Mi pc lenta

#1

Tenia cerca de 4 años sin abrir mi pc y la consigo lenta, aparte de que me envia a la bios la cual no se bien configurar la. gracias. quisiera una revisión por favor.

0 me gusta

#2

Hola

Como es eso que te enviar a la Bios …

Debieras subir una imagen para ver eso …

Si hace 4 años no la abrís, como Mínimo debes hacer varias cosas …

Una limpieza de los componentes internos (Hardware), que incluye la renovación de la pasta térmica y sobre todo, la actualización completa del sistema Operativo.

Danos mas precisiones sobre el tema …

0 me gusta

#3

Gracias. La actualización del sistema operativo, el mio es Windows7, supone descargar por window update?. .Lo de la pasta térmica esperaría a conseguir un reales. Cuando prendo la pc, va a una pantalla azul rápidamente donde me indica que pulse F2 para esto, F3 para aquello, F6 , o F9 ; al marcar una de ellas me lleva a la bios las otras no recuerdo. No se como sacar una imagen de ello. Agradecido por su atención

0 me gusta

#4

Hola

Vamos por partes. Primero va la limpieza interna de los componentes internos del PC.

Después hay que instalar Todas las actualizaciones disponibles desde Windows Update.

Cuando termines eso, avísame y continuamos.

Saludos

0 me gusta

#5

De acuerdo. Me dispondre hacerlo. gracias

0 me gusta

#6

De nuevo por aqui, Ya se hizo limpieza interna y se instalaron las actualizaciones desde Windows Update. a la espera y muchas gracias. Un detalle en las actualizaciones no se instalo bien visual c** 2012 ademas que esta instalado doblemente y no se dejo reinstalar.

0 me gusta

#7

Hola

Realiza el siguiente procedimiento:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos:

CCleaner

Lo ejecutas usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado marcando todas las unidades
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner y Malwarebytes.

Guía: Como Pegar reportes en el Foro

Nos comentas.

Saludos

0 me gusta

#8

Esperando haberlo hecho bien. Agradecido


# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-25.2 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-04-2019
# Duration: 00:00:06
# OS:       Windows 7 Ultimate
# Cleaned:  56
# Failed:   0


***** [ Services ] *****

Deleted       tscmon
Deleted       ReimageRealTimeProtector

***** [ Folders ] *****

Deleted       C:\ProgramData\IObit\Advanced SystemCare V7
Deleted       C:\Users\Carlos\AppData\Roaming\IObit\Advanced SystemCare V7
Deleted       C:\ProgramData\IObit\Advanced SystemCare V8
Deleted       C:\Program Files\Common Files\IObit\Advanced SystemCare V8
Deleted       C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V8
Deleted       C:\Users\Carlos\AppData\LocalLow\IObit\Advanced SystemCare V8
Deleted       C:\Users\Carlos\AppData\Roaming\IObit\Advanced SystemCare V8
Deleted       C:\Users\Carlos\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\ProgramData\Reimage Protector
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Protector
Deleted       C:\Program Files\Reimage

***** [ Files ] *****

Deleted       C:\Windows\System32\drivers\asrdmon.sys
Deleted       C:\Windows\Temp\reimage.log
Deleted       C:\Users\Carlos\AppData\Local\Temp\reimage.log
Deleted       C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\Driver Booster Scheduler
Deleted       C:\Windows\System32\Tasks\ReimageUpdater

***** [ Registry ] *****

Deleted       HKLM\Software\IObit\RealTimeProtector
Deleted       HKLM\Software\IOBIT\ASC
Deleted       HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted       HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted       HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted       HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted       HKCU\Software\drpsu
Deleted       HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted       HKLM\Software\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted       HKLM\Software\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted       HKLM\Software\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted       HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted       HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted       HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted       HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF7F3AB5-27DA-4981-AA26-F6D8F4F596BB}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector
Deleted       HKCU\Software\Reimage
Deleted       HKLM\Software\Reimage
Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted       HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31A8A94E-C9C0-4310-BEC2-89A7B89733EF}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater
Deleted       HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}

***** [ Chromium (and derivatives) ] *****

Deleted       mnanplinmmnjhobaliikmelmmjpoogkb
Deleted       pelmeidfhdlhlbjimpabfcbnnojbboma

***** [ Chromium URLs ] *****

Deleted       istartsurf
Deleted       iZito.com
Deleted       Softonic ES

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6009 octets] - [04/02/2019 18:54:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########



Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 5/2/19
Hora del análisis: 16:08
Archivo de registro: c3cb38ca-2981-11e9-87b9-bc5ff440f1e3.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.527
Versión del paquete de actualización: 1.0.9132
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: Carlos-PC\Carlos

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 257789
Amenazas detectadas: 51
Amenazas en cuarentena: 51
Tiempo transcurrido: 2 hr, 35 min, 37 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 8
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASC8_SkipUac_Carlos, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BF5181E3-8D37-441B-94B3-8495F97350DD}, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{BF5181E3-8D37-441B-94B3-8495F97350DD}, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0407D14-269B-4E52-893C-440DA17813C3}, En cuarentena, [532], [621110],1.0.9132
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{21A9C99D-CCD8-42BD-AFC9-B074ABCA319F}, En cuarentena, [532], [621110],1.0.9132
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{40BD26C6-3139-47F3-84E6-E33B002ED5DE}, En cuarentena, [532], [621110],1.0.9132
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{70AF754A-8580-4C00-B2BA-857037BE831F}, En cuarentena, [532], [621110],1.0.9132
PUP.Optional.InstallCore.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{963D710B-65FA-4C8F-A0F8-D1D6D7E39037}, En cuarentena, [532], [621110],1.0.9132

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 43
PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC8_SkipUac_Carlos, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\ASC.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.Reimage, C:\ADWCLEANER\QUARANTINE\V1\20190204.185737\33\REIMAGE\REIMAGE PROTECTOR\PROTECTORUPDATER.EXE#DF592EDC48F9D90B, En cuarentena, [334], [388085],1.0.9132
PUP.Optional.Reimage, C:\ADWCLEANER\QUARANTINE\V1\20190204.185737\33\REIMAGE\REIMAGE PROTECTOR\REIGUARD.EXE#A609E9ADB746846F, En cuarentena, [334], [327181],1.0.9132
PUP.Optional.Reimage, C:\ADWCLEANER\QUARANTINE\V1\20190204.185737\33\REIMAGE\REIMAGE PROTECTOR\REIPROTECTORM.EXE#30E6C24838A506F9, En cuarentena, [334], [327181],1.0.9132
PUP.Optional.Reimage, C:\ADWCLEANER\QUARANTINE\V1\20190204.185737\33\REIMAGE\REIMAGE PROTECTOR\REISYSTEM.EXE#4AC4EF6BB53A8F21, En cuarentena, [334], [327181],1.0.9132
PUP.Optional.Reimage, C:\ADWCLEANER\QUARANTINE\V1\20190204.185737\33\REIMAGE\REIMAGE PROTECTOR\REI_AVIRA.EXE#04D8644FB7EE7B36, En cuarentena, [334], [327181],1.0.9132
PUP.Optional.Reimage, C:\ADWCLEANER\QUARANTINE\V1\20190204.185737\33\REIMAGE\REIMAGE PROTECTOR\REISCANNER.EXE#F151B34C3698635E, En cuarentena, [334], [327181],1.0.9132
PUP.Optional.Reimage, C:\ADWCLEANER\QUARANTINE\V1\20190204.185737\33\REIMAGE\REIMAGE PROTECTOR\UNINST.EXE#91A072017D7C9386, En cuarentena, [334], [388085],1.0.9132
PUP.Optional.InstallCore.Generic, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Music Search MP3.lnk, En cuarentena, [532], [621110],1.0.9132
PUP.Optional.InstallCore.Generic, C:\USERS\PUBLIC\DESKTOP\Music Search MP3.lnk, En cuarentena, [532], [621110],1.0.9132
PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES\DSNET CORP\ATUBE CATCHER 2.0\YCT.EXE, En cuarentena, [532], [621110],1.0.9132
PUP.Optional.InstallCore.Generic, C:\PROGRAM FILES\DSNET CORP\ATUBE CATCHER 2.0\EWORKER.EXE, En cuarentena, [532], [621110],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\DRIVERS\WIN7_AMD64\REGISTRYDEFRAGBOOTTIME.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\DRIVERS\WIN7_X86\REGISTRYDEFRAGBOOTTIME.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\DRIVERS\WLH_AMD64\REGISTRYDEFRAGBOOTTIME.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\DRIVERS\WLH_X86\REGISTRYDEFRAGBOOTTIME.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\DRIVERS\WNET_AMD64\REGISTRYDEFRAGBOOTTIME.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\DRIVERS\WNET_X86\REGISTRYDEFRAGBOOTTIME.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\DRIVERS\WXP_AMD64\REGISTRYDEFRAGBOOTTIME.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\DRIVERS\WXP_X86\REGISTRYDEFRAGBOOTTIME.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\ASCDOWNLOAD.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\ASCINIT.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\ASCUPGRADE.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\AUTOCARE.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\AUTOSWEEP.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\BROWSERCLEANER.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\DISKDEFRAG.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\DISPLAY.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\OFCOMMON.DLL, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\PERFORMUPDATE.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\REGISTER.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\REPORT.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\REPROCESS.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\RESCUECENTER.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\AUTOUPDATE.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\NFEATURES.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\TASKHELPER.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\MONITORDISK.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES\IOBIT\ADVANCED SYSTEMCARE 8\WIZARD.EXE, En cuarentena, [3814], [396386],1.0.9132
PUP.Optional.Reimage, C:\USERS\CARLOS\DESKTOP\VISUAL C++\REIMAGEREPAIR.EXE, En cuarentena, [334], [331559],1.0.9132
RiskWare.RevealerKeylogger, C:\USERS\CARLOS\DOCUMENTS\MEGASYNC\SETUP_RK_FREE_229_S.EXE, En cuarentena, [9256], [580659],1.0.9132
PUP.Optional.SlimCleanerPlus, G:\PROGRAMAS\SLIMDRIVERS-SETUP.EXE, En cuarentena, [1486], [472306],1.0.9132

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
0 me gusta

#9

Hola

Realiza las siguientes acciones:

Análisis del PC con Eset Online Scaner : Manual de Uso

Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso

NOTAS IMPORTANTES:

  1. En Tu próxima respuesta, debes pegar ambos reportes.

  2. Debes copiar y pegar los reportes solicitados con todo su contenido. Usaras varios mensajes si recibes un mensaje de error indicando que es muy largo (mas de 50.000 caracteres aprox.).

Guía: Como Pegar reportes en el Foro

  1. Nos comentas como sigue el problema original por el que abriste el tema.

Saludos

0 me gusta

#10

Buen día, creo que no realice lo debido al correr el Eset Online Scaner y no consigo el informe del análisis lo que si veo son los archivos en cuarentena los cuales no puedo copiar, Espero de usted. Gracias

0 me gusta

#11

Hola

Descargá la herramienta Delfix a Tu escritorio.

Ejecutala, Tildá la casilla Remove disinfection tools y presioná Run

Al terminar Se abrirá un reporte llamado DelFix.txt, verifica que se hayan eliminado las herramientas usadas para desinfectar el Pc.

Actualiza Malwarebytes y hace un nuevo escaneo completo del sistema, eliminando todo lo que encuentre.

Espero ese nuevo reporte.

Saludos

0 me gusta

#12

Buenas tardes, aquí el informe. Con el anterior, Delfix, se borraron las herramientas menos este Malwarebytes el cual utilice para el escaneo. gracias.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 14/2/19
Hora del análisis: 16:46
Archivo de registro: 9273982a-3099-11e9-96aa-bc5ff440f1e3.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.527
Versión del paquete de actualización: 1.0.9268
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: Carlos-PC\Carlos

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 185694
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 5 min, 32 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
0 me gusta

#13

Hola

1. Descarga CCleaner a Tu escritorio. Siguiendo Su manual, lo instalas y ejecutas y utiliza las dos opciones del Uso Simple (Limpiador y Registro) del mismo, tal como se explican en el manual.

2. Realiza un análisis completo del Disco duro, siguiendo esta guía: Análisis y Escaneo del Disco Duro

3. Libera espacio de los discos siguiendo esta guía: Liberar espacios en Discos y Particiones

4. Desfragmenta el/los discos duros y particiones del PC, siguiendo esta guía: Desfragmentar Discos y Particiones

Nos comentas como sigue el funcionamiento del PC.

Saludos

0 me gusta

#14

Buen dia, ejecute los 4 pasos. En lo que refiere a Desfragmentar el disco C: indica que el mismo esta en un 94% fragmentado, lo que sugiere que no se debe desfragmentar; este paso lo hice con la app que tengo en la pc Tuneup utilities, ya que no logre hacerlo por lo indicado. La pc tarda mas o menos 2 minutos en cargar bien, aparte de que abro por lo menos cualquier carpeta y se nota que tarda. Gracias

0 me gusta

#15

amigo leo quedamos hasta aqui. Gracias

0 me gusta

#16

Hola

Desactiva temporalmente tu antivirus y cualquier programa de seguridad que tengas en funciones.

Descarga Farbar Recovery Scan Tool en el escritorio de Tu PC. Selecciona la versión adecuada para la arquitectura (32 o 64bits) de tu equipo.

Como saber si Mi Windows es de 32 0 64 Bits`

  • Ejecuta FRST.exe
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

En Tu próxima respuesta, debes pegar los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Guía: Como Pegar reportes en el Foro

Saludos

0 me gusta

#17
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-03-2019
Ran by Carlos (administrator) on CARLOS-PC (01-03-2019 23:50:15)
Running from C:\Users\Carlos\Desktop
Loaded Profiles: Carlos (Available Profiles: Carlos)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files\USB Safely Remove\USBSRService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Nero AG -> Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(TuneUp Software GmbH -> TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(TuneUp Software GmbH -> TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [221576 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [WDM_DRMKAUD] => C:\Windows\inf\WDMAUDIO.inf [9172 2018-12-08] (Microsoft Windows -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\Run: [USB Safely Remove] => C:\Program Files\USB Safely Remove\USBSafelyRemove.exe [6544992 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\system32\ff_vfw.dll [79360 2012-02-26] () [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [240640 2011-05-30] () [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\system32\DivXa32.acm [291408 2000-04-01] (Packed With Joy !) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\LameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-25] (Google LLC -> Google Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-12-04] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{280528F6-FB7D-4438-919B-F51240DA1340}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3331B6DA-BE1E-443A-A6A2-35D124498494}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\pfdir8oe.default [2019-02-23]
FF user.js: detected! => C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\pfdir8oe.default\user.js [2015-08-06]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\pfdir8oe.default\Extensions\[email protected] [2019-02-16]
FF Extension: (Avast Online Security) - C:\Users\Carlos\AppData\Roaming\Mozilla\Firefox\Profiles\pfdir8oe.default\Extensions\[email protected] [2019-02-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc -> Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-17] (Google Inc -> Google Inc.)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "chrome://newtab/"
CHR Profile: C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default [2019-03-01]
CHR Extension: (Documentos) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-24]
CHR Extension: (Google Drive) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-17]
CHR Extension: (MEGA) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2019-03-01]
CHR Extension: (YouTube) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-24]
CHR Extension: (Facebook) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-12-03]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-23]
CHR Extension: (Búsqueda de Google) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-27]
CHR Extension: (ColorMandala) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbafebdejmcgpbfkppndjeajebpppnei [2014-12-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-12-11]
CHR Extension: (Avast Passwords) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-01-10]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-08-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-25]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-02-27]
CHR Extension: (Avast Online Security) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-19]
CHR Extension: (Skype) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-11-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-24]
CHR Extension: (hxxps://login.live.com/login.srf?wa=wsignin1.) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiaafcnnfdejnhbnkidgacaagpjkcjc [2015-07-09]
CHR Extension: (Outlook.com) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-12-03]
CHR Extension: (Gmail) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-09]
CHR Profile: C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-02-15]
CHR Profile: C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-02-15]
CHR Extension: (Documentos) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-04]
CHR Extension: (Google Drive) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-17]
CHR Extension: (YouTube) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-04]
CHR Extension: (Búsqueda de Google) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-01-04]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-04]
CHR Extension: (Avast Online Security) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-01-04]
CHR Extension: (Skype) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-01-04]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-04]
CHR Extension: (Gmail) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-04]
CHR Extension: (Chrome Media Router) - C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-04]
CHR Profile: C:\Users\Carlos\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [5458712 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [309480 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit Information Technology -> IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435016 2014-12-03] (TuneUp Software GmbH -> TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1044808 2009-12-10] (TuneUp Software GmbH -> TuneUp Software)
R2 USBSafelyRemoveService; C:\Program Files\USB Safely Remove\USBSRService.exe [1176672 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34488 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [171128 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [188784 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [158096 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [255224 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [51128 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [188712 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139296 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [785584 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [401632 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [162632 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [110088 2018-12-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-08-27] (Martin Malik - REALiX -> REALiX(tm))
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [9037312 2012-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [110280 2013-11-29] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [48280 2014-12-29] (ManyCam LLC -> Visicom Media Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-02-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2019-03-01] (Malwarebytes Corporation -> Malwarebytes)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [30488 2014-12-28] (ManyCam LLC -> Visicom Media Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb.sys [22784 2008-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [10064 2009-10-14] (TuneUp Software GmbH -> TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [565424 2013-12-16] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S1 asrdmon; \SystemRoot\system32\drivers\asrdmon.sys [X]
S3 Movilnet; system32\DRIVERS\movilnetusbser.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-01 23:50 - 2019-03-01 23:51 - 000022306 _____ C:\Users\Carlos\Desktop\FRST.txt
2019-03-01 23:45 - 2019-03-01 23:50 - 000000000 ____D C:\FRST
2019-03-01 23:10 - 2019-03-01 23:10 - 001801372 _____ C:\Users\Carlos\Desktop\4_5877589700067198606.pdf
2019-03-01 22:42 - 2019-03-01 22:47 - 001793024 _____ (Farbar) C:\Users\Carlos\Desktop\FRST.exe
2019-03-01 21:47 - 2019-03-01 21:47 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-28 20:24 - 2019-03-01 21:47 - 000000000 ____D C:\Users\Carlos\AppData\Roaming\USBSafelyRemove
2019-02-28 20:24 - 2019-02-28 20:24 - 000001067 _____ C:\Users\Carlos\Desktop\USB Safely Remove.lnk
2019-02-28 20:24 - 2019-02-28 20:24 - 000000000 ____D C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\USB Safely Remove
2019-02-28 20:24 - 2019-02-28 20:24 - 000000000 ____D C:\ProgramData\USBSRService
2019-02-28 20:24 - 2019-02-28 20:24 - 000000000 ____D C:\Program Files\USB Safely Remove
2019-02-26 18:36 - 2019-01-27 10:32 - 000348760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-02-26 18:36 - 2019-01-25 20:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-26 18:36 - 2019-01-25 20:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-02-26 18:36 - 2019-01-25 20:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-02-26 18:36 - 2019-01-25 20:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-26 18:36 - 2019-01-25 19:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-02-26 18:36 - 2019-01-25 19:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-02-26 18:36 - 2019-01-25 19:56 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-02-26 18:36 - 2019-01-25 19:48 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-02-26 18:36 - 2019-01-25 19:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-02-26 18:36 - 2019-01-25 19:40 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-02-26 18:36 - 2019-01-25 19:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-02-26 18:36 - 2019-01-25 19:37 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-02-26 18:36 - 2019-01-25 19:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-26 18:36 - 2019-01-25 19:32 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-02-26 18:36 - 2019-01-25 19:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-02-26 18:36 - 2019-01-25 19:30 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-02-26 18:36 - 2019-01-25 19:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-02-26 18:36 - 2019-01-25 19:29 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-02-26 18:36 - 2019-01-25 19:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-26 18:36 - 2019-01-25 19:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-02-26 18:36 - 2019-01-25 19:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-02-26 18:36 - 2019-01-15 02:55 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-02-26 18:36 - 2019-01-15 02:54 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-02-26 18:36 - 2019-01-15 02:52 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-02-26 18:36 - 2019-01-15 02:52 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-02-26 18:36 - 2019-01-15 02:52 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-02-26 18:36 - 2019-01-15 02:52 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-02-26 18:36 - 2019-01-15 02:52 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-02-26 18:36 - 2019-01-15 02:30 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-02-26 18:36 - 2019-01-15 02:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-02-26 18:36 - 2019-01-15 02:29 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-02-26 18:36 - 2019-01-11 22:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-26 18:36 - 2019-01-11 22:55 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-02-26 18:36 - 2019-01-11 22:36 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2019-02-26 18:36 - 2019-01-11 22:36 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2019-02-26 18:36 - 2019-01-11 22:36 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2019-02-26 18:36 - 2019-01-08 22:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-02-26 18:36 - 2019-01-08 22:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-26 18:36 - 2019-01-08 22:58 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-02-26 18:36 - 2019-01-08 22:58 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-02-26 18:36 - 2019-01-08 22:58 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-02-26 18:36 - 2019-01-08 22:57 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-02-26 18:36 - 2019-01-08 22:55 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-02-26 18:36 - 2019-01-08 22:55 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-02-26 18:36 - 2019-01-08 22:40 - 000026496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-26 18:36 - 2019-01-08 22:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-02-26 18:36 - 2019-01-08 22:36 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-02-26 18:36 - 2019-01-08 22:34 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-02-26 18:36 - 2019-01-08 22:34 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-26 18:36 - 2019-01-08 22:34 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-26 18:36 - 2019-01-08 22:33 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-02-26 18:36 - 2019-01-07 13:15 - 002405376 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-26 18:36 - 2019-01-01 12:01 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-02-26 18:36 - 2019-01-01 11:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-26 18:36 - 2019-01-01 11:39 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-02-26 18:36 - 2018-12-28 15:48 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-02-26 18:36 - 2018-12-28 15:48 - 000582144 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-02-26 18:36 - 2018-12-28 15:48 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-02-26 18:36 - 2018-12-04 11:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-02-26 18:36 - 2018-12-02 11:55 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-02-26 18:35 - 2019-01-25 20:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-02-26 18:35 - 2019-01-25 20:18 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-02-26 18:35 - 2019-01-25 20:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-02-26 18:35 - 2019-01-25 20:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-02-26 18:35 - 2019-01-25 20:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-02-26 18:35 - 2019-01-25 20:00 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-02-26 18:35 - 2019-01-25 19:59 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-02-26 18:35 - 2019-01-25 19:57 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-02-26 18:35 - 2019-01-25 19:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-02-26 18:35 - 2019-01-25 19:51 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-02-26 18:35 - 2019-01-25 19:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-02-26 18:35 - 2019-01-25 19:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-02-26 18:35 - 2019-01-25 19:43 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-02-26 18:35 - 2019-01-25 19:30 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-02-26 18:35 - 2019-01-15 02:52 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-02-26 18:35 - 2019-01-15 02:52 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-02-26 18:35 - 2019-01-15 02:52 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-02-26 18:35 - 2019-01-15 02:52 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-02-26 18:35 - 2019-01-15 02:52 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-02-26 18:35 - 2019-01-15 02:52 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-02-26 18:35 - 2019-01-15 02:52 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-02-26 18:35 - 2019-01-15 02:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-02-26 18:35 - 2019-01-15 02:52 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-02-26 18:35 - 2019-01-15 02:51 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-02-26 18:35 - 2019-01-15 02:51 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-02-26 18:35 - 2019-01-15 02:33 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-02-26 18:35 - 2019-01-15 02:30 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-02-26 18:35 - 2019-01-15 02:30 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-02-26 18:35 - 2019-01-15 02:29 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-02-26 18:35 - 2019-01-08 22:55 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-02-26 18:35 - 2019-01-08 22:55 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-02-26 18:35 - 2019-01-08 22:55 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-02-26 18:35 - 2019-01-08 22:55 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-02-26 18:35 - 2019-01-08 22:55 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-02-26 18:35 - 2019-01-08 22:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-02-26 18:35 - 2019-01-08 22:40 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-02-26 18:35 - 2019-01-08 22:40 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-02-26 18:35 - 2019-01-08 22:37 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-02-26 18:35 - 2019-01-08 22:37 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-02-26 18:35 - 2019-01-08 22:37 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-02-26 18:35 - 2019-01-08 22:37 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-02-26 18:35 - 2019-01-08 22:35 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-02-26 18:35 - 2019-01-08 22:33 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-02-26 18:35 - 2019-01-08 22:33 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-02-26 18:35 - 2019-01-08 22:33 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-02-26 18:35 - 2019-01-08 22:33 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-02-26 18:35 - 2019-01-08 22:33 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-02-26 18:35 - 2019-01-01 11:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-02-26 18:35 - 2019-01-01 11:58 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-02-26 18:35 - 2019-01-01 11:57 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-02-26 18:35 - 2019-01-01 11:57 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-02-26 18:35 - 2018-12-28 15:48 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-02-26 18:35 - 2018-12-28 15:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-02-26 18:35 - 2018-12-04 11:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2019-02-23 20:14 - 2019-02-23 22:56 - 000000000 ____D C:\Users\Carlos\AppData\Roaming\.minecraft
2019-02-17 20:38 - 2019-02-17 20:38 - 000002983 _____ C:\Users\Carlos\Desktop\dd_vcredist_x86_20190217203713.log-VISUAL C++2012.txt
2019-02-17 16:22 - 2019-02-17 21:01 - 000000000 ____D C:\Users\Carlos\Desktop\Nueva carpeta
2019-02-17 11:51 - 2019-02-17 11:51 - 000188712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-02-17 11:46 - 2019-02-17 11:45 - 000310664 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-02-16 19:45 - 2019-02-16 19:45 - 000045241 _____ C:\Users\Carlos\Desktop\DIOS PERDONÓ A VENEZUELA.pdf
2019-02-15 22:23 - 2019-02-15 22:25 - 000012634 _____ C:\Users\Carlos\Desktop\cc_20190215_222343.reg
2019-02-15 22:16 - 2019-02-15 22:32 - 000000000 ____D C:\Program Files\CCleaner
2019-02-15 22:16 - 2019-02-15 22:16 - 000000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-15 22:16 - 2019-02-15 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-02-13 19:43 - 2019-02-13 19:43 - 000000346 _____ C:\Users\Carlos\Desktop\DelFix.txt
2019-02-13 19:42 - 2019-02-13 19:43 - 000000346 _____ C:\DelFix.txt
2019-02-10 08:42 - 2019-02-10 08:47 - 000000000 ____D C:\Users\Carlos\Desktop\OTRO-CHEQUEO
2019-02-09 14:38 - 2019-02-09 14:39 - 000132255 _____ C:\Users\Carlos\Desktop\WhatsApp Image 2019-02-09 at 14.05.16.jpeg
2019-02-08 22:00 - 2019-02-08 22:00 - 000000000 ____D C:\Users\Carlos\AppData\Local\ESET
2019-02-08 20:19 - 2019-02-08 20:20 - 000000000 ____D C:\Users\Carlos\Desktop\PDF
2019-02-08 20:18 - 2019-02-08 22:23 - 000000000 ____D C:\Users\Carlos\Desktop\NOTAS
2019-02-05 21:06 - 2019-02-05 21:06 - 000000000 ____D C:\Users\Carlos\Desktop\contra web
2019-02-04 20:16 - 2019-02-04 20:16 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-02-04 20:14 - 2019-02-04 20:14 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-04 20:14 - 2019-02-04 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-04 20:14 - 2018-12-04 08:09 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-02-04 19:20 - 2019-03-01 22:40 - 000000000 ____D C:\Users\Carlos\Desktop\CHEQUEO PC
2019-02-04 18:11 - 2019-02-04 18:11 - 000000000 ____D C:\Users\Carlos\AppData\Local\mbamtray
2019-02-04 18:11 - 2019-02-04 18:11 - 000000000 ____D C:\Users\Carlos\AppData\Local\mbam
2019-02-04 18:10 - 2019-02-04 18:10 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-01 23:23 - 2019-02-24 19:18 - 000000000 ___RD C:\Users\Carlos\CARLOS-PC
2019-02-01 23:23 - 2019-02-01 23:23 - 000000528 ____R C:\Users\Carlos\MediaID.bin

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-01 22:10 - 2009-07-14 00:34 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-03-01 22:10 - 2009-07-14 00:34 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-03-01 21:56 - 2015-02-05 22:11 - 005611008 ___SH C:\Users\Carlos\Desktop\Thumbs.db
2019-03-01 21:46 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-27 19:03 - 2011-01-22 06:31 - 000751538 _____ C:\Windows\system32\perfh00A.dat
2019-02-27 19:03 - 2011-01-22 06:31 - 000160562 _____ C:\Windows\system32\perfc00A.dat
2019-02-27 19:03 - 2010-11-20 17:01 - 001687570 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-27 19:03 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf
2019-02-27 18:57 - 2009-07-14 00:33 - 000437424 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-27 18:53 - 2014-12-03 18:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-02-27 18:52 - 2015-05-15 12:00 - 000000000 ____D C:\Windows\system32\MRT
2019-02-27 18:43 - 2015-05-15 12:00 - 126228304 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-26 14:09 - 2015-07-19 19:35 - 000000000 ____D C:\ProgramData\ProductData
2019-02-25 17:33 - 2014-12-03 18:59 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-25 17:33 - 2014-12-03 18:59 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-24 19:56 - 2014-12-03 16:22 - 000000000 ____D C:\Users\Carlos
2019-02-24 09:02 - 2018-12-02 18:19 - 000000000 ____D C:\Users\Carlos\AppData\Local\AVAST Software
2019-02-23 22:58 - 2018-12-14 22:33 - 000000000 ____D C:\Users\Carlos\AppData\Roaming\vlc
2019-02-23 14:56 - 2018-12-19 19:47 - 000000000 ____D C:\Users\Carlos\AppData\LocalLow\Mozilla
2019-02-21 20:16 - 2018-11-19 20:49 - 000000000 ___HD C:\Users\Carlos\Documents\Youcam
2019-02-20 05:09 - 2018-12-08 21:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-02-20 05:09 - 2014-12-03 17:58 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-02-19 15:24 - 2014-12-03 17:58 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-18 13:34 - 2019-01-06 11:15 - 000000000 ___HD C:\Users\Carlos\Desktop\Las habilidades curativas de los árboles
2019-02-18 12:07 - 2009-07-14 00:53 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-02-17 15:21 - 2014-12-04 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-02-17 15:21 - 2014-12-03 18:54 - 000000000 ____D C:\Program Files\Java
2019-02-17 14:19 - 2014-12-30 18:39 - 000000000 ____D C:\ProgramData\Apple
2019-02-17 11:52 - 2014-12-03 16:58 - 000401632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-02-17 11:46 - 2018-12-02 16:09 - 000040688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-02-17 11:46 - 2015-04-11 22:17 - 000162632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-02-17 11:46 - 2015-04-11 22:02 - 000100984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-02-17 11:46 - 2015-04-11 22:01 - 000310200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-02-17 11:46 - 2015-04-11 22:01 - 000072800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-02-17 11:46 - 2014-12-03 16:57 - 000139296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-02-17 11:45 - 2019-01-14 14:10 - 000188784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-02-17 11:45 - 2019-01-06 10:48 - 000255224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-02-17 11:45 - 2019-01-06 10:48 - 000158096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-02-17 11:45 - 2019-01-06 10:48 - 000051128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-02-17 11:45 - 2019-01-06 10:48 - 000034488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-02-17 11:45 - 2018-12-02 16:09 - 000171128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-02-17 11:45 - 2015-04-11 22:01 - 000785584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-02-16 12:14 - 2009-07-13 22:03 - 061341696 _____ C:\Windows\system32\config\SOFTWARE_tureg_old
2019-02-16 12:14 - 2009-07-13 22:03 - 016515072 _____ C:\Windows\system32\config\SYSTEM_tureg_old
2019-02-16 12:14 - 2009-07-13 22:03 - 000262144 _____ C:\Windows\system32\config\SECURITY_tureg_old
2019-02-16 12:10 - 2009-07-13 22:03 - 001835008 _____ C:\Windows\system32\config\DEFAULT_tureg_old
2019-02-16 12:10 - 2009-07-13 22:03 - 000262144 _____ C:\Windows\system32\config\SAM_tureg_old
2019-02-15 22:19 - 2014-12-03 19:01 - 000000000 ____D C:\Users\Carlos\AppData\Roaming\MPC-HC
2019-02-15 22:02 - 2015-04-12 16:39 - 000000191 _____ C:\Users\Carlos\AppData\Roaming\default.rss
2019-02-15 21:17 - 2019-01-27 10:07 - 000000000 ____D C:\Users\Carlos\Desktop\postrac y marcha
2019-02-12 21:57 - 2014-12-03 18:56 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-02-12 21:57 - 2014-12-03 18:56 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-02-12 21:57 - 2014-12-03 18:56 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-11 18:22 - 2015-07-19 19:35 - 000000000 ____D C:\Users\Carlos\AppData\Roaming\IObit
2019-02-11 17:17 - 2015-07-31 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2019-02-11 17:17 - 2014-12-03 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2019-02-10 10:07 - 2014-12-17 22:22 - 000000000 ____D C:\Users\Carlos\AppData\Local\ElevatedDiagnostics
2019-02-10 08:54 - 2019-01-15 21:32 - 000000000 ____D C:\Users\Carlos\Desktop\FOTOS-VIVERO-  YO-JOEL
2019-02-10 08:53 - 2019-01-15 21:26 - 000000000 ____D C:\Users\Carlos\Desktop\FOTOS FLIA
2019-02-09 10:46 - 2015-06-11 19:00 - 000044032 ___SH C:\Users\Carlos\Downloads\Thumbs.db
2019-02-08 23:52 - 2014-12-03 18:48 - 000000000 ____D C:\Windows\AutoKMS
2019-02-08 15:24 - 2009-07-13 22:04 - 000000478 _____ C:\Windows\win.ini
2019-02-05 18:57 - 2019-01-07 20:30 - 000000000 ___HD C:\Users\Carlos\Desktop\visual c++
2019-02-05 18:57 - 2019-01-02 22:15 - 000000000 __RHD C:\Users\Carlos\Documents\MEGAsync
2019-02-04 20:14 - 2015-01-09 21:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-04 19:00 - 2015-07-19 19:34 - 000000000 ____D C:\ProgramData\IObit
2019-02-04 18:57 - 2015-07-19 19:35 - 000000000 ____D C:\Users\Carlos\AppData\LocalLow\IObit
2019-02-04 18:57 - 2015-07-19 19:35 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-02-04 17:01 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\rescache
2019-02-04 07:54 - 2018-12-10 23:11 - 000035928 _____ C:\url_setting_definitions.txt
2019-02-03 11:48 - 2019-01-21 21:44 - 000000000 ____D C:\Users\Carlos\Desktop\FOTOS CUMPLE-varios
2019-02-01 23:43 - 2019-01-06 15:11 - 000000000 ____D C:\ProgramData\CLSK
2019-02-01 23:34 - 2019-01-21 00:33 - 305486616 _____ C:\Users\Carlos\Downloads\YouCam_8.0.0925.0a_Essential_Essential_YUC180820-01.exe

==================== Files in the root of some directories =======

2015-04-12 16:39 - 2019-02-15 22:02 - 000000191 _____ () C:\Users\Carlos\AppData\Roaming\default.rss
2018-10-02 00:27 - 2018-10-02 00:27 - 000000000 _____ () C:\Users\Carlos\AppData\Roaming\downloads.m3u
2014-12-03 17:09 - 2015-06-18 00:10 - 000087608 _____ () C:\Users\Carlos\AppData\Roaming\inst.exe
2014-12-03 17:09 - 2015-06-18 00:10 - 000007887 _____ () C:\Users\Carlos\AppData\Roaming\pcouffin.cat
2014-12-03 17:09 - 2015-06-18 00:10 - 000001144 _____ () C:\Users\Carlos\AppData\Roaming\pcouffin.inf
2014-12-03 17:10 - 2015-06-18 00:10 - 000000055 _____ () C:\Users\Carlos\AppData\Roaming\pcouffin.log
2014-12-03 17:09 - 2015-06-18 00:10 - 000047360 _____ (VSO Software) C:\Users\Carlos\AppData\Roaming\pcouffin.sys
2014-12-03 17:10 - 2015-06-10 13:37 - 000000664 _____ () C:\Users\Carlos\AppData\Roaming\vso_ts_preview.xml
2018-12-27 13:27 - 2018-12-27 13:27 - 000000000 _____ () C:\Users\Carlos\AppData\Local\{16DCE90F-6D25-4B5A-9514-AA5E6A1D6373}

Some files in TEMP:
====================
2019-02-22 15:18 - 2019-02-22 15:18 - 002411864 _____ (                                                            ) C:\Users\Carlos\AppData\Local\Temp\minecraft_0468639699.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-22 19:21

==================== End of FRST.txt ============================
0 me gusta

#18
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-03-2019
Ran by Carlos (01-03-2019 23:52:14)
Running from C:\Users\Carlos\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2014-12-03 20:22:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1985454927-2253292353-2952214705-500 - Administrator - Disabled)
Carlos (S-1-5-21-1985454927-2253292353-2952214705-1000 - Administrator - Enabled) => C:\Users\Carlos
HomeGroupUser$ (S-1-5-21-1985454927-2253292353-2952214705-1002 - Limited - Enabled)
Invitado (S-1-5-21-1985454927-2253292353-2952214705-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Nero SoundTrax Help (HKLM\...\{98a67610-a3b5-4098-a423-3708040026d3}) (Version: 4.0.15.0 - Nero AG) Hidden
Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.3.0 - IObit)
Advertising Center (HKLM\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Apowersoft Online Launcher versión 1.7.1 (HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.1 - APOWERSOFT LIMITED)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
aTube Catcher versión 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
ConvertXtoDVD 3.1.0.26 (HKLM\...\{76C24F39-B161-498F-BD8B-C64789812D13}_is1) (Version: 3.1.0.26 - )
DolbyFiles (HKLM\...\{b1adf008-e898-4fe2-8a1f-690d9a06acaf}) (Version: 2.0 - Nero AG) Hidden
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
FormatFactory 3.6.0.0 (HKLM\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Google Chrome (HKLM\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
ImagXpress (HKLM\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
iTunes (HKLM\...\{EF5B942E-1C24-452B-9C7E-0FCBF23226EA}) (Version: 12.9.2.6 - Apple Inc.)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 201 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
K-Lite Codec Pack 10.1.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
LG CyberLink Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.) Hidden
LG CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.)
LG CyberLink PowerBackup (HKLM\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.5529 - CyberLink Corp.)
LG CyberLink YouCam (HKLM\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304a - CyberLink Corp.) Hidden
LG CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304a - CyberLink Corp.)
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LG Power Tools (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.) Hidden
LG Power Tools (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Menu Templates - Starter Kit (HKLM\...\{b78120a0-cf84-4366-a393-4d0a59bc546c}) (Version: 9.0.4.0 - Nero AG) Hidden
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{e6edaf4d-f9a1-4023-be00-d6189343feb9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Templates - Starter Kit (HKLM\...\{e498385e-1c51-459a-b45f-1721e37aa1a0}) (Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 65.0.1 (x86 es-MX) (HKLM\...\Mozilla Firefox 65.0.1 (x86 es-MX)) (Version: 65.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.1.6981 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM\...\{7527bbba-2168-44e0-8544-ebb0d4f97677}) (Version:  - Nero AG)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x86) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2817430) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype versión 8.34 (HKLM\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Sony Noise Reduction Plug-In 2.0e (HKLM\...\{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}) (Version: 2.0.444 - Sony)
Sony Sound Forge 9.0 (HKLM\...\{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}) (Version: 9.0.297 - Sony)
SoundTrax (HKLM\...\{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}) (Version: 4.0.18.0 - Nero AG) Hidden
Swiff Player 1.7.2 (HKLM\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies)
TuneUp Utilities (HKLM\...\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}) (Version: 9.0.3000.70 - TuneUp Software) Hidden
TuneUp Utilities (HKLM\...\TuneUp Utilities) (Version: 9.0.3000.70 - TuneUp Software)
TuneUp Utilities Language Pack (es-ES) (HKLM\...\{FB3EFCD7-4E08-4197-89B9-7CCD794F91B6}) (Version: 9.0.3000.70 - TuneUp Software) Hidden
TunnelBear (HKLM\...\{3c55d71a-bdfd-40b5-9555-c5cff470d9f5}) (Version: 3.7.3.1 - TunnelBear)
Update for Skype for Business 2015 (KB4462135) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{84A498A6-4C4D-4B31-8537-11E2ACA3C0A1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4462135) 32-Bit Edition (HKLM\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{84A498A6-4C4D-4B31-8537-11E2ACA3C0A1}) (Version:  - Microsoft)
USB Safely Remove 6.1 (HKLM\...\USB Safely Remove_is1) (Version:  - SafelyRemove.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\WhatsApp) (Version: 0.2.777 - WhatsApp)
WinRAR 5.61 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll [2017-10-18] () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2008-09-19] (Nero AG -> Nero AG)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll [2017-10-18] () [File not signed]
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll [2009-12-10] (TuneUp Software GmbH -> TuneUp Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll [2017-10-18] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll [2017-10-18] () [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll [2017-10-18] () [File not signed]
ContextMenuHandlers4: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files\TuneUp Utilities 2010\DseShExt-x86.dll [2009-12-10] (TuneUp Software GmbH -> TuneUp Software)
ContextMenuHandlers4: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll [2009-12-10] (TuneUp Software GmbH -> TuneUp Software)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BD36159-E5EF-4610-8E95-41814A0D2F31} - System32\Tasks\Driver Booster SkipUAC (Carlos) => C:\Program Files\IObit\Driver Booster\5.5.1\DriverBooster.exe
Task: {0D8097F2-83EF-4642-834C-EE48223D88A6} - System32\Tasks\{2477B4B4-995E-4B9A-A49A-87A131B2DB39} => C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\
Task: {17B8C3D1-7E5D-4014-BD33-D5777E5BC233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {19E600E8-21AD-4818-81A5-031A3176318F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {1FE9A0AF-9D54-494E-8D1F-31BEE6727B4A} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe (IObit Information Technology -> IObit)
Task: {3FB1C272-8CD6-44CB-BCC1-089C6A2DF605} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files\TuneUp Utilities 2010\OneClick.exe (TuneUp Software GmbH -> TuneUp Software)
Task: {51C95D70-DC56-4CAA-A607-F369306C1964} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {55247215-4954-4C90-B5F7-DC851C07B863} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {598F09DD-1176-4271-9B8E-26A3F1D13A79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6370BA8B-5A58-4540-A600-23BD9523AAC3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {66467ADF-5877-493E-8682-1E1C012EF6D5} - System32\Tasks\{A51B68F3-D3CC-42FE-81FB-D01034D744EA} => C:\Windows\system32\pcalua.exe -a "C:\Users\Carlos\Desktop\SSF_9_ESP, sound forge 9.0\activacion.exe" -d "C:\Users\Carlos\Desktop\SSF_9_ESP, sound forge 9.0"
Task: {6E634BAD-3C47-4846-AB09-9FBA9D13F1FB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {8D174035-DA5B-440C-BC8E-5F376B991141} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle America, Inc. -> Oracle Corporation)
Task: {923F36B8-5935-45E2-9877-4571E8802F57} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {94B5F40F-AA47-4C31-A6EE-6515AD7D58FE} - no filepath
Task: {AAB63143-6FE4-4C9E-98F0-17B25B3BBD96} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AB1E32C3-788D-4659-B6C2-8122C66E0170} - System32\Tasks\Mantenimiento automático => C:\Program Files\TuneUp Utilities 2010\OneClickStarter.exe (TuneUp Software GmbH -> TuneUp Software)
Task: {AE8C0833-0B12-47A0-B0A8-727D3F2F8087} - System32\Tasks\Análisis automático => C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe (TuneUp Software GmbH -> TuneUp Software)
Task: {B8735D42-BB2B-4529-BBE8-6E7BB1BDBD27} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Carlos\Desktop\adwcleaner_7.2.7.0.exe
Task: {BE5341D7-D01C-4C38-B382-ED3E377146C4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C0F4B556-DA71-4B24-8040-D4FBAFD9FBFA} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1985454927-2253292353-2952214705-1000 => C:\Users\Carlos\AppData\Local\MEGAsync\MEGAupdater.exe (Mega Limited -> Mega Limited)
Task: {CFF36BB8-3BFF-44AC-986B-647543F49A13} - System32\Tasks\{B713417F-68AC-47B9-A792-511F76FFAF4E} => C:\Windows\system32\pcalua.exe -a "C:\Users\Carlos\Desktop\SSF_9_ESP, sound forge 9.0\Traduccion.exe" -d "C:\Users\Carlos\Desktop\SSF_9_ESP, sound forge 9.0"
Task: {D6908FB7-44DC-4C78-B8F0-A12C913C86C6} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {DBC939CD-F1CA-4302-8D8D-BDBE501EEAE5} - System32\Tasks\{42862576-8D38-4191-9C99-AA0F442B28D4} => C:\Windows\system32\pcalua.exe -a "C:\Users\Carlos\Desktop\trilogyii- WMPLAYER.exe" -d C:\Users\Carlos\Desktop
Task: {E0BFDC5D-3672-4C07-8CBB-9410511E5D08} - no filepath
Task: {E524F33C-638D-49C2-8796-62D62F42D367} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {ED712D28-BAA8-4D5C-9953-D279B55CB384} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F311DF77-0BCD-4A00-999D-B7CA661F528F} - System32\Tasks\Uninstaller_SkipUac_Carlos => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Carlos\Desktop\cejotacee - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) ==============

2017-10-18 17:58 - 2017-10-18 17:58 - 000570368 _____ () C:\Users\Carlos\AppData\Local\MEGAsync\ShellExtX32.dll
2015-07-11 14:33 - 2015-07-11 14:33 - 001101824 _____ () C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2019-02-04 18:10 - 2018-12-04 15:29 - 003084800 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-02-04 18:10 - 2018-12-04 15:29 - 005139968 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-02-04 18:10 - 2018-12-04 15:29 - 005010944 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-02-04 18:10 - 2018-12-04 15:29 - 002950144 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-02-04 18:10 - 2018-12-04 15:29 - 002234880 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-02-04 18:10 - 2018-12-04 15:29 - 004571648 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-02-04 18:10 - 2018-12-04 15:29 - 000438272 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 001181184 _____ () C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 000124928 _____ () C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 000026112 _____ () C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 000020992 _____ () C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-02-04 18:10 - 2018-12-04 15:29 - 000259584 _____ () C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 000729088 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 000073216 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 000179712 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 000014848 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-02-04 20:14 - 2018-12-04 15:29 - 000101888 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:04 - 2009-06-10 17:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-1985454927-2253292353-2952214705-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Carlos\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^Users^Carlos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enviar a OneNote.lnk => C:\Windows\pss\Enviar a OneNote.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8A681792-6104-495D-B8AA-0560E38CFA03}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36184DA5-FB23-4F40-94CE-14109898F88E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FDED023-1ECE-48D4-96E0-256AC9B1F1C4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA864EC5-8619-4E33-A64A-6ABD7865A621}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4282BD66-FF02-4D96-BEB7-283AB0B9C414}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0ABB2731-83B5-44CC-9BB4-281AD4EBA09D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C10C094F-9B5C-46F4-986B-CEC44FDDB6B1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{C4350811-B799-4709-9BFD-CCA203F2785F}C:\program files\freetime\formatfactory\formatfactory.exe] => (Block) C:\program files\freetime\formatfactory\formatfactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [UDP Query User{534568FE-023D-46AE-8D7E-915400A870CC}C:\program files\freetime\formatfactory\formatfactory.exe] => (Block) C:\program files\freetime\formatfactory\formatfactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{3394EC99-C7DC-4916-8832-C22248E1CED5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78214F30-E792-45E1-9ABB-EC4127A8811D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1011E43-8BF4-419A-B4E3-69301E99073D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E536A97-903C-4DC4-9872-838D17C7D79D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{ED863A97-1651-47AA-B830-A8CB2C5A2FFF}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{52E0AB81-F98E-4BA2-8C02-2F3B59C5D8E2}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{C72D93BC-CF35-4C89-BC80-07A9F1E4000A}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{448DFD4C-07EB-4DFD-AA47-180C79C4B051}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [UDP Query User{C0CB94D5-E2B3-4F80-B479-EB9B848B78BA}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [{143A113C-EF6B-4C46-9E2D-11F954F46472}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0879AFA0-45FA-475D-B1A9-8254AF6C5EE9}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0972A76E-7860-4012-8CE1-DCB15693E766}] => (Allow) C:\Users\Carlos\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{84F1396F-E9A4-4FDC-B784-3A1A0334E3FA}] => (Allow) C:\Users\Carlos\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [TCP Query User{34D0CFDA-EA2B-41D6-9402-FB57B51E7EEE}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{8EF27879-F549-4141-9DB2-309979EE3C97}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{ED071175-3795-46B2-B085-384A859F1D42}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [UDP Query User{BFDC83F1-A5C3-4C52-860D-44A6B3E3B59E}C:\program files\java\jre1.8.0_201\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_201\bin\javaw.exe
FirewallRules: [TCP Query User{F147D615-6793-42F7-9365-57DF8D5CD40E}C:\program files\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files\freetime\formatfactory\formatfactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [UDP Query User{DA122E57-EBBD-4D11-A6B4-6B9F404A4198}C:\program files\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files\freetime\formatfactory\formatfactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{AF467D93-1240-4C3C-A675-7E114AFDF74E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{486C7667-B26E-406B-843C-9CDB35C078DD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E14C5A4E-833A-411F-A9C2-F17AED1537A1}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{EAA5E713-574A-4740-9541-782B7B8F03E0}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{470A4722-A2BB-4654-AC0F-9D749ECD0C8D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

24-02-2019 19:12:54 Copias de seguridad de Windows
27-02-2019 18:27:08 Windows Update

==================== Faulty Device Manager Devices =============

Name: asrdmon
Description: asrdmon
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: asrdmon
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2019 09:57:44 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/01/2019 09:47:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (03/01/2019 09:35:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (02/28/2019 05:55:43 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/28/2019 05:44:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (02/27/2019 06:58:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (02/27/2019 06:16:39 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/27/2019 06:06:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (03/01/2019 09:47:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
asrdmon

Error: (03/01/2019 09:46:51 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)
Description: El servicio Programador de tareas no pudo cargar las tareas al inicio del servicio. Datos adicionales: valor del error: 2147942402.

Error: (03/01/2019 09:43:14 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Diagnostics Tracking Service no se cerró correctamente después de recibir un control de aviso de apagado.

Error: (03/01/2019 09:42:41 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Cliente de directiva de grupo no se cerró correctamente después de recibir un control de aviso de apagado.

Error: (03/01/2019 09:33:58 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)
Description: El servicio Programador de tareas no pudo cargar las tareas al inicio del servicio. Datos adicionales: valor del error: 2147942402.

Error: (02/28/2019 05:43:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
asrdmon

Error: (02/28/2019 05:43:29 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)
Description: El servicio Programador de tareas no pudo cargar las tareas al inicio del servicio. Datos adicionales: valor del error: 2147942402.

Error: (02/27/2019 06:57:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
asrdmon


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz
Percentage of memory in use: 75%
Total physical RAM: 3325.09 MB
Available physical RAM: 827.7 MB
Total Virtual: 7321.36 MB
Available Virtual: 4516.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.44 GB) (Free:14.37 GB) NTFS
Drive f: () (Fixed) (Total:48.83 GB) (Free:13.31 GB) NTFS
Drive g: (datos) (Fixed) (Total:184.04 GB) (Free:20.13 GB) NTFS

\\?\Volume{f0bf57df-7b28-11e4-9b69-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: B0E9B0E9)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=184 GB) - (Type=0F Extended)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 39D539D4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
0 me gusta

#19

hola amigo leo, recibio el informe. Gracias

0 me gusta

#20

Buen dia, disculpa amigo, vamos a continuar. Gracias

0 me gusta