-04-26] (Panda Security S.L. -> Panda Security, S.L.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [685568 2013-11-11] () [Archivo no firmado]
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [419040 2020-03-19] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36496 2016-10-20] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713904 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugin"

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25016 2015-09-02] (Disc Soft Ltd -> Disc Soft Ltd)
R3 EnigmaFileMonDriver; C:\Windows\System32\drivers\EnigmaFileMonDriver.sys [60232 2020-03-20] (EnigmaSoft Limited -> EnigmaSoft Limited)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [129248 2018-12-04] (Malwarebytes Corporation -> Malwarebytes)
R1 googledrivefs2985; C:\Windows\System32\DRIVERS\googledrivefs2985.sys [94504 2020-03-05] (Google LLC -> Google, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2020-03-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [106144 2020-03-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [63760 2020-03-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2020-03-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [83648 2020-03-20] (Malwarebytes Corporation -> Malwarebytes)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [87032 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202104 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109688 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [121720 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [42256 2015-04-27] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [102392 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [72400 2016-03-14] (Panda Security S.L -> Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [120568 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [281720 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [216208 2016-02-17] (Panda Security S.L -> Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [108408 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [247568 2016-02-17] (Panda Security S.L -> Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [94968 2015-12-04] (Panda Security S.L. -> Panda Security, S.L.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28608 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [53616 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [51136 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [147728 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [111376 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [177240 2018-03-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [121616 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132880 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [58288 2016-08-08] (Panda Security S.L -> Panda Security, S.L.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [11232 2019-07-03] (SlimWare Utilities Inc. -> )
S3 tpg86win7; C:\Windows\System32\DRIVERS\tpg86win7.sys [491112 2012-02-22] (Realtek Semiconductor Corp -> TP-LINK TECHNOLOGIES CO., LTD)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [575696 2016-10-20] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2018-07-02] (Microsoft Windows Hardware Compatibility Publisher -> RealVNC Ltd.)
S3 eapihdrv; \??\C:\Users\Chisco\AppData\Local\Temp\ehdrv.sys [X] <==== ATENCIÓN
S3 NTIOLib_1_0_C; \??\E:\NTIOLib.sys [X]
S2 sbmntr; \??\C:\PROGRA~1\YTDOWN~1\sbmntr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-20 13:53 - 2020-03-20 13:55 - 000035056 _____ C:\Users\Chisco\Downloads\FRST.txt
2020-03-20 13:51 - 2020-03-20 13:54 - 000000000 ____D C:\FRST
2020-03-20 13:51 - 2020-03-20 13:51 - 002007552 _____ (Farbar) C:\Users\Chisco\Downloads\FRST.exe
2020-03-20 12:52 - 2020-03-20 12:52 - 000890472 _____ C:\Users\Chisco\Desktop\cc_20200320_125157.reg
2020-03-20 12:45 - 2020-03-20 12:45 - 000000000 ____D C:\Users\Chisco\AppData\Local\mbam
2020-03-20 12:44 - 2020-03-20 13:47 - 000083648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-03-20 12:44 - 2020-03-20 12:44 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-03-20 12:44 - 2020-03-20 12:44 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-03-20 12:44 - 2020-03-20 12:44 - 000106144 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-03-20 12:44 - 2020-03-20 12:44 - 000063760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-03-20 12:44 - 2020-03-20 12:44 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-20 12:44 - 2020-03-20 12:44 - 000002024 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-20 12:44 - 2020-03-20 12:44 - 000000000 ____D C:\Users\Chisco\AppData\Local\mbamtray
2020-03-20 12:44 - 2020-03-20 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-20 12:44 - 2018-12-04 08:09 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2020-03-20 12:43 - 2020-03-20 12:43 - 000000000 ____D C:\ProgramData\MB2Migration
2020-03-20 12:43 - 2020-03-20 12:43 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-20 11:31 - 2016-08-08 10:00 - 000058288 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2020-03-20 09:53 - 2020-03-20 09:53 - 127229528 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2020-03-20 09:51 - 2015-12-16 19:43 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2020-03-20 09:51 - 2015-12-16 19:43 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2020-03-20 09:51 - 2015-12-16 19:43 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2020-03-20 08:14 - 2020-03-20 09:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-03-19 13:15 - 2020-03-20 11:32 - 000060232 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-03-19 13:13 - 2020-03-19 13:13 - 000001167 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2020-03-19 13:13 - 2020-03-19 13:13 - 000001167 _____ C:\ProgramData\Desktop\SpyHunter5.lnk
2020-03-19 13:13 - 2020-03-19 13:13 - 000000000 ____D C:\sh5ldr
2020-03-19 13:13 - 2020-03-19 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-03-19 13:13 - 2020-03-19 13:13 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-03-19 13:12 - 2020-03-19 13:12 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-03-19 13:11 - 2020-03-19 13:12 - 006455520 _____ (EnigmaSoft Limited) C:\Users\Chisco\Downloads\SpyHunter-Installer.exe
2020-03-18 16:11 - 2020-03-18 17:47 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-03-18 16:11 - 2020-03-18 17:47 - 000002007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-03-18 16:11 - 2020-03-18 16:11 - 000001984 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2020-03-18 16:11 - 2020-03-18 16:11 - 000001984 _____ C:\ProgramData\Desktop\Adobe Acrobat DC.lnk
2020-03-18 15:18 - 2020-03-18 15:19 - 022195736 _____ (Piriform Software Ltd) C:\Users\Chisco\Downloads\ccsetup564.exe
2020-03-18 08:40 - 2020-03-18 08:40 - 000000000 ____D C:\Users\Chisco\Desktop\colocar
2020-03-17 08:40 - 2020-03-18 13:47 - 000001741 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-03-17 08:40 - 2020-03-18 13:47 - 000001741 _____ C:\ProgramData\Desktop\iTunes.lnk
2020-03-17 08:40 - 2020-03-17 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-03-17 08:40 - 2020-03-17 08:40 - 000000000 ____D C:\Program Files\iPod
2020-03-17 08:39 - 2020-03-17 08:40 - 000000000 ____D C:\Program Files\iTunes
2020-03-16 10:18 - 2020-03-18 16:08 - 000000000 ____D C:\Users\Chisco\Desktop\Cuarentena fedeacyl
2020-03-13 13:57 - 2020-03-13 13:57 - 000034206 _____ C:\Users\Chisco\Downloads\LlistatExcel (25).xls
2020-03-13 11:46 - 2020-03-13 11:46 - 008092288 _____ (Tim Kosse) C:\Users\Chisco\Downloads\FileZilla_3.47.2.1_win32-setup.exe
2020-03-13 09:19 - 2020-03-13 09:20 - 000014753 _____ C:\Users\Chisco\Downloads\SEPA 34-14 (XML)-Remesa 13-03-2020.xml
2020-03-13 08:28 - 2020-03-13 08:28 - 000119843 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (45).pdf
2020-03-13 08:00 - 2020-03-13 08:00 - 000152095 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (43).pdf
2020-03-13 08:00 - 2020-03-13 08:00 - 000119473 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (44).pdf
2020-03-13 08:00 - 2020-03-13 08:00 - 000002214 _____ C:\Users\Chisco\Downloads\7130_0001873995_12032020.n43
2020-03-11 14:45 - 2020-03-05 14:34 - 000094504 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs2985.sys
2020-03-11 10:24 - 2020-03-11 10:24 - 000152106 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (42).pdf
2020-03-11 10:24 - 2020-03-11 10:24 - 000119843 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (41).pdf
2020-03-11 10:06 - 2020-03-11 10:06 - 000092985 _____ C:\Users\Chisco\Downloads\04-03-2020_FACTURA_TA6BV0088975.pdf
2020-03-11 08:41 - 2020-03-11 08:41 - 000001620 _____ C:\Users\Chisco\Downloads\LlistatExcel (24).xls
2020-03-11 08:38 - 2020-03-11 08:38 - 000001688 _____ C:\Users\Chisco\Downloads\LlistatExcel (23).xls
2020-03-11 08:36 - 2020-03-11 08:36 - 000001754 _____ C:\Users\Chisco\Downloads\LlistatExcel (22).xls
2020-03-11 08:25 - 2020-03-11 08:25 - 000005400 _____ C:\Users\Chisco\Downloads\LlistatExcel (21).xls
2020-03-11 08:16 - 2020-03-11 08:16 - 000119459 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (40).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000197410 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (39).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000152149 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (34).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000152146 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (35).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000152145 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (37).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000152138 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (36).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000119818 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (38).pdf
2020-03-11 08:09 - 2020-03-11 08:09 - 000004428 _____ C:\Users\Chisco\Downloads\7130_0001873995_10032020.n43
2020-03-10 13:43 - 2020-03-10 13:43 - 000052116 _____ C:\Users\Chisco\Downloads\SEPA 19-14 COR1 (XML)-Remesa Marzo 2020.xml
2020-03-09 07:42 - 2020-03-09 07:42 - 000046372 _____ C:\Users\Chisco\Downloads\LlistatExcel (20).xls
2020-03-06 19:40 - 2020-03-06 19:40 - 000021869 _____ C:\Users\Chisco\Downloads\LlistatExcel (19).xls
2020-03-06 10:45 - 2020-03-06 10:45 - 000004805 _____ C:\Users\Chisco\Downloads\LlistatExcel (18).xls
2020-03-05 23:11 - 2020-03-05 23:11 - 000059344 _____ (Adobe Systems Inc) C:\Windows\system32\AdobePDF.dll
2020-03-05 23:11 - 2020-03-05 23:11 - 000034768 _____ (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
2020-03-04 12:44 - 2020-03-04 12:44 - 000002603 _____ C:\Users\Chisco\Downloads\LlistatExcel (17).xls
2020-03-04 11:06 - 2020-03-04 11:06 - 000011398 _____ C:\Users\Chisco\Downloads\7130_0001873995_03032020.n43
2020-03-04 11:04 - 2020-03-04 11:04 - 000152138 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (30).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000152127 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (31).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000152110 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (32).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000152085 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (33).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119949 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (29).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119936 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (27).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119935 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (25).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119921 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (28).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119921 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (22).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119917 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (21).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119905 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (26).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119903 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (23).pdf
2020-03-04 11:04 - 2020-03-04 11:04 - 000119899 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (24).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000152136 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (15).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000119949 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (19).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000119928 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (20).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000119924 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (17).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000119919 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (16).pdf
2020-03-04 11:03 - 2020-03-04 11:03 - 000119918 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (18).pdf
2020-03-04 09:55 - 2020-03-04 09:55 - 000165266 _____ C:\Users\Chisco\Downloads\20-602 Convocatoria cerrada Curso de Entrenadores de Goalball- Barcelona.pdf
2020-03-02 14:12 - 2020-03-02 14:12 - 000217172 _____ C:\Users\Chisco\Downloads\20-056 Convocatoria cerrada 1o Campeonato Internacional  Judo- Tblisi -Georgia.pdf
2020-03-02 09:30 - 2020-03-02 09:30 - 000008803 _____ C:\Users\Chisco\Desktop\Licencias Mujeres 19-20.xlsx
2020-03-02 09:30 - 2020-03-02 09:30 - 000000165 ____H C:\Users\Chisco\Desktop\~$Licencias Mujeres 19-20.xlsx
2020-03-02 08:41 - 2020-03-02 08:41 - 000696409 _____ C:\Users\Chisco\Downloads\INDEFINIDOFEBRERO OK 2020 2 (3).pdf
2020-03-02 08:31 - 2020-03-02 08:31 - 000696409 _____ C:\Users\Chisco\Downloads\INDEFINIDOFEBRERO OK 2020 2 (2).pdf
2020-03-02 08:31 - 2020-03-02 08:31 - 000696409 _____ C:\Users\Chisco\Downloads\INDEFINIDOFEBRERO OK 2020 2 (1).pdf
2020-03-02 08:31 - 2020-03-02 08:31 - 000122683 _____ C:\Users\Chisco\Downloads\Mod._191. Enero2020.pdf
2020-03-02 08:22 - 2020-03-02 08:22 - 000696409 _____ C:\Users\Chisco\Downloads\INDEFINIDOFEBRERO OK 2020 2.pdf
2020-02-28 10:34 - 2020-02-28 10:34 - 000016396 _____ C:\Users\Chisco\Downloads\LlistatExcel (16).xls
2020-02-28 10:21 - 2020-02-28 10:21 - 000006526 _____ C:\Users\Chisco\Downloads\Mod347_2019_FEDEACYL.txt
2020-02-28 08:54 - 2020-02-28 08:54 - 002070529 _____ C:\Users\Chisco\Downloads\Helveticas.zip
2020-02-28 08:53 - 2020-02-28 08:53 - 004538748 _____ C:\Users\Chisco\Downloads\Helvetica.rar
2020-02-28 08:40 - 2020-02-28 08:41 - 000233670 _____ C:\Users\Chisco\Downloads\helveticaneue.zip
2020-02-28 08:36 - 2020-02-28 08:36 - 000003607 _____ C:\Users\Chisco\Downloads\Balance de Situación (Abreviado).pdf
2020-02-28 08:35 - 2020-02-28 08:35 - 000006998 _____ C:\Users\Chisco\Downloads\Cuenta de explotación (4).pdf
2020-02-28 08:25 - 2020-02-28 08:25 - 000119498 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (13).pdf
2020-02-28 08:25 - 2020-02-28 08:25 - 000119498 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (12).pdf
2020-02-28 08:25 - 2020-02-28 08:25 - 000119459 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (14).pdf
2020-02-28 08:24 - 2020-02-28 08:24 - 000007544 _____ C:\Users\Chisco\Downloads\7130_0001873995_27022020.n43
2020-02-28 08:23 - 2020-02-28 08:23 - 000152124 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (10).pdf
2020-02-28 08:23 - 2020-02-28 08:23 - 000119995 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (7).pdf
2020-02-28 08:23 - 2020-02-28 08:23 - 000119933 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (9).pdf
2020-02-28 08:23 - 2020-02-28 08:23 - 000119927 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (6).pdf
2020-02-28 08:23 - 2020-02-28 08:23 - 000119923 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (8).pdf
2020-02-28 08:23 - 2020-02-28 08:23 - 000119843 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (11).pdf
2020-02-28 08:20 - 2020-02-28 08:20 - 000009515 _____ C:\Users\Chisco\Downloads\SEPA 34-14
   Nómina (XML)-Remesa Nominas Febrero 2020.xml
2020-02-27 14:46 - 2020-02-27 14:46 - 000008312 _____ C:\Users\Chisco\Downloads\VJFVY9LC59DK6928.pdf
2020-02-27 14:45 - 2020-02-27 14:45 - 000008309 _____ C:\Users\Chisco\Downloads\VJ3LT7N7VX8H6927.pdf
2020-02-26 09:55 - 2020-02-28 10:54 - 000019006 _____ C:\Users\Chisco\Desktop\Mod347_2019_FDMESCYL (1) (Autoguardado).xlsx
2020-02-20 10:30 - 2020-02-20 10:30 - 000323628 _____ C:\Users\Chisco\Downloads\FED_0_7f1b7d19-4ac7-45f5-b587-ccdae924453b_
2020-02-20 10:29 - 2020-02-20 10:29 - 000658610 _____ C:\Users\Chisco\Downloads\FED_0_19573f1a-e98e-4f53-b425-d15d986d5535.pdf
2020-02-20 10:29 - 2020-02-20 10:29 - 000323628 _____ C:\Users\Chisco\Downloads\FED_0_7f1b7d19-4ac7-45f5-b587-ccdae924453b.pdf
2020-02-19 13:23 - 2020-02-19 13:23 - 000003455 _____ C:\Users\Chisco\Downloads\SEPA 34-14 (XML)-Remesa 19-02-2020.xml
2020-02-19 12:35 - 2020-02-19 12:35 - 000119483 _____ C:\Users\Chisco\Downloads\CUExtractOperationsQuery (5).pdf
2020-02-19 12:34 - 2020-02-19 12:34 - 000000902 _____ C:\Users\Chisco\Downloads\7130_0001873995_18022020.n43
2020-02-19 12:22 - 2020-02-19 12:22 - 000015830 _____ C:\Users\Chisco\Downloads\LlistatExcel (15).xls
2020-02-19 12:18 - 2020-02-19 12:18 - 000002573 _____ C:\Users\Chisco\Downloads\SEPA 19-14 COR1 (XML)-Remesa Febrero 2020-2.xml

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-20 13:47 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-03-20 13:43 - 2019-04-30 12:43 - 000000000 ____D C:\Users\Chisco\AppData\Roaming\FileZilla
2020-03-20 13:42 - 2018-10-08 12:07 - 000000000 ____D C:\Users\Chisco\AppData\Local\CrashDumps
2020-03-20 13:10 - 2015-09-02 10:07 - 000000000 ____D C:\Users\Chisco\Documents\Archivos de Outlook
2020-03-20 12:43 - 2015-10-20 07:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-20 12:43 - 2015-10-20 07:38 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2020-03-20 12:25 - 2015-09-03 19:10 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-20 12:04 - 2009-07-14 05:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-20 12:04 - 2009-07-14 05:34 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-20 11:44 - 2017-04-20 07:05 - 000000000 ___RD C:\Users\Chisco\Google Drive
2020-03-20 11:32 - 2018-09-28 18:20 - 000002896 _____ C:\Windows\system32\Tasks\AutoKMS
2020-03-20 11:32 - 2015-09-03 22:53 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
2020-03-20 11:31 - 2018-10-22 06:26 - 003795008 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-20 11:31 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-20 11:09 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2020-03-20 10:15 - 2015-09-04 14:55 - 000000000 ____D C:\Windows\system32\MRT
2020-03-20 10:00 - 2018-09-20 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-03-20 10:00 - 2015-09-04 14:54 - 118379832 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-20 10:00 - 2015-09-03 19:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-03-20 09:29 - 2016-02-01 14:11 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-03-20 09:14 - 2015-09-04 10:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-03-20 09:09 - 2009-07-14 03:04 - 000000478 _____ C:\Windows\win.ini
2020-03-20 09:08 - 2015-09-04 22:33 - 000705474 _____ C:\Windows\system32\prfh0416.dat
2020-03-20 09:08 - 2015-09-04 22:33 - 000688802 _____ C:\Windows\system32\perfh007.dat
2020-03-20 09:08 - 2015-09-04 22:33 - 000648276 _____ C:\Windows\system32\perfh01F.dat
2020-03-20 09:08 - 2015-09-04 22:33 - 000148774 _____ C:\Windows\system32\perfc007.dat
2020-03-20 09:08 - 2015-09-04 22:33 - 000147314 _____ C:\Windows\system32\prfc0416.dat
2020-03-20 09:08 - 2015-09-04 22:33 - 000139658 _____ C:\Windows\system32\perfc01F.dat
2020-03-20 09:08 - 2011-04-12 02:30 - 000747396 _____ C:\Windows\system32\perfh00A.dat
2020-03-20 09:08 - 2011-04-12 02:30 - 000158868 _____ C:\Windows\system32\perfc00A.dat
2020-03-20 09:08 - 2010-11-20 22:01 - 004070386 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-20 08:56 - 2016-11-30 17:41 - 000000000 ____D C:\Users\Chisco\AppData\LocalLow\Mozilla
2020-03-19 22:46 - 2015-09-02 08:38 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-19 22:46 - 2015-09-02 08:38 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-19 22:46 - 2015-09-02 08:38 - 000002127 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-03-19 19:42 - 2019-10-03 15:43 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-03-19 19:42 - 2019-10-03 15:43 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-03-18 17:48 - 2015-10-16 05:58 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-18 17:38 - 2018-07-30 16:29 - 000000000 ____D C:\Users\Chisco\Documents\06 Otros
2020-03-18 17:36 - 2018-10-22 07:59 - 000113592 _____ C:\Users\Chisco\AppData\Local\GDIPFONTCACHEV1.DAT
2020-03-18 16:10 - 2015-09-07 07:15 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-03-18 16:09 - 2019-03-14 22:34 - 000000000 ___RD C:\Users\Chisco\Desktop\Logos
2020-03-18 16:07 - 2019-12-19 18:08 - 000000000 ____D C:\Users\Chisco\Desktop\inscripcionesventosfeddi
2020-03-18 16:07 - 2015-09-07 07:15 - 000000000 ____D C:\ProgramData\Adobe
2020-03-18 16:03 - 2018-07-27 07:11 - 000000000 ____D C:\Users\Chisco\Desktop\Adobe Acrobat
2020-03-18 13:48 - 2018-06-13 17:03 - 000002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drive File Stream.lnk
2020-03-18 13:48 - 2017-07-14 10:10 - 000002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2020-03-18 13:48 - 2016-03-28 10:51 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 13:48 - 2016-03-14 14:13 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Crystal Reports.lnk
2020-03-18 13:48 - 2016-02-10 12:58 - 000001320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2020-03-18 13:48 - 2016-02-10 12:58 - 000001251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2020-03-18 13:48 - 2016-02-01 14:11 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-03-18 13:48 - 2015-11-26 13:30 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2020-03-18 13:48 - 2015-09-02 08:29 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2020-03-18 13:48 - 2015-09-02 08:29 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2020-03-18 13:48 - 2009-07-14 05:46 - 000001491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2020-03-18 13:48 - 2009-07-14 05:42 - 000001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2020-03-18 13:48 - 2009-07-14 05:42 - 000001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2020-03-18 13:48 - 2009-07-14 05:42 - 000001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2020-03-18 13:47 - 2019-07-05 11:13 - 000001113 _____ C:\Users\Public\Desktop\AutoFirma.lnk
2020-03-18 13:47 - 2019-07-05 11:13 - 000001113 _____ C:\ProgramData\Desktop\AutoFirma.lnk
2020-03-18 13:47 - 2019-07-03 17:28 - 000001081 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2020-03-18 13:47 - 2019-07-03 17:28 - 000001081 _____ C:\ProgramData\Desktop\CPUID HWMonitor.lnk
2020-03-18 13:47 - 2019-02-22 08:00 - 000001844 _____ C:\Users\Public\Desktop\AnyDesk.lnk
2020-03-18 13:47 - 2019-02-22 08:00 - 000001844 _____ C:\ProgramData\Desktop\AnyDesk.lnk
2020-03-18 13:47 - 2018-11-26 10:15 - 000002145 _____ C:\Users\Public\Desktop\Panda Antivirus Pro.lnk
2020-03-18 13:47 - 2018-11-26 10:15 - 000002145 _____ C:\ProgramData\Desktop\Panda Antivirus Pro.lnk
2020-03-18 13:47 - 2018-11-21 13:04 - 000001147 _____ C:\Users\Public\Desktop\Meet Manager.lnk
2020-03-18 13:47 - 2018-11-21 13:04 - 000001147 _____ C:\ProgramData\Desktop\Meet Manager.lnk
2020-03-18 13:47 - 2018-09-20 17:33 - 000001368 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-03-18 13:47 - 2018-09-20 17:33 - 000001368 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-03-18 13:47 - 2017-06-07 16:56 - 000002124 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2020-03-18 13:47 - 2017-06-07 16:56 - 000002124 _____ C:\ProgramData\Desktop\Google Earth Pro.lnk
2020-03-18 13:47 - 2016-09-07 07:43 - 000001186 _____ C:\Users\Public\Desktop\Movie Studio Platinum 13.0.lnk
2020-03-18 13:47 - 2016-09-07 07:43 - 000001186 _____ C:\ProgramData\Desktop\Movie Studio Platinum 13.0.lnk
2020-03-18 13:47 - 2016-07-13 07:07 - 000001799 _____ C:\Users\Public\Desktop\Sociedades 200-2015.lnk
2020-03-18 13:47 - 2016-07-13 07:07 - 000001799 _____ C:\ProgramData\Desktop\Sociedades 200-2015.lnk
2020-03-18 13:47 - 2016-06-10 07:07 - 000001655 _____ C:\Users\Public\Desktop\Renta 2015.lnk
2020-03-18 13:47 - 2016-06-10 07:07 - 000001655 _____ C:\ProgramData\Desktop\Renta 2015.lnk
2020-03-18 13:47 - 2016-05-11 13:02 - 000001205 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk
2020-03-18 13:47 - 2016-05-11 13:02 - 000001205 _____ C:\ProgramData\Desktop\MiniTool Partition Wizard Home Edition.lnk
2020-03-18 13:47 - 2016-03-28 10:51 - 000002011 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-03-18 13:47 - 2016-03-28 10:51 - 000002011 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-03-18 13:47 - 2016-02-01 14:12 - 000001103 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-03-18 13:47 - 2016-02-01 14:12 - 000001103 _____ C:\ProgramData\Desktop\Firefox.lnk
2020-03-18 13:47 - 2016-01-27 12:06 - 000001637 _____ C:\Users\Public\Desktop\Informativas.lnk
2020-03-18 13:47 - 2016-01-27 12:06 - 000001637 _____ C:\ProgramData\Desktop\Informativas.lnk
2020-03-18 13:47 - 2015-10-19 18:34 - 000000963 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-03-18 13:47 - 2015-10-19 18:34 - 000000963 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-03-18 13:47 - 2015-09-22 08:03 - 000000642 _____ C:\Users\Public\Desktop\Piscina 2005.lnk
2020-03-18 13:47 - 2015-09-22 08:03 - 000000642 _____ C:\ProgramData\Desktop\Piscina 2005.lnk
2020-03-18 13:47 - 2015-09-03 20:56 - 000001586 _____ C:\Users\Public\Desktop\NominaSOL.lnk
2020-03-18 13:47 - 2015-09-03 20:56 - 000001586 _____ C:\ProgramData\Desktop\NominaSOL.lnk
2020-03-18 13:47 - 2015-09-02 11:19 - 000001499 _____ C:\Users\Public\Desktop\SILTRA.lnk
2020-03-18 13:47 - 2015-09-02 11:19 - 000001499 _____ C:\ProgramData\Desktop\SILTRA.lnk
2020-03-18 13:46 - 2019-09-16 15:53 - 000008135 _____ C:\Users\Chisco\Desktop\CONTROL LICENCIAS 2020.xlsx.lnk
2020-03-18 13:46 - 2017-04-20 07:05 - 000001707 _____ C:\Users\Chisco\Desktop\Google Drive.lnk
2020-03-18 13:46 - 2016-10-07 07:06 - 000001379 _____ C:\Users\Chisco\Desktop\GMS 5.lnk
2020-03-18 13:46 - 2015-10-19 20:05 - 000001100 _____ C:\Users\Chisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-03-18 13:46 - 2015-09-23 12:43 - 000002619 _____ C:\Users\Chisco\Desktop\µTorrent.lnk
2020-03-18 13:46 - 2015-09-23 12:43 - 000002599 _____ C:\Users\Chisco\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2020-03-18 13:46 - 2015-09-22 08:00 - 000001033 _____ C:\Users\Chisco\Desktop\Licencias 2009.lnk
2020-03-18 13:46 - 2015-09-14 09:26 - 000000919 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2020-03-18 13:46 - 2015-09-07 19:33 - 000001539 _____ C:\Users\Chisco\Desktop\SP Panel de Gestión.lnk
2020-03-18 13:46 - 2015-09-07 09:57 - 000001876 _____ C:\Users\Chisco\Desktop\Chisco (LACIE-CLOUDBOX) - Acceso directo.lnk
2020-03-18 13:46 - 2009-07-14 05:46 - 000001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2020-03-18 13:46 - 2009-07-14 05:37 - 000001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2020-03-18 13:38 - 2016-07-01 11:35 - 000000000 ____D C:\Facturae-3.4
2020-03-18 11:58 - 2019-07-22 14:56 - 000000000 ____D C:\ProgramData\Garmin
2020-03-18 11:58 - 2016-01-14 03:03 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-18 10:48 - 2017-10-02 13:40 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2020-03-18 10:47 - 2019-06-26 06:44 - 000000000 ____D C:\Users\Chisco\AppData\Local\SlimWare Utilities Inc
2020-03-18 10:47 - 2017-10-02 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Banco Sabadell
2020-03-18 10:23 - 2015-09-02 11:35 - 000000000 ____D C:\Users\Chisco\Documents\Administracion
2020-03-17 13:53 - 2015-09-02 11:18 - 000000000 ____D C:\SILTRA
2020-03-13 13:43 - 2019-10-23 10:20 - 013355984 _____ (Splash Software ) C:\Users\Chisco\Desktop\install_Meet.exe
2020-03-13 13:43 - 2018-11-21 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splash Software
2020-03-13 12:46 - 2016-09-12 08:55 - 000000000 ____D C:\Users\Chisco\Desktop\Mas Usados
2020-03-13 11:50 - 2019-04-30 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2020-03-13 11:50 - 2019-04-30 12:42 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2020-03-13 11:47 - 2019-09-23 13:55 - 000000000 ____D C:\Users\Chisco\Desktop\borrro
2020-03-12 10:08 - 2017-06-05 12:26 - 000000000 ____D C:\Users\Chisco\.afirma
2020-03-11 17:41 - 2015-10-29 08:28 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2020-03-11 17:41 - 2015-10-29 08:28 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2020-03-11 17:41 - 2015-10-29 08:28 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-03-11 17:41 - 2015-09-07 19:34 - 000000000 ____D C:\Windows\system32\Macromed
2020-03-11 14:20 - 2015-08-17 08:58 - 000000000 ____D C:\Users\Chisco\Desktop\esther-chisco
2020-03-11 13:45 - 2019-10-02 11:14 - 000000000 ____D C:\Users\Chisco\Desktop\Contratos Studio 81 Pilates Wellness
2020-03-11 13:45 - 2016-09-08 10:43 - 000000132 _____ C:\Users\Chisco\AppData\Roaming\Adobe PNG Format CS5 Prefs
2020-03-10 07:21 - 2017-02-09 12:22 - 001597952 ___SH C:\Users\Chisco\Desktop\Thumbs.db
2020-02-19 09:37 - 2020-02-17 13:39 - 000000000 ____D C:\Users\Chisco\Desktop\copiafooter

==================== Archivos en la raíz de algunos directorios ========

2015-11-27 08:07 - 2020-02-14 12:07 - 000000132 _____ () C:\Users\Chisco\AppData\Roaming\Adobe BMP Format CS5 Prefs
2016-09-08 10:43 - 2020-03-11 13:45 - 000000132 _____ () C:\Users\Chisco\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-04-19 13:20 - 2015-04-19 13:20 - 000005872 _____ () C:\Users\Chisco\AppData\Roaming\BGZfcwCeBjMcVqxnMHsw
2017-01-15 19:37 - 2017-01-15 19:37 - 000038422 _____ () C:\Users\Chisco\AppData\Roaming\Valores separados por comas.ADR
2018-09-28 17:08 - 2018-09-28 17:08 - 000000000 _____ () C:\Users\Chisco\AppData\Local\oobelibMkey.log
2015-09-23 08:53 - 2015-09-23 08:53 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc41E4.tmp
2015-09-09 07:07 - 2015-09-09 07:07 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc441E.tmp
2016-09-19 13:26 - 2016-09-19 13:26 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc6410.tmp
2015-09-09 07:06 - 2015-09-09 07:06 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc6FD7.tmp
2015-09-09 13:55 - 2015-09-09 13:55 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc8612.tmp
2017-01-31 09:10 - 2017-01-31 09:10 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc8D07.tmp
2017-04-19 17:04 - 2017-04-19 17:04 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc9910.tmp
2016-02-23 17:22 - 2016-02-23 17:22 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcB4F0.tmp
2016-03-02 09:33 - 2016-03-02 09:33 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcBD6F.tmp
2017-04-19 18:35 - 2017-04-19 18:35 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcC4A0.tmp
2016-02-17 08:19 - 2016-02-17 08:19 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcCC35.tmp
2015-09-09 07:24 - 2015-09-09 07:24 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcDBC2.tmp
2017-09-27 17:38 - 2017-09-27 17:38 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcEA4A.tmp
2016-03-16 09:40 - 2016-03-16 09:40 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcF4EE.tmp
2017-04-20 13:16 - 2017-04-20 13:16 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcFA68.tmp

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-03-18 00:20
==================== Final de FRST.txt ========================




 texto preformateado con sangría de 4 espaciosResultados del Análisis Adicional de Farbar Recovery Scan Tool (x86) Versión: 08-03-2020
Ejecutado por Chisco (20-03-2020 13:55:53)
Ejecutado desde C:\Users\Chisco\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2015-09-02 07:32:51)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3742766960-1559033760-2549734497-500 - Administrator - Disabled)
Chisco (S-1-5-21-3742766960-1559033760-2549734497-1000 - Administrator - Enabled) => C:\Users\Chisco
HomeGroupUser$ (S-1-5-21-3742766960-1559033760-2549734497-1003 - Limited - Enabled)
Invitado (S-1-5-21-3742766960-1559033760-2549734497-501 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Panda Antivirus Pro (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Antivirus Pro (Disabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
FW: Panda Firewall (Enabled) {F77F8DFC-1E5A-11E9-2FBF-DE5D4822445B}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
Actualización de NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
Adobe Acrobat DC (HKLM\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.344 - Adobe)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
AnyDesk (HKLM\...\AnyDesk) (Version: ad 5.4.0 - philandro Software GmbH)
Apple Application Support (32 bits) (HKLM\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6410B4F5-85F0-4AAD-B2B9-486B2CB80040}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
AutoFirma (HKLM\...\AutoFirma) (Version: 1.6.5 - Gobierno de España)
Backup and Sync from Google (HKLM\...\{FFBF7E6D-BD1B-4ABD-B6AF-403A7A6B5FE3}) (Version: 3.48.8668.1933 - Google, Inc.)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Card Reader Patch 1.0 for Windows 7 (HKLM\...\Card Reader Windows 7 Patch_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Chrome Remote Desktop Host (HKLM\...\{EF08968E-F7E7-43EA-95B1-1E8ACC8CC459}) (Version: 80.0.3987.18 - Google Inc.)
Cliente 2.1 de Active Directory Rights Management Services (HKLM\...\{F4D41960-37A6-4E9E-872B-B14A6B884ED5}) (Version: 1.0.2217.0 - Microsoft Corporation)
Configurador AEAT (HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\Configurador AEAT 2.9) (Version: 2.9 - AEAT)
Configurador_FNMT (HKLM\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.6 - FNMT-RCM)
CPUID HWMonitor 1.40 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.40 - CPUID, Inc.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Desinstalación de CopyTrans Suite solamente (HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\CopyTrans Suite) (Version: 4.013 - WindSolutions)
Desinstalador de controlador de impresora UFR II XPS (HKLM\...\Canon UFR II XPS Printer Driver) (Version: 2, 0, 0, 0 - Canon Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Dual Monitor 1.22 (HKLM\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
FileZilla Client 3.47.2.1 (HKLM\...\FileZilla Client) (Version: 3.47.2.1 - Tim Kosse)
Firebird 1.5.2.4731 (HKLM\...\FBDBServer_1_5_is1) (Version:  - Firebird Project)
Firebird ODBC Driver 1.2.0.69 (HKLM\...\Firebird ODBC Driver_is1) (Version:  - Firebird Project)
Galería de fotos (HKLM\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GMS 5.6 (HKLM\...\GMS 5.6) (Version:  - Bespoke Software, Inc.)
GMS 5.6 Standalone (HKLM\...\GMS 5.6 Standalone) (Version:  - Bespoke Software, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 37.0.8.0 - Google, Inc.)
Google Earth Pro (HKLM\...\{DE706580-82C7-4B1A-ABA4-EA48AC15B045}) (Version: 7.1.8.3036 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Informativas 11.00 (HKLM\...\4292-5894-1006-6413) (Version: 12.02 - AEAT)
iTunes (HKLM\...\{8AB49A8C-7926-489C-B5AF-23F83372765D}) (Version: 12.10.4.2 - Apple Inc.)
Java 7 Update 79 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 241 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
KMSpico v9.0.5.20131111 (HKLM\...\KMSpico_is1) (Version: 9.0.5.20131111 - )
LINE (HKLM\...\LINE) (Version: 4.1.3.586 - LINE Corporation)
Lotus NotesSQL 2.06 driver (HKLM\...\Lotus NotesSQL 2.06 driver) (Version:  - )
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MFP-Printer Utility 65C-9_36C-9_28C-8_C MF385-2Series (HKLM\...\MFP-Printer Utility 65C-9_36C-9_28C-8_C MF385-2Series Installer) (Version:  - MFP-Printer Utility)
Microsoft .NET Framework 4.8 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Português (Brasil)) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Access database engine 2010 (Spanish) (HKLM\...\{90140000-00D1-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Movie Maker (HKLM\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Studio Platinum 13.0 (HKLM\...\{C07796C0-7C69-11E3-8E39-F04DA23A5C58}) (Version: 13.0.878 - Sony)
Mozilla Firefox 74.0 (x86 es-ES) (HKLM\...\Mozilla Firefox 74.0 (x86 es-ES)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0.0.7373 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NATACION LICENCIAS 2005 (HKLM\...\NATACION LICENCIAS 2005
) (Version:  - )
NATACION PISCINA 2005 (HKLM\...\NATACION PISCINA 2005) (Version:  - )
NominaSOL (HKLM\...\{1A20B58B-6703-471C-8542-E5026961AA30}) (Version: 1.0.0 - Software del Sol, S.A.)
NVIDIA Controlador de 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Antivirus Pro (HKLM\...\{C680D644-42CA-4E2D-93E2-00A4A1F135B3}) (Version: 8.31.30 - Panda Security) Hidden
Panda Antivirus Pro (HKLM\...\Panda Universal Agent Endpoint) (Version: 17.00.02.0000 - Panda Security)
Panda Devices Agent (HKLM\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panel de control de NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x86) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Photoshop CS5 Extended 12.0 (HKLM\...\Photoshop CS5 Extended 12.0) (Version:  - )
Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.44 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Renta 2015 1.31 (HKLM\...\9648-5771-9114-3169) (Version: 1.31 - AEAT)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Seagate Crystal Reports Developer Edition (HKLM\...\{C0774966-2821-11D3-B32D-00A0C9DA500E}) (Version: 8.0.0.371 - Seagate Software, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Shape Collage (HKLM\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Sharepod 4.2.0.0 (HKLM\...\{085BCFB8-F6FB-4600-AFAB-1F6DBC7F5F99}_is1) (Version:  - Macroplant LLC)
Sociedades 200-2015 1.21 (HKLM\...\3328-0225-8835-0437) (Version: 1.21 - AEAT)
Splash Meet Manager 11 (HKLM\...\Splash Meet Manager_is1) (Version: 11 - Splash Software)
SpyHunter 5 (HKLM\...\SpyHunter5) (Version: 5.8.10.170 - EnigmaSoft Limited)
SyncBackFree (HKLM\...\SyncBackFree_is1) (Version: 7.6.18.0 - 2BrightSparks)
Update for Skype for Business 2015 (KB4484097) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5735F518-9EDC-4464-87BC-6316D456391E}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484097) 32-Bit Edition (HKLM\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{5735F518-9EDC-4464-87BC-6316D456391E}) (Version:  - Microsoft)
VIA Administrador de dispositivos de plataforma (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.44 - VIA Technologies, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSuite32 8.2.0 (HKLM\...\ST6UNST #1) (Version:  - )

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{00b7e0ab-817a-44ad-a04b-d1148d524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{7c6e29bc-8b8b-4c3d-859e-af6cd158be0f}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969c0-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969c1-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969c2-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969c3-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969c4-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969c5-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969c6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969c8-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969c9-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969ca-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000_Classes\CLSID\{88d969d6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\37.0.8.0\drivefsext.dll [2020-03-05] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\37.0.8.0\drivefsext.dll [2020-03-05] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\37.0.8.0\drivefsext.dll [2020-03-05] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\37.0.8.0\drivefsext.dll [2020-03-05] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\37.0.8.0\drivefsext.dll [2020-03-05] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files\Panda Security\Panda Security Protection\PSUAShell.dll [2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\37.0.8.0\drivefsext.dll [2020-03-05] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\37.0.8.0\drivefsext.dll [2020-03-05] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files\Panda Security\Panda Security Protection\PSUAShell.dll [2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files\Panda Security\Panda Security Protection\PSUAShell.dll [2016-08-05] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3742766960-1559033760-2549734497-1000: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} =>  -> Ningún archivo
ContextMenuHandlers4_S-1-5-21-3742766960-1559033760-2549734497-1000: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} =>  -> Ningún archivo
ContextMenuHandlers5_S-1-5-21-3742766960-1559033760-2549734497-1000: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} =>  -> Ningún archivo

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Chisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) ->  

==================== Módulos cargados (Lista blanca) =============

2018-10-26 07:05 - 2013-02-18 08:22 - 000558592 _____ () [Archivo no firmado] C:\Program Files\Dual Monitor\ExplorerHook32.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000089088 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_ctypes.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000135680 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_elementtree.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001003008 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_hashlib.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000027648 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_multiprocessing.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000036864 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_psutil_windows.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000046080 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_socket.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001324032 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_ssl.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000020480 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_yappi.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000069120 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\bz2.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000014336 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\common.time34.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000007168 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\hashobjs_ext.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000218624 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\PIL._imaging.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000133120 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pyexpat.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000736256 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pysqlite2._sqlite.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000364544 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pythoncom27.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000110080 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pywintypes27.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000010240 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\select.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000017920 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\thumbnails_ext.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000686080 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\unicodedata.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000083456 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\usb_ext.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000098816 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32api.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000320512 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32com.shell.shell.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000011264 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32crypt.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000018432 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32event.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000119808 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32file.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000167936 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32gui.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000038912 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32inet.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000025600 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32pdh.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000024064 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32pipe.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000035840 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32process.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000017408 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32profile.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000108544 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32security.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000022528 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32ts.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000028160 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.conditional.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000032256 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.connectivity.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000058880 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.device_monitor.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000090624 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.volumes.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000017408 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.winwrap.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001067520 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._controls_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001177088 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._core_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000806912 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._gdi_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000077824 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._html2.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000733696 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._misc_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000816640 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._windows_.pyd
2020-03-05 23:11 - 2020-03-05 23:11 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim.esp
2009-01-14 20:03 - 2009-01-14 20:03 - 000032256 _____ (Embarcadero Technologies, Inc.) [Archivo no firmado] C:\Program Files\Panda Security\Panda Security Protection\BORLNDMM.DLL
2000-08-29 00:05 - 2000-08-29 00:05 - 000401462 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files\Common Files\firebird\bin\MSVCP60.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 002480128 _____ (Python Software Foundation) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\python27.dll
2004-12-13 00:05 - 2004-12-13 00:05 - 000356437 _____ (The Firebird Project) [Archivo no firmado] C:\Program Files\Common Files\firebird\bin\fbclient.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000035328 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000026112 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000020992 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 001181184 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 005010944 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 005139968 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 002234880 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 002950144 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 003084800 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000259584 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 004571648 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000438272 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000014848 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000014848 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000729088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000179712 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000073216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000101888 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000014848 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2020-03-20 12:43 - 2018-12-04 15:29 - 000124928 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000155136 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxbase30u_net_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 002030592 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxbase30u_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 001251328 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_adv_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 004796928 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_core_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000601088 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_html_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000110080 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_webview_vc90.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\fnmt.gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\gob.es -> hxxps://agenciatributaria.gob.es
IE trusted site: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\jcyl.es -> hxxps://www3.ae.jcyl.es
IE trusted site: HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\jcyl.es -> hxxp://www3.ae.jcyl.es

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 03:04 - 2015-09-09 07:16 - 000007249 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 3dns-2.adobe.com #192.150.22.22
127.0.0.1 3dns-3.adobe.com #192.150.14.21
127.0.0.1 3dns-4.adobe.com #192.150.18.247
127.0.0.1 3dns-5.adobe.com #192.150.22.46
127.0.0.1 adobe-dns.adobe.com #192.150.11.30
127.0.0.1 adobe-dns-2.adobe.com #192.150.11.247
127.0.0.1 adobe-dns-3.adobe.com #192.150.22.30
127.0.0.1 adobe.activate.com #69.175.22.26
127.0.0.1 activate.adobe.com #192.150.22.40
127.0.0.1 activate.wip3.adobe.com #192.150.22.40
127.0.0.1 activate.wip4.adobe.com #192.150.22.40
127.0.0.1 activate-sea.adobe.com #192.150.22.40
127.0.0.1 activate-sjc0.adobe.com #192.150.14.69
127.0.0.1 ereg.adobe.com #192.150.18.103
127.0.0.1 ereg.wip3.adobe.com #192.150.18.63
127.0.0.1 ereg.wip4.adobe.com #192.150.18.103
127.0.0.1 practivate.adobe.com #192.150.18.54
127.0.0.1 www.wip3.adobe.com #192.150.8.60
127.0.0.1 www.wip4.adobe.com #192.150.18.200
127.0.0.1 www.adobeereg.com #75.125.24.83
127.0.0.1 adobeereg.com #207.66.2.10
127.0.0.1 hl2rcv.adobe.com #192.150.14.174
127.0.0.1 wwis-dubc1-vip30.adobe.com #192.150.8.30
127.0.0.1 wwis-dubc1-vip31.adobe.com #192.150.8.31
127.0.0.1 wwis-dubc1-vip32.adobe.com #192.150.8.32
127.0.0.1 wwis-dubc1-vip33.adobe.com #192.150.8.33
127.0.0.1 wwis-dubc1-vip34.adobe.com #192.150.8.34
127.0.0.1 wwis-dubc1-vip35.adobe.com #192.150.8.35
127.0.0.1 wwis-dubc1-vip36.adobe.com #192.150.8.36
127.0.0.1 wwis-dubc1-vip37.adobe.com #192.150.8.37

Hay 102 más lineas.


==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Seagate Software\NOTES\;C:\Program Files\Seagate Software\NOTES\DATA\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chisco\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 80.58.61.254 - 80.58.61.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está deshabilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{861388C0-B9B9-48AA-A4A1-C8816096E312}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0C07381E-8CEC-424C-87D0-A2C73F59C0A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{58D4D3C5-263E-4981-AC24-DE2DCEED286E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe () [Archivo no firmado]
FirewallRules: [{3F3B4102-1D4C-435F-A469-4D5AC3E2A78B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe () [Archivo no firmado]
FirewallRules: [{92245852-418A-44DE-A267-41E003BBDA5F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E41B204-5561-4586-A235-974F197914CA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7D6902ED-5143-412D-86AB-7DE560337742}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E3C18D2-EA75-4BC3-B0ED-C86FD6E78391}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6CB78FE7-46DD-432B-8534-EA26813E9986}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe () [Archivo no firmado]
FirewallRules: [{9ADC5AAB-165C-4C32-97C8-A6F4F83F0BA5}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe () [Archivo no firmado]
FirewallRules: [{3FF200A2-B077-4972-9196-EC092841A371}] => (Allow) LPort=1688
FirewallRules: [{716B0F76-FD3A-4C55-AA51-7CBFC65FDC96}] => (Allow) C:\Program Files\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{699D9495-A1C6-43EC-B034-7387F0B5B70F}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8F42F117-2F62-40A7-A7FB-D14CB9124FB5}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CF8C5CDA-CFE4-4455-8CAE-B3CBF95A736C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1CE54B2F-5C62-4476-8982-D1B026F51828}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{40E8B246-50AA-41BA-8A8B-64D816A28D05}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{85950C0F-B292-4A83-B00F-970E81D5FB81}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{A97AFC43-DAB7-43FE-89CF-F5F1DE3E917F}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{F72157AA-95BE-4871-9340-A1D93EE63666}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{71A07B96-A34B-484A-A32B-A42400A2C436}] => (Allow) C:\Program Files\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{40242704-F39F-4B03-93AA-61B3FFB0BFB1}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe () [Archivo no firmado]
FirewallRules: [{D256C8AA-BD58-4241-8151-B1E2FE7D8567}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe () [Archivo no firmado]
FirewallRules: [{A7F750AD-C70B-4331-938E-801C9362F53A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe () [Archivo no firmado]
FirewallRules: [{F4309B07-7A1B-4D82-9ED2-BD5A3861F0D5}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe () [Archivo no firmado]

==================== Puntos de Restauración =========================

ATENCIÓN: Restaurar Sistema está deshabilitado (Total:394.85 GB) (Free:122.67 GB) (31%)


Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0B570B56)
Partition 1: (Active) - (Size=394.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=70.9 GB) - (Type=0F Extended)

==================== Final  Addition.txt =======================

Primeramente, desisntalas Spyhunter usando Revo, pues es un falso antivirus

Descarga e instalas >> Revo Uninstaller | InfoSpyware

Luego, segun manual de Revo >> http://www.forospyware.com/t243205.html, desinstalas el / los programas indicados, seleccionando cuando lo indique Revo, el Modo Avanzado

Marcas NOMBRE PROGRAMA y pulsas desinstalar en el menu de Revo, en Modo Avanzado

Cuando lo hagas, se iniciara el desinstalador de NOMBRE DE PROGRAMA y al finalizar (si alguno te pide reiniciar, pulsas en NO o Cancelar y continuas con Revo), realizas:

  • Pulsas Analizar en Revo, para que analice los restos del programa

  • Pulsas seleccionar todo, para eliminar restos del registro

  • Pulsas borrar todo

  • Pulsas siguiente

  • Pulsas seleccionar todo, para eliminar, si hay, carpetas

  • Pulsas borrar todo

  • Pulsas finalizar

Descargue la herramienta SystemLook a su escritorio:

:arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Haga doble clic al archivo SystemLook para ejecutarlo

  • Copie y pegue el texto del recuadro de aquí abajo en la ventana del programa y pulse en Look.


:filefind
acotray.exe
  • Espere unos segundos hasta que finalice la búsqueda.[*]Al acabar se abrirá el bloc de notas un reporte que debe copiar y pegar en este tema.

Nota: Ese reporte también quedará en el archivo SystemLook.txt de su escritorio.

1 me gusta
SystemLook 30.07.11 by jpshortstuff

Log created at 17:20 on 20/03/2020 by Chisco Administrator - Elevation successful

========== filefind ==========

Searching for “acotray.exe” No files found.

-= EOF =-

Es ejecutable no se encuentra en tu PC.

No sé dónde lo ves tú pero necesito que me pongas una captura de pantalla.

una vez que la hagas las adjntas usando la del símbolo de la flecha arriba que tienes en las respuestas

1 me gusta

enlace

te la adjunto y me temo que no me quedan muchos mas mensajes por ser nuevo, pero la verdad ahi sigue dando por saco la movida.

gracias d todos modos por los esfuerzos

es que me pusiste mal el nombre del ejecutable

  • Haga doble clic al archivo SystemLook para ejecutarlo

  • Copie y pegue el texto del recuadro de aquí abajo en la ventana del programa y pulse en Look.


:filefind
AcroTray.exe
  • Espere unos segundos hasta que finalice la búsqueda.[*]Al acabar se abrirá el bloc de notas un reporte que debe copiar y pegar en este tema.

Nota: Ese reporte también quedará en el archivo SystemLook.txt de su escritorio.

SystemLook 30.07.11 by jpshortstuff
Log created at 21:13 on 20/03/2020 by Chisco
Administrator - Elevation successful

========== filefind ==========

Searching for "AcroTray.exe"
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe	--a---- 5314096 bytes	[22:11 05/03/2020]	[22:11 05/03/2020] 08AC75523281C0CAD661B0002CC10438

-= EOF =-

muchas gracias

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: H - H:\Setup.exe -auto
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {c4888e49-527b-11e5-a4f9-00252239ad03} - H:\Setup.exe -auto
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {c4888e4c-527b-11e5-a4f9-00252239ad03} - H:\instapls.exe /AUTORUN
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {ef612835-5143-11e5-b00c-806e6f6e6963} - E:\DVDSetup.exe
S3 eapihdrv; \??\C:\Users\Chisco\AppData\Local\Temp\ehdrv.sys [X] <==== ATENCIÓN
S3 NTIOLib_1_0_C; \??\E:\NTIOLib.sys [X]
S2 sbmntr; \??\C:\PROGRA~1\YTDOWN~1\sbmntr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\PROGRA~1\YTDOWN~1
2015-09-09 07:07 - 2015-09-09 07:07 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc441E.tmp
2016-09-19 13:26 - 2016-09-19 13:26 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc6410.tmp
2015-09-09 07:06 - 2015-09-09 07:06 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc6FD7.tmp
2015-09-09 13:55 - 2015-09-09 13:55 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc8612.tmp
2017-01-31 09:10 - 2017-01-31 09:10 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc8D07.tmp
2017-04-19 17:04 - 2017-04-19 17:04 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc9910.tmp
2016-02-23 17:22 - 2016-02-23 17:22 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcB4F0.tmp
2016-03-02 09:33 - 2016-03-02 09:33 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcBD6F.tmp
2017-04-19 18:35 - 2017-04-19 18:35 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcC4A0.tmp
2016-02-17 08:19 - 2016-02-17 08:19 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcCC35.tmp
2015-09-09 07:24 - 2015-09-09 07:24 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcDBC2.tmp
2017-09-27 17:38 - 2017-09-27 17:38 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcEA4A.tmp
2016-03-16 09:40 - 2016-03-16 09:40 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcF4EE.tmp
2017-04-20 13:16 - 2017-04-20 13:16 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcFA68.tmp
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Chisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) ->  
2020-03-20 11:43 - 2020-03-20 11:43 - 000089088 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_ctypes.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000135680 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_elementtree.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001003008 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_hashlib.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000027648 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_multiprocessing.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000036864 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_psutil_windows.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000046080 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_socket.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001324032 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_ssl.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000020480 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_yappi.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000069120 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\bz2.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000014336 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\common.time34.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000007168 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\hashobjs_ext.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000218624 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\PIL._imaging.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000133120 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pyexpat.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000736256 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pysqlite2._sqlite.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000364544 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pythoncom27.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000110080 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pywintypes27.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000010240 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\select.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000017920 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\thumbnails_ext.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000686080 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\unicodedata.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000083456 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\usb_ext.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000098816 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32api.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000320512 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32com.shell.shell.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000011264 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32crypt.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000018432 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32event.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000119808 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32file.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000167936 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32gui.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000038912 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32inet.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000025600 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32pdh.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000024064 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32pipe.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000035840 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32process.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000017408 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32profile.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000108544 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32security.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000022528 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32ts.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000028160 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.conditional.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000032256 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.connectivity.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000058880 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.device_monitor.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000090624 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.volumes.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000017408 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.winwrap.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001067520 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._controls_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001177088 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._core_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000806912 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._gdi_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000077824 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._html2.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000733696 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._misc_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000816640 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._windows_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000155136 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxbase30u_net_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 002030592 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxbase30u_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 001251328 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_adv_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 004796928 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_core_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000601088 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_html_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000110080 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_webview_vc90.dll
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe



HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Ejecutas Frst.exe.

  • Presionas el botón Corregir y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

1 me gusta
Resultados de la corrección de Farbar Recovery Scan Tool (x86) Versión: 08-03-2020
Ejecutado por Chisco (20-03-2020 23:38:18) Run:1
Ejecutado desde C:\Users\Chisco\Downloads
Perfiles cargados: Chisco (Perfiles disponibles: Chisco)
Modo de Inicio: Normal

==============================================

fixlist contenido:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: H - H:\Setup.exe -auto
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {c4888e49-527b-11e5-a4f9-00252239ad03} - H:\Setup.exe -auto
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {c4888e4c-527b-11e5-a4f9-00252239ad03} - H:\instapls.exe /AUTORUN
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\...\MountPoints2: {ef612835-5143-11e5-b00c-806e6f6e6963} - E:\DVDSetup.exe
S3 eapihdrv; \??\C:\Users\Chisco\AppData\Local\Temp\ehdrv.sys [X] <==== ATENCI�N
S3 NTIOLib_1_0_C; \??\E:\NTIOLib.sys [X]
S2 sbmntr; \??\C:\PROGRA~1\YTDOWN~1\sbmntr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\PROGRA~1\YTDOWN~1
2015-09-09 07:07 - 2015-09-09 07:07 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc441E.tmp
2016-09-19 13:26 - 2016-09-19 13:26 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc6410.tmp
2015-09-09 07:06 - 2015-09-09 07:06 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc6FD7.tmp
2015-09-09 13:55 - 2015-09-09 13:55 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc8612.tmp
2017-01-31 09:10 - 2017-01-31 09:10 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc8D07.tmp
2017-04-19 17:04 - 2017-04-19 17:04 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slc9910.tmp
2016-02-23 17:22 - 2016-02-23 17:22 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcB4F0.tmp
2016-03-02 09:33 - 2016-03-02 09:33 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcBD6F.tmp
2017-04-19 18:35 - 2017-04-19 18:35 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcC4A0.tmp
2016-02-17 08:19 - 2016-02-17 08:19 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcCC35.tmp
2015-09-09 07:24 - 2015-09-09 07:24 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcDBC2.tmp
2017-09-27 17:38 - 2017-09-27 17:38 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcEA4A.tmp
2016-03-16 09:40 - 2016-03-16 09:40 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcF4EE.tmp
2017-04-20 13:16 - 2017-04-20 13:16 - 000000000 ____N () C:\Users\Chisco\AppData\Local\slcFA68.tmp
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Chisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) ->  
2020-03-20 11:43 - 2020-03-20 11:43 - 000089088 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_ctypes.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000135680 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_elementtree.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001003008 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_hashlib.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000027648 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_multiprocessing.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000036864 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_psutil_windows.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000046080 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_socket.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001324032 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_ssl.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000020480 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_yappi.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000069120 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\bz2.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000014336 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\common.time34.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000007168 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\hashobjs_ext.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000218624 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\PIL._imaging.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000133120 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pyexpat.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000736256 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pysqlite2._sqlite.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000364544 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pythoncom27.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000110080 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pywintypes27.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000010240 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\select.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000017920 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\thumbnails_ext.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000686080 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\unicodedata.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000083456 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\usb_ext.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000098816 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32api.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000320512 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32com.shell.shell.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000011264 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32crypt.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000018432 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32event.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000119808 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32file.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000167936 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32gui.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000038912 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32inet.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000025600 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32pdh.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000024064 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32pipe.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000035840 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32process.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000017408 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32profile.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000108544 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32security.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000022528 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32ts.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000028160 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.conditional.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000032256 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.connectivity.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000058880 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.device_monitor.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000090624 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.volumes.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000017408 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.winwrap.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001067520 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._controls_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 001177088 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._core_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000806912 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._gdi_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000077824 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._html2.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000733696 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._misc_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000816640 _____ () [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._windows_.pyd
2020-03-20 11:43 - 2020-03-20 11:43 - 000155136 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxbase30u_net_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 002030592 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxbase30u_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 001251328 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_adv_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 004796928 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_core_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000601088 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_html_vc90.dll
2020-03-20 11:43 - 2020-03-20 11:43 - 000110080 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_webview_vc90.dll
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe



HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: (0) Error al crear un punto de restauración.
Procesos cerrados correctamente.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => eliminado correctamente
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4888e49-527b-11e5-a4f9-00252239ad03} => eliminado correctamente
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4888e4c-527b-11e5-a4f9-00252239ad03} => eliminado correctamente
HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef612835-5143-11e5-b00c-806e6f6e6963} => eliminado correctamente
HKLM\System\CurrentControlSet\Services\eapihdrv => eliminado correctamente
eapihdrv => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\NTIOLib_1_0_C => eliminado correctamente
NTIOLib_1_0_C => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\sbmntr => eliminado correctamente
sbmntr => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VGPU => eliminado correctamente
VGPU => servicio eliminado correctamente
"C:\PROGRA~1\YTDOWN~1" => no encontrado
C:\Users\Chisco\AppData\Local\slc441E.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slc6410.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slc6FD7.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slc8612.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slc8D07.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slc9910.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slcB4F0.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slcBD6F.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slcC4A0.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slcCC35.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slcDBC2.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slcEA4A.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slcF4EE.tmp => movido correctamente
C:\Users\Chisco\AppData\Local\slcFA68.tmp => movido correctamente
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => eliminado correctamente
"BVTFilter" => eliminado correctamente
"BVTConsumer" => eliminado correctamente
C:\Users\Chisco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk => Acceso directo argumento eliminado correctamente
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_ctypes.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_elementtree.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_hashlib.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_multiprocessing.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_psutil_windows.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_socket.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_ssl.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\_yappi.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\bz2.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\common.time34.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\hashobjs_ext.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\PIL._imaging.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pyexpat.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pysqlite2._sqlite.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pythoncom27.dll" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\pywintypes27.dll" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\select.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\thumbnails_ext.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\unicodedata.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\usb_ext.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32api.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32com.shell.shell.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32crypt.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32event.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32file.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32gui.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32inet.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32pdh.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32pipe.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32process.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32profile.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32security.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\win32ts.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.conditional.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.connectivity.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.device_monitor.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.volumes.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\windows.winwrap.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._controls_.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._core_.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._gdi_.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._html2.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._misc_.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wx._windows_.pyd" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxbase30u_net_vc90.dll" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxbase30u_vc90.dll" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_adv_vc90.dll" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_core_vc90.dll" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_html_vc90.dll" => no encontrado
"C:\Users\Chisco\AppData\Local\Temp\_MEI57122\wxmsw30u_webview_vc90.dll" => no encontrado
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3742766960-1559033760-2549734497-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

Error al renovar la interfaz Conexi¢n de  rea local : El sistema no puede encontrar el archivo especificado.
 

Adaptador de Ethernet Conexi¢n de  rea local 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::c47d:b054:9763:7dc3%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.34
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::6048:f604:9a02:870a%11
   Puerta de enlace predeterminada . . . . . : 

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {70306C2E-95DE-4811-891D-7BE1C562DA4B}.
Unable to cancel {50A28FBB-BC15-4EF3-882B-C867F8BE3441}.
Unable to cancel {3AD30E0A-F315-4108-BCCC-D704D982C84F}.
Unable to cancel {999AF1DD-BCCB-4D78-910B-93B4236F2A04}.
Unable to cancel {27C03C7B-2746-4BF6-A3D9-5BD80067BD62}.
0 out of 5 jobs canceled.

========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16335804 B
Java, Flash, Steam htmlcache => 1128 B
Windows/system/drivers => 54935499 B
Edge => 0 B
Chrome => 43301578 B
Firefox => 24910781 B
Opera => 799744 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 29617090 B
LocalService => 29699702 B
NetworkService => 29770406 B
Chisco => 126291086 B
UpdatusUser => 126291086 B

RecycleBin => 77973188 B
EmptyTemp: => 542.2 MB datos temporales Eliminados.

================================


El sistema necesita reiniciarse.

==== Final  Fixlog 23:39:00 ====

y como va todo???..

hola

buenos dias, ahora aparece dicho mensaje, no se que esta pasando… la verdad al final me da que toca formatear de todos modos muchisimas gracias.

Tranqui ,que lo solucionaremos.

Ese aviso es porque el registro de windows trata de iniciar un programa que ya no esta

Descargas y descomprimes >> https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

Ejecutas el autoruns.exe y cuando cargue todo, pulsas en File >> save y seleccionas en el desplegable, formato .txt y lo guardas.

Luego usando el simbolo flecha arriba de tu respuesta, me adjuntas ese log

CH-PC.txt (91,4 KB)

buenos dias. el tema es que cada vez que doy boton derecho del raton… pues se me bloquea todo el pc imagino porque no carga dicho tema.

un saludo y repito muchisimas gracias

Vamos a ir a lo mas rapido, espero

Desinstalas.

Adobe Acrobat Reader DC -

Luego si sigue en panel de contro la otra entrada, la eliminas tambien

Adobe Acrobat DC

Reincias el pc y comentas

1 me gusta

buenos dias

si voy a eliminar ambos adobes, con revo entiendo y luego intentare instalar, aprovechare y buscare un limpiador del disco duro ya que seguro que hay mierda oculta que ni se que es y que con ccleaner no se borra, si me puedes decir encantado.

de todos modos gracias y como digo elimino instalo otra vez y comento, es lo que tiene estar encerrado que se puede hacer rapido