Buenas tardes Loren, ya realicé todos los pasos que me indicaste. Qué pasos debo realizar ahora para continuar con la limpieza del portátil? Sigo con el ordenador desprotegido (sin antivirus ni firewall) Gracias!
Hola, buenas @forta a petición de mi compañero @Loren de forma temporal pasaré yo a ayudarte en este tema. Pues debemos ahora de utilizar una herramienta para confirmar que no queden rastros de antivirus en tu equipo. Si quedasen, pues los eliminaríamos.
Ya de paso verificaré que no quede ningún rastro de malware (seguro que no, ya que @Loren ha hecho un buen trabajo 
) o bien alguna cosa que disminuya el rendimiento de la máquina.
Una vez finalicemos con FRST, yo me retiraré del caso y sigues con @Loren con lo que se tenga que acabar de hacer en la máquina o lo que él considere oportuno en el momento en que él retome el caso.
Desactivas tu antivirus 
Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).
Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?
Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.
Farbar Recovery Scan Tool
-
Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).
-
Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
-
En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.
-
Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.
Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.
PRÓXIMA RESPUESTA
Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).
NOTA IMPORTANTE
Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:
- No realices pasos/acciones que NOSOTROS no te hayamos indicado.
- No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
- No instales NADA (programas/software/complementos/extensiones del navegador…).
- No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
- No realices por tu cuenta otros procedimientos.
- Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.
Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:
Salu2.
1 me gusta
Buenas noches, a continuación dejo el primero de los reportes solicitados.
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 11-04-2021 Ejecutado por ALBERTO (administrador) sobre LAPTOP-TCQ476TQ (LENOVO 80Q7) (13-04-2021 00:23:52) Ejecutado desde C:\Users\ALBERTO\Desktop Perfiles cargados: ALBERTO Platform: Windows 10 Home Versión 20H2 19042.867 (X64) Idioma: Español (España, internacional) Navegador predeterminado: Chrome Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Conexant Systems, Inc. → Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Dropbox, Inc → Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc → Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc → Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc → The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\119.4.1772\QtWebEngineProcess.exe <2> (ELAN Microelectronics Corporation → ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation → ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation → ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (Fortemedia Inc → ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Google LLC → Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC → Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Intel Corporation - Rapid Storage Technology → Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Rapid Storage Technology → Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Lenovo → Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\Lenovo.Vantage.AddinHost.exe (Lenovo → Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\Lenovo.Vantage.AddinHost.x86.exe (Lenovo → Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe (Malwarebytes Inc → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc → Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, LLC → McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, LLC → McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (Microsoft Corporation → Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows → Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows → Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe (Oracle America, Inc. → Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. → Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd → Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (TeamViewer Germany GmbH → TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM…\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation → ELAN Microelectronics Corp.) HKLM…\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology → Intel Corporation) HKLM…\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc → ) HKLM…\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. → Conexant Systems, Inc.) HKLM…\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. → Conexant Systems, Inc.) HKLM-x32…\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-03-30] (Dropbox, Inc → Dropbox, Inc.) HKLM-x32…\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. → Oracle Corporation) HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\Run: [53BCB50F32F7089E9B0E3706FF13A4AAB9B4FF19._service_run] => “C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe” --type=service /prefetch:8 HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd → Piriform Software Ltd) HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q “C:\Users\ALBERTO\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe” HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q “C:\Users\ALBERTO\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe” HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\RunOnce: [Uninstall 21.030.0211.0002\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q “C:\Users\ALBERTO\AppData\Local\Microsoft\OneDrive\21.030.0211.0002\amd64” HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\RunOnce: [Uninstall 21.030.0211.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q “C:\Users\ALBERTO\AppData\Local\Microsoft\OneDrive\21.030.0211.0002” HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC → Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {01E35EF6-44AE-4414-A6A6-D53C05CB9455} - \Lenovo\ImController\TimeBasedEvents\41d00699-c02c-41d6-a268-6a6de4f4cdad → Ningún archivo <==== ATENCIÓN Task: {0259C9B1-827A-4E29-9CEB-314FCCF66AD1} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask → Ningún archivo <==== ATENCIÓN Task: {02BB7FBD-DD16-4E5A-8D9C-A42400DCD179} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost “LSC Memory” “$(Arg0)” Task: {081E2E9A-7FDB-4F2D-B320-ECC626C08B4E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-06] (LENOVO → Lenovo) Task: {0DCB5533-CE15-4100-875D-E2FC8493D006} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. → Adobe Inc.) Task: {14FD2B23-2E74-463F-B570-2BB31E89DB99} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe Task: {19EFA77A-2E63-4ABC-BDCB-F335319C2708} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\ALBERTO\Downloads\ESETOnlineScanner_ESL.exe Task: {2034E620-B022-4E7C-A6F4-1B6F786E9E67} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\ScheduleEventAction.exe [13240 2020-07-09] (Lenovo → Lenovo Group Ltd.) Task: {296AC455-7293-444C-8953-0188FA9ED84A} - \Microsoft\Windows\UNP\RunCampaignManager → Ningún archivo <==== ATENCIÓN Task: {2AAEAD35-4E82-41D3-99CA-D5BC9EE83C5D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation → Microsoft Corporation) Task: {2C595B00-B11B-4F07-A873-5ED2856109DA} - \Lenovo\ImController\Lenovo iM Controller Monitor → Ningún archivo <==== ATENCIÓN Task: {2F33D2E0-D649-418D-8005-9D5A4AB858B8} - \Lenovo\ImController\TimeBasedEvents\a1653e63-af0f-4142-8c3e-57a85dd5ec0f → Ningún archivo <==== ATENCIÓN Task: {30D5CBBB-E291-4FC3-B410-7BFF022277D4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-02-25] (Microsoft Windows Publisher → Microsoft Corporation) Task: {351ADF56-36E6-45DB-A094-798686C448BB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\ALBERTO\Downloads\ESETOnlineScanner_ESL.exe Task: {4E8B96C3-93B8-463E-B35C-305AB87A938A} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe Task: {57822FCB-5FF5-4AD1-93D0-870BC88941A6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc → Dropbox, Inc.) Task: {5F3D557A-E60F-4813-899B-713FD18D8D37} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc → Dropbox, Inc.) Task: {65801DDB-FB30-4B6C-AF46-A7529B8D3726} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe Task: {65DB49F3-8473-4ACF-A0AC-5408DA31209F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-02-25] (Microsoft Windows Publisher → Microsoft Corporation) Task: {7A17DA86-64DC-4C25-B5F9-DBA12E218C8D} - System32\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001 => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-08] (LogMeIn, Inc. → LogMeIn, Inc.) Task: {7C606F97-CA58-461A-8A69-1B2BD0276A3F} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe Task: {7C96DE06-11DF-4E28-AC31-03DE8D6D3F33} - \Lenovo\ImController\TimeBasedEvents\86fb1487-40ae-41b0-94a7-092737c32da2 → Ningún archivo <==== ATENCIÓN Task: {7F17FB83-6F3F-41E4-B6DB-36F1929D428A} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService Task: {8BE9A27F-E4BF-4811-86B2-03591C4A498F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd → Piriform) Task: {8F8706D2-4255-4372-86A2-14838465A83C} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe Task: {9146C4B8-BC30-4A39-944D-C86C6D0C43E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation → Microsoft Corporation) Task: {94357371-788A-48B1-A757-4AE8E4DA0395} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe Task: {9E597A12-4D3B-43EF-A123-925DED2C55E4} - \Lenovo\ImController\TimeBasedEvents\711decec-f0e3-4965-a0a1-9d66460ed853 → Ningún archivo <==== ATENCIÓN Task: {9FE04BAE-9E71-4391-976D-6360F0FB9D0A} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe Task: {A08B0F86-8ABA-4008-A443-97DBCF39C085} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-02-25] (Microsoft Windows Publisher → Microsoft Corporation) Task: {BC0FC313-9F06-4827-A70A-51DEE65FA838} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation → Microsoft Corporation) Task: {BF7657FA-F78E-4A28-965D-968C82F37CE1} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe Task: {C4999162-F483-451C-9EC5-735D9CA04D24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-02-25] (Microsoft Windows Publisher → Microsoft Corporation) Task: {C87BFF5E-658B-4AE6-B922-C7086408953D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe Task: {CE47F755-A9C6-4BCC-96E5-DACC03DD548B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd → Piriform Software Ltd) Task: {CF26A032-3D94-4A16-BB79-F640E664535B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance → Ningún archivo <==== ATENCIÓN Task: {D13F36CF-117C-4C29-A064-14861024F58C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC → Google LLC) Task: {D999E38A-5E37-422F-ABB3-6CB5602FEFA1} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe Task: {E27E95F1-BDAD-447F-9629-12106E70C1DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC → Google LLC) Task: {F188E05D-8547-4455-8352-F3B8CB261E9A} - System32\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001 => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-08] (LogMeIn, Inc. → LogMeIn, Inc.) Task: {F20DBB6F-967D-4573-A838-42BF2F8EF183} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe Task: {FF5B609A-4789-4944-93E7-38D311623B83} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001.job => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001.job => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupload.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip…\Interfaces{bfd3d4cc-5f03-4e12-a10a-685129ef2128}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Edge:
DownloadDir: C:\Users\ALBERTO\Downloads Edge DefaultProfile: Default Edge Profile: C:\Users\ALBERTO\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-12] Edge HKLM-x32…\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
FF ProfilePath: C:\Users\ALBERTO\AppData\Roaming\TomTom\HOME\Profiles\37smhuan.default [2019-10-26] FF Extension: (Sin Nombre) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected] [no encontrado] FF HKLM…\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-03-26] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json] FF HKLM-x32…\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation → Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 → C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-20] (Oracle America, Inc. → Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 → C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-20] (Oracle America, Inc. → Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 → C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-11-12] (Microsoft Corporation → Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation → Microsoft Corporation) FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. → Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2614724653-299048476-2895592305-1001: @zoom.us/ZoomVideoPlugin → C:\Users\ALBERTO\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-14] (Zoom Video Communications, Inc. → Zoom Video Communications, Inc.)
Chrome:
CHR DefaultProfile: Default CHR Profile: C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default [2021-04-13] CHR HomePage: Default → hxxp://es.msn.com/ CHR DefaultSearchURL: Default → hxxp://ver.movistarplus.es/favicon.png CHR Extension: (Presentaciones) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16] CHR Extension: (Documentos) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16] CHR Extension: (Google Drive) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25] CHR Extension: (YouTube) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-28] CHR Extension: (Adobe Acrobat) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-04-10] CHR Extension: (Hojas de cálculo) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16] CHR Extension: (McAfee® WebAdvisor) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-06] CHR Extension: (Norton Safe Web) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-03-19] CHR Extension: (Documentos de Google sin conexión) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-11] CHR Extension: (CANALES online en directo - Movistar+) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdnbbimlpkbccknkhcedbdjefmncppai [2020-01-21] CHR Extension: (CANALES MOVISTAR) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgpanfagbakkedomaocbfiibceknhlh [2021-01-25] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-10] CHR Extension: (Player para ver Movistar+) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2020-11-11] CHR Extension: (CORREO AYUNTAMIENTO) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\knofleilnncdcdkmghjgieheocegmnmk [2021-01-25] CHR Extension: (Instagram) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2021-01-26] CHR Extension: (Webmail :: Bienvenido a Webmail) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbgkppeojbfednnokjgmelaoliifghjm [2020-11-12] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (PDF Viewer) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2021-04-10] CHR Extension: (SERIES online - Yomvi es Movistar+ en…) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipjkcpcfjccacfcdjbploglkejhophd [2019-04-23] CHR Extension: (Gmail) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11] CHR Profile: C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-12] CHR HKLM…\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32…\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32…\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32…\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
OPR Profile: C:\Users\ALBERTO\AppData\Roaming\Opera Software\Opera Stable [2020-01-12] OPR DefaultSuggestURL: Opera Stable → hxxps://www.google.es/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. → Adobe Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc → Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc → Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-03-30] (Dropbox, Inc → Dropbox, Inc.) S2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO → Lenovo) R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe [18360 2020-07-09] (Lenovo → Lenovo Group Ltd.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-25] (Malwarebytes Inc → Malwarebytes) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-03-26] (McAfee, LLC → McAfee, LLC) S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. → DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH → TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-25] (Microsoft Windows Publisher → Microsoft Corporation) S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-25] (Microsoft Windows Publisher → Microsoft Corporation) S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd → Wondershare) S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare Technology Co.,Ltd → Wondershare)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-19] (Malwarebytes Inc → Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-25] (Microsoft Windows Early Launch Anti-malware Publisher → Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-11] (Malwarebytes Inc → Malwarebytes) R3 MpKsl320a68c4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates{1C8571FF-8449-4316-BC8F-94785145EAF8}\MpKslDrv.sys [97528 2021-04-12] (Microsoft Windows → Microsoft Corporation) S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher → VS Revo Group) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2020-02-25] (Microsoft Windows → Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-25] (Microsoft Windows → Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink → "CyberLink) S3 MpKsl93ac1a54; ??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates{B58908CE-99B9-40FB-8FBC-75E60117B920}\MpKslDrv.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2021-04-13 00:20 - 2021-04-13 00:23 - 000043633 _____ C:\Users\ALBERTO\Desktop\Addition.txt 2021-04-13 00:14 - 2021-04-13 00:24 - 000026676 _____ C:\Users\ALBERTO\Desktop\FRST.txt 2021-04-13 00:13 - 2021-04-13 00:24 - 000000000 ____D C:\FRST 2021-04-13 00:02 - 2021-04-13 00:02 - 002297856 _____ (Farbar) C:\Users\ALBERTO\Desktop\FRST64.exe 2021-04-12 23:21 - 2021-04-12 23:21 - 006029210 _____ C:\Users\ALBERTO\Downloads\ilovepdf_extracted-pages (1).zip 2021-04-12 20:15 - 2021-04-12 20:15 - 000488024 _____ C:\Users\ALBERTO\Downloads\CamScanner 11-20-2020 17.05.pdf 2021-04-12 18:55 - 2021-04-12 18:56 - 000789797 _____ C:\Users\ALBERTO\Downloads\Certificado empleador baja Alicia García Reyes (2).pdf 2021-04-12 18:54 - 2021-04-12 18:54 - 000789797 _____ C:\Users\ALBERTO\Downloads\Certificado empleador baja Alicia García Reyes (1).pdf 2021-04-12 18:53 - 2021-04-12 18:53 - 000789797 _____ C:\Users\ALBERTO\Downloads\Certificado empleador baja Alicia García Reyes.pdf 2021-04-12 18:12 - 2021-04-12 18:12 - 001077893 _____ C:\Users\ALBERTO\Downloads\ilovepdf_extracted-pages.zip 2021-04-12 17:58 - 2021-04-12 17:58 - 000034683 _____ C:\Users\ALBERTO\Downloads\DOC120421-12042021114705-3 (1).pdf 2021-04-12 17:50 - 2021-04-12 17:50 - 000034683 _____ C:\Users\ALBERTO\Downloads\DOC120421-12042021114705-3.pdf 2021-04-12 17:41 - 2021-04-12 17:41 - 001120422 _____ C:\Users\ALBERTO\Downloads\DOC120421-12042021114705.pdf 2021-04-11 14:48 - 2021-04-11 14:48 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-04-11 11:33 - 2021-04-11 11:33 - 000000000 ____D C:\Users\ALBERTO\Doctor Web 2021-04-11 11:28 - 2021-04-11 11:32 - 243733136 _____ C:\Users\ALBERTO\Downloads\bz4mgmm8.exe 2021-04-10 23:30 - 2021-04-10 23:30 - 000309104 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_1bdf2134a_klark.sys 2021-04-10 23:28 - 2021-04-10 23:28 - 000224880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_1bdf2134a_mark.sys 2021-04-10 23:28 - 2021-04-10 23:28 - 000127792 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\1bdf2134.sys 2021-04-10 23:26 - 2021-04-10 23:27 - 000000000 ____D C:\KVRT2020_Data 2021-04-10 23:23 - 2021-04-10 23:25 - 102434224 _____ (AO Kaspersky Lab) C:\Users\ALBERTO\Downloads\KVRT.exe 2021-04-10 23:12 - 2021-04-10 23:12 - 000000340 _____ C:\Users\ALBERTO\Desktop\ESET.txt 2021-04-10 19:46 - 2021-04-10 19:47 - 000000787 _____ C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-04-10 19:46 - 2021-04-10 19:46 - 015019488 _____ (ESET spol. s r.o.) C:\Users\ALBERTO\Downloads\esetonlinescanner.exe 2021-04-10 19:46 - 2021-04-10 19:46 - 000000659 _____ C:\Users\ALBERTO\Desktop\ESET Online Scanner.lnk 2021-04-10 19:28 - 2021-04-10 19:28 - 000410712 _____ C:\Users\ALBERTO\Desktop\cc_20210410_192748.reg 2021-04-10 19:20 - 2021-04-10 19:20 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (5).exe 2021-04-10 19:19 - 2021-04-10 19:20 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (4).exe 2021-04-10 19:19 - 2021-04-10 19:19 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (3).exe 2021-04-10 19:19 - 2021-04-10 19:19 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (2).exe 2021-04-10 19:19 - 2021-04-10 19:19 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (1).exe 2021-04-10 19:04 - 2021-04-10 19:04 - 000001713 _____ C:\Users\ALBERTO\Desktop\JustificanteCita.pdf 2021-04-10 16:10 - 2021-04-10 16:10 - 000002777 _____ C:\Users\ALBERTO\Desktop\ZHPCleaner (R).txt 2021-04-10 16:08 - 2021-04-10 16:08 - 000002611 _____ C:\Users\ALBERTO\Desktop\ZHPCleaner (S).txt 2021-04-10 16:00 - 2021-04-10 16:10 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\ZHP 2021-04-10 16:00 - 2021-04-10 16:00 - 000000884 _____ C:\Users\ALBERTO\Desktop\ZHPCleaner.lnk 2021-04-10 16:00 - 2021-04-10 16:00 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\ZHP 2021-04-10 15:58 - 2021-04-10 15:58 - 003325592 _____ (Nicolas Coolman) C:\Users\ALBERTO\Downloads\ZHPCleaner.exe 2021-04-10 15:56 - 2021-04-10 15:57 - 000000873 _____ C:\Users\ALBERTO\Desktop\JRT.txt 2021-04-10 15:52 - 2021-04-10 15:52 - 000001790 _____ C:\Users\ALBERTO\Desktop\AdwCleaner[C01].txt 2021-04-09 16:27 - 2021-04-09 16:27 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\VS Revo Group 2021-04-09 16:26 - 2021-04-09 16:26 - 000001129 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2021-04-09 16:26 - 2021-04-09 16:26 - 000000000 ____D C:\ProgramData\VS Revo Group 2021-04-09 16:26 - 2021-04-09 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2021-04-09 16:26 - 2021-04-09 16:26 - 000000000 ____D C:\Program Files\VS Revo Group 2021-04-09 16:26 - 2020-10-14 04:07 - 000038400 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys 2021-04-09 07:05 - 2021-04-09 07:06 - 016509944 _____ (VS Revo Group ) C:\Users\ALBERTO\Downloads\RevoUninProSetup.exe 2021-04-08 22:42 - 2021-04-08 22:42 - 007495512 _____ (VS Revo Group ) C:\Users\ALBERTO\Downloads\revosetup.exe 2021-04-08 17:31 - 2021-04-08 17:31 - 007495512 _____ (VS Revo Group ) C:\Users\ALBERTO\Downloads\revo-uninstaller-2-2-5.exe 2021-04-08 00:24 - 2021-04-08 00:25 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\ALBERTO\Downloads\NRnR (1).exe 2021-04-08 00:22 - 2021-04-08 00:23 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\ALBERTO\Downloads\NRnR.exe 2021-04-07 18:09 - 2021-04-07 18:10 - 000000000 ____D C:\Users\ALBERTO\Desktop\desinfeccion 2021-04-07 18:00 - 2021-04-07 17:58 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe 2021-04-07 17:51 - 2021-04-07 17:51 - 014262248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ALBERTO\Downloads\avgclear.exe 2021-04-06 18:06 - 2021-04-06 18:07 - 000399710 _____ C:\Users\ALBERTO\Desktop\cc_20210406_180627.reg 2021-04-06 17:44 - 2021-04-06 17:45 - 000075902 _____ C:\Users\ALBERTO\Desktop\cc_20210406_174431 (2º informe).reg 2021-04-05 16:45 - 2021-04-05 16:45 - 008534696 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\adwcleaner_8.2 (2).exe 2021-04-04 20:44 - 2021-04-04 20:44 - 001790024 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\junkware-removal-tool-8-1-4.exe 2021-04-04 20:26 - 2021-04-04 20:26 - 001599815 _____ C:\Users\ALBERTO\Downloads\IFS (1).exe 2021-04-04 20:22 - 2021-04-05 17:14 - 000000000 ____D C:\AdwCleaner 2021-04-04 20:14 - 2021-04-04 20:14 - 008534696 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\adwcleaner_8.2 (1).exe 2021-04-04 20:12 - 2021-04-04 20:13 - 008534696 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\adwcleaner_8.2.exe 2021-04-04 19:52 - 2021-04-09 23:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360 2021-04-04 18:57 - 2021-04-10 15:44 - 000000000 ____D C:\FSTool 2021-04-04 18:56 - 2021-04-04 18:56 - 001599815 _____ C:\Users\ALBERTO\Downloads\IFS.exe 2021-04-04 18:47 - 2021-04-04 18:48 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577.exe 2021-04-01 23:18 - 2021-04-12 00:22 - 000000000 ____D C:\Users\ALBERTO\Downloads\Telegram Desktop 2021-04-01 14:17 - 2021-04-01 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-03-30 19:52 - 2021-03-30 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-03-30 19:52 - 2021-03-30 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-03-30 19:52 - 2021-03-30 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-03-29 00:01 - 2021-04-12 23:43 - 000000000 ____D C:\Users\ALBERTO\Desktop\ALICIA 2021-03-27 03:56 - 2021-03-27 03:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2021-03-27 03:48 - 2021-03-27 03:48 - 000000020 ___SH C:\Users\ALBERTO\ntuser.ini 2021-03-27 03:32 - 2021-03-27 03:40 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2021-03-27 03:32 - 2021-03-27 03:40 - 000007623 _____ C:\WINDOWS\diagerr.xml 2021-03-27 02:08 - 2021-04-13 00:12 - 001774678 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-03-27 02:04 - 2021-04-12 23:32 - 000004222 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8E062058-A517-4CAE-8665-1077E5E601AA} 2021-03-27 02:04 - 2021-04-12 22:36 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2614724653-299048476-2895592305-1001 2021-03-27 02:04 - 2021-04-10 15:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-03-27 02:04 - 2021-03-27 02:06 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-03-27 02:04 - 2021-03-27 02:06 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-03-27 02:04 - 2021-03-27 02:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform 2021-03-27 02:03 - 2021-04-11 19:22 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-03-27 02:03 - 2021-04-08 17:43 - 000003850 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001 2021-03-27 02:03 - 2021-04-08 17:43 - 000003754 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001 2021-03-27 02:03 - 2021-04-05 17:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo 2021-03-27 02:03 - 2021-03-27 02:07 - 000003548 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-03-27 02:03 - 2021-03-27 02:07 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-03-27 02:03 - 2021-03-27 02:06 - 000003540 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2021-03-27 02:03 - 2021-03-27 02:06 - 000003324 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-03-27 02:03 - 2021-03-27 02:06 - 000002598 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2021-03-27 02:03 - 2021-03-27 02:05 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-03-27 02:03 - 2021-03-27 02:05 - 000003316 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2021-03-27 02:03 - 2021-03-27 02:05 - 000002978 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2021-03-27 02:03 - 2021-03-27 02:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\CyberLink 2021-03-27 02:03 - 2021-03-27 02:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2021-03-27 01:52 - 2021-04-12 22:31 - 000002410 _____ C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-03-27 01:52 - 2021-04-12 17:18 - 000000000 ____D C:\Users\ALBERTO 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Reciente 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Plantillas 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Mis documentos 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Menú Inicio 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Impresoras 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Entorno de red 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Documents\Mis vídeos 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Documents\Mis imágenes 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Documents\Mi música 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Datos de programa 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Configuración local 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Local\Historial 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Local\Datos de programa 2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Local\Archivos temporales de Internet 2021-03-27 01:50 - 2018-09-06 03:02 - 000146304 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2021-03-27 01:50 - 2018-09-06 03:02 - 000121216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2021-03-27 01:44 - 2021-04-12 22:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-03-27 01:44 - 2021-04-10 15:28 - 000008192 ___SH C:\DumpStack.log.tmp 2021-03-27 01:44 - 2021-03-27 01:45 - 000637016 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-03-27 01:36 - 2021-03-27 01:43 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2021-03-27 01:30 - 2021-03-27 01:35 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2021-03-27 01:30 - 2021-03-27 01:30 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2021-03-27 01:25 - 2021-03-27 01:25 - 000000000 ____D C:\ProgramData\ssh 2021-03-27 01:14 - 2021-03-27 01:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-03-27 01:14 - 2021-03-27 01:14 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-03-27 01:14 - 2021-03-27 01:14 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-03-27 01:14 - 2021-03-27 01:14 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-03-27 01:14 - 2021-03-27 01:14 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-03-27 01:14 - 2021-03-27 01:14 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax 2021-03-27 01:14 - 2021-03-27 01:14 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-03-27 01:14 - 2021-03-27 01:14 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-03-27 01:14 - 2021-03-27 01:14 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-03-27 01:14 - 2021-03-27 01:14 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-03-27 01:14 - 2021-03-27 01:14 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-03-27 01:13 - 2021-03-27 01:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-03-27 01:13 - 2021-03-27 01:13 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-03-27 01:13 - 2021-03-27 01:13 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-03-27 01:13 - 2021-03-27 01:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-03-27 01:13 - 2021-03-27 01:13 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-03-27 01:13 - 2021-03-27 01:13 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax 2021-03-27 01:13 - 2021-03-27 01:13 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-03-27 01:13 - 2021-03-27 01:13 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-03-27 01:13 - 2021-03-27 01:13 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-03-27 01:13 - 2021-03-27 01:13 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-03-27 01:13 - 2021-03-27 01:13 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-03-27 01:12 - 2021-03-27 01:12 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-03-27 01:12 - 2021-03-27 01:12 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl 2021-03-27 01:12 - 2021-03-27 01:12 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-03-27 01:12 - 2021-03-27 01:12 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb 2021-03-27 01:12 - 2021-03-27 01:12 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2021-03-27 01:12 - 2021-03-27 01:12 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2021-03-27 01:12 - 2021-03-27 01:12 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-03-27 01:11 - 2021-03-27 01:11 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2021-03-27 01:11 - 2021-03-27 01:11 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll 2021-03-27 01:11 - 2021-03-27 01:11 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-03-27 01:11 - 2021-03-27 01:11 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll 2021-03-27 01:11 - 2021-03-27 01:11 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll 2021-03-27 01:11 - 2021-03-27 01:11 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-03-27 01:11 - 2021-03-27 01:11 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-03-27 01:11 - 2021-03-27 01:11 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-03-27 01:11 - 2021-03-27 01:11 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2021-03-27 01:11 - 2021-03-27 01:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-03-27 01:11 - 2021-03-27 01:11 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2021-03-27 01:11 - 2021-03-27 01:11 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll 2021-03-27 01:11 - 2021-03-27 01:11 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv 2021-03-27 01:11 - 2021-03-27 01:11 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2021-03-27 01:10 - 2021-03-27 01:10 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2021-03-27 01:10 - 2021-03-27 01:10 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-03-27 01:10 - 2021-03-27 01:10 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-03-27 01:10 - 2021-03-27 01:10 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-03-27 01:10 - 2021-03-27 01:10 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl 2021-03-27 01:10 - 2021-03-27 01:10 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-03-27 01:10 - 2021-03-27 01:10 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-03-27 01:10 - 2021-03-27 01:10 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe 2021-03-27 01:10 - 2021-03-27 01:10 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb 2021-03-27 01:10 - 2021-03-27 01:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-03-27 01:10 - 2021-03-27 01:10 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2021-03-27 01:10 - 2021-03-27 01:10 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2021-03-27 01:09 - 2021-03-27 01:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-03-27 01:09 - 2021-03-27 01:09 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-03-27 01:09 - 2021-03-27 01:09 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-03-27 01:09 - 2021-03-27 01:09 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-03-27 01:09 - 2021-03-27 01:09 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-03-27 01:09 - 2021-03-27 01:09 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll 2021-03-27 01:09 - 2021-03-27 01:09 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-03-27 01:09 - 2021-03-27 01:09 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-03-27 01:09 - 2021-03-27 01:09 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-03-27 01:09 - 2021-03-27 01:09 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2021-03-27 01:09 - 2021-03-27 01:09 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll 2021-03-27 01:08 - 2021-03-27 01:08 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin 2021-03-27 01:08 - 2021-03-27 01:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-03-27 01:08 - 2021-03-27 01:08 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll 2021-03-27 01:08 - 2021-03-27 01:08 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-03-27 01:08 - 2021-03-27 01:08 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-03-27 01:08 - 2021-03-27 01:08 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll 2021-03-27 01:08 - 2021-03-27 01:08 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2021-03-27 01:08 - 2021-03-27 01:08 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll 2021-03-27 01:08 - 2021-03-27 01:08 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2021-03-27 01:08 - 2021-03-27 01:08 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll 2021-03-27 01:08 - 2021-03-27 01:08 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv 2021-03-27 01:08 - 2021-03-27 01:08 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-03-27 00:46 - 2021-03-27 00:46 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml 2021-03-27 00:46 - 2021-03-27 00:46 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files\Reference Assemblies 2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files\MSBuild 2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files (x86)\MSBuild 2021-03-23 01:20 - 2021-04-08 05:16 - 000000000 ___DC C:\WINDOWS\Panther 2021-03-23 00:56 - 2021-03-23 00:56 - 000000000 ___HD C:$WinREAgent 2021-03-16 19:49 - 2021-03-30 19:52 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2021-04-13 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-13 00:12 - 2019-12-07 16:55 - 000789518 _____ C:\WINDOWS\system32\perfh00A.dat 2021-04-13 00:12 - 2019-12-07 16:55 - 000155870 _____ C:\WINDOWS\system32\perfc00A.dat 2021-04-13 00:12 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-12 22:31 - 2016-11-28 20:03 - 000000000 ___RD C:\Users\ALBERTO\OneDrive 2021-04-12 20:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-12 17:22 - 2021-01-25 16:33 - 000000000 ____D C:\Program Files\CCleaner 2021-04-11 18:44 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-11 14:48 - 2021-01-25 16:39 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-04-11 13:40 - 2017-12-29 15:53 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Telegram Desktop 2021-04-10 19:23 - 2018-07-09 23:15 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\CrashDumps 2021-04-10 19:21 - 2021-01-25 16:33 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk 2021-04-10 15:50 - 2015-12-01 17:50 - 000000000 ____D C:\Program Files (x86)\Lenovo 2021-04-10 15:30 - 2016-11-28 20:00 - 000000000 __SHD C:\Users\ALBERTO\IntelGraphicsProfiles 2021-04-10 15:29 - 2020-03-20 19:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-04-10 15:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-10 15:28 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-04-10 15:23 - 2020-04-12 00:05 - 000000000 ____D C:\Program Files\Common Files\AV 2021-04-10 14:46 - 2020-01-12 16:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-04-10 14:34 - 2018-03-28 20:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-04-10 12:37 - 2020-06-15 16:03 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-10 00:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-09 23:34 - 2017-01-02 14:37 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-04-09 23:25 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-09 23:25 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-04-08 17:55 - 2020-11-16 19:11 - 000000678 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001.job 2021-04-08 17:55 - 2020-11-16 19:11 - 000000582 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001.job 2021-04-08 17:42 - 2020-11-16 19:11 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\GoToMeeting 2021-04-06 23:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-04-05 17:16 - 2016-11-28 20:01 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\Lenovo 2021-04-05 17:16 - 2015-12-01 17:52 - 000000000 ____D C:\Program Files\Lenovo 2021-04-05 17:16 - 2015-12-01 17:50 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2021-04-05 17:15 - 2020-03-12 20:15 - 000000000 ____D C:\WINDOWS\Lenovo 2021-04-05 17:15 - 2017-04-13 11:49 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Samsung 2021-04-05 17:15 - 2015-12-01 18:07 - 000000000 ____D C:\ProgramData\Lenovo 2021-04-04 20:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-04-02 20:23 - 2017-12-29 17:16 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\Packages 2021-04-02 13:41 - 2021-01-25 14:45 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-02 13:41 - 2021-01-25 14:45 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-04-02 13:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat 2021-04-01 22:14 - 2021-01-26 21:08 - 000000000 ____D C:\Users\ALBERTO\Desktop\VARIOS 2021-04-01 19:51 - 2017-04-13 11:45 - 000000000 ____D C:\Program Files (x86)\Samsung 2021-04-01 19:51 - 2015-12-01 17:52 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2021-04-01 19:50 - 2017-04-13 11:45 - 000000000 ____D C:\ProgramData\Samsung 2021-04-01 14:20 - 2017-04-06 23:30 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-03-30 22:18 - 2018-06-12 23:26 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\PlaceholderTileLogoFolder 2021-03-28 23:11 - 2019-12-07 16:56 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2021-03-27 13:09 - 2019-08-17 22:32 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\PackageStaging 2021-03-27 06:35 - 2020-10-02 23:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-03-27 04:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-03-27 03:52 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-03-27 03:52 - 2018-07-02 23:23 - 000000000 ____D C:\ProgramData\Packages 2021-03-27 03:52 - 2015-07-16 17:49 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-03-27 03:51 - 2017-12-29 17:38 - 000000000 ___RD C:\Users\ALBERTO\3D Objects 2021-03-27 03:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-03-27 03:41 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT 2021-03-27 03:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate 2021-03-27 03:40 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-03-27 03:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration 2021-03-27 02:36 - 2016-12-30 14:46 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat 2021-03-27 01:57 - 2020-04-14 11:28 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2021-03-27 01:57 - 2019-04-23 22:06 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome 2021-03-27 01:57 - 2017-12-29 15:53 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2021-03-27 01:57 - 2017-11-23 22:52 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-03-27 01:50 - 2017-08-11 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2021-03-27 01:50 - 2017-08-11 19:52 - 000000000 ____D C:\Program Files\Elantech 2021-03-27 01:50 - 2017-08-11 19:52 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2021-03-27 01:43 - 2021-01-25 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2021-03-27 01:43 - 2020-11-20 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2021-03-27 01:43 - 2020-04-15 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.4 2021-03-27 01:43 - 2020-02-25 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoFirma 2021-03-27 01:43 - 2020-01-02 22:06 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016 2021-03-27 01:43 - 2020-01-02 22:00 - 000000000 ____D C:\WINDOWS\SHELLNEW 2021-03-27 01:43 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup 2021-03-27 01:43 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool 2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-03-27 01:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2021-03-27 01:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2021-03-27 01:43 - 2017-11-23 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-03-27 01:43 - 2017-08-11 19:53 - 000000000 ____D C:\Program Files\CONEXANT 2021-03-27 01:43 - 2017-08-11 19:52 - 000000000 ____D C:\Program Files\Intel 2021-03-27 01:43 - 2017-05-24 20:06 - 000000000 ____D C:\Program Files\UNP 2021-03-27 01:43 - 2016-12-13 21:56 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-03-27 01:43 - 2016-12-12 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2021-03-27 01:43 - 2015-12-04 11:36 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles 2021-03-27 01:43 - 2015-12-04 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2021-03-27 01:43 - 2015-12-04 11:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2021-03-27 01:43 - 2015-12-01 18:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8 2021-03-27 01:42 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries 2021-03-27 01:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources 2021-03-27 01:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help 2021-03-27 01:36 - 2015-12-04 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant 2021-03-27 01:25 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-03-27 01:25 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-03-27 01:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-03-27 01:23 - 2019-12-07 16:57 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-03-27 01:23 - 2019-12-07 16:57 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\winrm 2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\WCN 2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\slmgr 2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2021-03-27 00:44 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\dsc 2021-03-27 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2021-03-27 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI 2021-03-14 22:27 - 2021-03-02 23:20 - 000429944 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll 2021-03-14 22:27 - 2021-03-02 23:20 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll 2021-03-14 22:27 - 2021-03-02 23:20 - 000062392 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe 2021-03-14 22:27 - 2017-12-16 22:26 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll 2021-03-14 13:56 - 2020-03-20 19:07 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\TeamViewer
==================== Archivos en la raíz de algunos directorios ========
2018-10-30 15:02 - 2018-10-30 15:50 - 000004608 _____ () C:\Users\ALBERTO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================
Aquí dejo el segundo de los reportes : ADDITION
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 11-04-2021 Ejecutado por ALBERTO (13-04-2021 00:27:48) Ejecutado desde C:\Users\ALBERTO\Desktop Windows 10 Home Versión 20H2 19042.867 (X64) (2021-03-27 01:47:30) Modo de Inicio: Normal
==================== Cuentas: =============================
Administrador (S-1-5-21-2614724653-299048476-2895592305-500 - Administrator - Disabled) ALBERTO (S-1-5-21-2614724653-299048476-2895592305-1001 - Administrator - Enabled) => C:\Users\ALBERTO DefaultAccount (S-1-5-21-2614724653-299048476-2895592305-503 - Limited - Disabled) Invitado (S-1-5-21-2614724653-299048476-2895592305-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2614724653-299048476-2895592305-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4} AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649} FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1} FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Programas instalados ======================
(Solo los programas de adware con indicador “Oculto”, pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Español (HKLM-x32…{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated) aTube Catcher versión 3.8 (HKLM-x32…{D43B360E-722D-421B-BC77-20B9E0F8B6CD}is1) (Version: 3.8 - DsNET Corp) AutoFirma (HKLM-x32…\AutoFirma) (Version: 1.6.5 - Gobierno de España) CCleaner (HKLM…\CCleaner) (Version: 5.78 - Piriform) Conexant HD Audio (HKLM…\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant) Dolby Digital Plus Advanced Audio (HKLM…{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc) Dropbox (HKLM-x32…\Dropbox) (Version: 119.4.1772 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32…{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden Eines de correcció del Microsoft Office 2016: català (HKLM…{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM…{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32…\Google Chrome) (Version: 89.0.4389.114 - Google LLC) GoTo Opener (HKLM-x32…{C2A61D74-BB65-42AD-B81F-AC25E1F7DE02}) (Version: 1.0.536 - LogMeIn, Inc.) GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.) Herramientas de corrección de Microsoft Office 2016: español (HKLM…{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Intel(R) Management Engine Components (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32…{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM…{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32…{F1C8272B-5DAF-49BA-B694-A1D4747F6432}) (Version: 17.1.1530.1669 - Intel Corporation) Java 8 Update 271 (HKLM-x32…{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation) Lenovo EasyCamera (HKLM-x32…{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.) Lenovo FusionEngine (HKLM-x32…\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo OneKey Recovery (HKLM…{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden Lenovo OneKey Recovery (HKLM-x32…\InstallShield{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Lenovo pointing device (HKLM…\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.) LibreOffice 6.4.2.2 (HKLM…{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation) Malwarebytes version 4.3.0.98 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Manuales de usuario (HKLM-x32…{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden Metric Collection SDK 35 (HKLM-x32…{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft Edge (HKLM-x32…\Microsoft Edge) (Version: 89.0.774.75 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM…\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM…{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32…{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM…\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation) Realtek Card Reader (HKLM-x32…{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32…{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM…{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Revo Uninstaller Pro 4.4.2 (HKLM…{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.2 - VS Revo Group, Ltd.) Samsung USB Driver for Mobile Phones (HKLM…{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.) Servicio Lenovo Vantage (HKLM-x32…\VantageSRV_is1) (Version: 3.3.115.0 - Lenovo Group Ltd.) Software Intel® PROSet/Wireless (HKLM-x32…{af70f8b2-e114-485d-9f21-da50d8571c40}) (Version: 20.10.0 - Intel Corporation) Software para dispositivos de chipset Intel® (HKLM-x32…{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden TeamViewer (HKLM-x32…\TeamViewer) (Version: 15.14.5 - TeamViewer) Telegram Desktop version 2.7.1 (HKU\S-1-5-21-2614724653-299048476-2895592305-1001…{53F49750-6209-4FBF-9CA8-7A333C87D1ED}is1) (Version: 2.7.1 - Telegram FZ-LLC) Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM…{90160000-0011-0000-1000-0000000FF1CE}Office16.PROPLUS{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM…{90160000-00C1-0000-1000-0000000FF1CE}Office16.PROPLUS{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM…{90160000-012B-0C0A-1000-0000000FF1CE}Office16.PROPLUS{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) User Manuals (HKLM-x32…\InstallShield{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Vulkan Run Time Libraries 1.0.33.0 (HKLM…\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM…\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.) WebAdvisor de McAfee (HKLM-x32…{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.582 - McAfee, LLC) WinRAR 5.80 (64-bit) (HKLM…\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
Autodesk SketchBook → C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2021-01-24] (Autodesk Inc.) Complemento de Fotos → C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) Complemento de motor del medio de Fotos → C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation) Coolle VLLC Media Player for Windows 10 → C:\Program Files\WindowsApps\37309CoolLeGetInc.CoolleVLCMediaPlayerforWindows10_1.0.16.0_neutral__g0y9d13zmhd68 [2021-02-10] (CoolLeGet Inc) DS video → C:\Program Files\WindowsApps\999289FE.DSvideo_1.5.69.0_x64__g23c5rrjyxaaj [2021-01-24] (Synology Inc.) Extensión de vídeo MPEG-2 → C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation) Lenovo Settings → C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2021-01-24] (LENOVO INCORPORATED.) Lenovo Vantage → C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-11] (LENOVO INC.) Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation) [MS Ad] Portal de cuenta de Lenovo → C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2021-01-24] (LENOVO INCORPORATED.) QR Code for Windows 10 → C:\Program Files\WindowsApps\17036IYIA.QRCodeforWindows10_6.4.2.0_x64__dggz0n4pnn0ge [2021-03-26] (IYIA) Twitter → C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2021-01-24] (Twitter Inc.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-2614724653-299048476-2895592305-1001_Classes\CLSID{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 → C:\Users\ALBERTO\AppData\Local\GoToMeeting\18962\G2MOutlookAddin64.dll (LogMeIn, Inc. → LogMeIn, Inc.) CustomCLSID: HKU\S-1-5-21-2614724653-299048476-2895592305-1001_Classes\CLSID{E31EA727-12ED-4702-820C-4B6445F28E1A} → [Dropbox] => C:\Users\ALBERTO\Dropbox [2017-04-06 23:36] ShellIconOverlayIdentifiers: [ DropboxExt01] → {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] → {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] → {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] → {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] → {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] → {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] → {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] → {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] → {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] → {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] → {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] → {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] → {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] → {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] → {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] → {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] → {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] → {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] → {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] → {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] → {23170F69-40C1-278A-1000-000100020000} => → Ningún archivo ContextMenuHandlers1: [ANotepad++64] → {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => → Ningún archivo ContextMenuHandlers1: [BriefcaseMenu] → {85BBD920-42A0-1069-A2E4-08002B30309D} => → Ningún archivo ContextMenuHandlers1: [CLVDShellExt] → {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => → Ningún archivo ContextMenuHandlers1: [DropboxExt] → {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ContextMenuHandlers1: [SHAREit.FileContextMenuExt] → {430BD134-576D-4E75-87CD-0F5C6221A82B} => → Ningún archivo ContextMenuHandlers1: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH → Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH → Alexander Roshal) ContextMenuHandlers2: [CLVDShellExt] → {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => → Ningún archivo ContextMenuHandlers3: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-25] (Malwarebytes Corporation → Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] → {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => → Ningún archivo ContextMenuHandlers4: [7-Zip] → {23170F69-40C1-278A-1000-000100020000} => → Ningún archivo ContextMenuHandlers4: [DropboxExt] → {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ContextMenuHandlers4: [Offline Files] → {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => → Ningún archivo ContextMenuHandlers4: [SHAREit.FileContextMenuExt] → {430BD134-576D-4E75-87CD-0F5C6221A82B} => → Ningún archivo ContextMenuHandlers5: [DropboxExt] → {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc → Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] → {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => → Ningún archivo ContextMenuHandlers5: [igfxDTCM] → {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxDTCM.dll [2018-09-06] (Microsoft Windows Hardware Compatibility Publisher → Intel Corporation) ContextMenuHandlers6: [BriefcaseMenu] → {85BBD920-42A0-1069-A2E4-08002B30309D} => → Ningún archivo ContextMenuHandlers6: [MBAMShlExt] → {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-25] (Malwarebytes Corporation → Malwarebytes) ContextMenuHandlers6: [Offline Files] → {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => → Ningún archivo ContextMenuHandlers6: [RUShellExt] → {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. → VS Revo Group) ContextMenuHandlers6: [WinRAR] → {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH → Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] → {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH → Alexander Roshal)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM…\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\ALBERTO\Desktop\CANALES MOVISTAR.lnk → C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) → --profile-directory=Default --app-id=hkgpanfagbakkedomaocbfiibceknhlh ShortcutWithArgument: C:\Users\ALBERTO\Desktop\CORREO AYUNTAMIENTO.lnk → C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) → --profile-directory=Default --app-id=knofleilnncdcdkmghjgieheocegmnmk ShortcutWithArgument: C:\Users\ALBERTO\Desktop\Instagram.lnk → C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) → --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm ShortcutWithArgument: C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\CANALES MOVISTAR.lnk → C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) → --profile-directory=Default --app-id=hkgpanfagbakkedomaocbfiibceknhlh ShortcutWithArgument: C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\CORREO AYUNTAMIENTO.lnk → C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) → --profile-directory=Default --app-id=knofleilnncdcdkmghjgieheocegmnmk ShortcutWithArgument: C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Instagram.lnk → C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) → --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm
==================== Módulos cargados (Lista blanca) =============
2015-07-22 11:44 - 2015-07-22 11:44 - 000285184 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll 2015-07-22 11:44 - 2015-07-22 11:44 - 000562688 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll 2021-02-13 00:03 - 2020-05-30 21:04 - 001638912 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\x64\SQLite.Interop.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com SearchScopes: HKU\S-1-5-21-2614724653-299048476-2895592305-1001 → DefaultScope {03D7C72E-29E4-470C-839D-0068BF828710} URL = BHO: Skype for Business Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-10-13] (Microsoft Corporation → Microsoft Corporation) BHO: McAfee WebAdvisor → {B164E929-A1B6-4A06-B104-2CD0E90A88FF} → C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-03-26] (McAfee, LLC → McAfee, LLC) BHO: Microsoft OneDrive for Business Browser Helper → {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} → C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation → Microsoft Corporation) BHO-x32: Skype for Business Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-11-12] (Microsoft Corporation → Microsoft Corporation) BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-20] (Oracle America, Inc. → Oracle Corporation) BHO-x32: McAfee WebAdvisor → {B164E929-A1B6-4A06-B104-2CD0E90A88FF} → C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-03-26] (McAfee, LLC → McAfee, LLC) BHO-x32: Microsoft OneDrive for Business Browser Helper → {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} → C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation → Microsoft Corporation) BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-20] (Oracle America, Inc. → Oracle Corporation) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation → Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation → Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation → Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation → Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Ningún archivo
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2015-07-10 13:04 - 2020-01-12 16:56 - 000000027 ____N C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path → C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;%SYSTEMROOT%\System32\OpenSSH;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files\AutoFirma\AutoFirma HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Control Panel\Desktop\Wallpaper → C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg DNS Servers: 80.58.61.250 - 80.58.61.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: NortonSecurity => 2 HKLM…\StartupApproved\Run32: => “KiesTrayAgent” HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\StartupApproved\Run: => “OneDrive” HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\StartupApproved\Run: => “TomTomHOME.exe” HKU\S-1-5-21-2614724653-299048476-2895592305-1001…\StartupApproved\Run: => “Discord”
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{DC616697-4E90-4A61-A5D4-7A6A9322D243}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH → TeamViewer Germany GmbH) FirewallRules: [{D2DB6929-777F-4285-9236-1033EF7B4F1C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH → TeamViewer Germany GmbH) FirewallRules: [{E4E774AF-058C-4E1D-A9D5-2D2936AC9B85}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH → TeamViewer Germany GmbH) FirewallRules: [{1B78C2CB-8397-4B58-97EF-046C6CED2D84}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH → TeamViewer Germany GmbH) FirewallRules: [{3A5BD2E7-72CC-46EF-8749-9DFD1A63A847}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.) FirewallRules: [{CF5BCE23-85D0-4D31-BADB-68B7A7B9ED63}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.) FirewallRules: [{34A26D7E-BF60-4052-B7BA-C9F069A1B87A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.) FirewallRules: [{019C79F7-C9D4-4B50-B4F8-01EF27B7F2B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.) FirewallRules: [{6592B5CE-3495-43B0-A4A9-AF6AC7962E12}] => (Allow) C:\Users\ALBERTO\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. → Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{40C28085-34A2-4301-B23C-5259416B9EA2}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Block) C:\program files\autofirma\autofirma\jre\bin\javaw.exe FirewallRules: [TCP Query User{CB5DBC5D-C020-4572-B5D3-55C21B167742}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Block) C:\program files\autofirma\autofirma\jre\bin\javaw.exe FirewallRules: [{0742CD6B-0A7F-40E6-9186-45AD99305ECB}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation → Microsoft Corporation) FirewallRules: [{71F2A275-57CA-4393-A2E0-A28EF0EEF05C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation → Microsoft Corporation) FirewallRules: [{7AB9ACB1-4036-4828-A9B5-3EE7D2E25B83}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation → Microsoft Corporation) FirewallRules: [{95886008-0AB7-4D86-8E6B-F9E68636E9BA}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation → Microsoft Corporation) FirewallRules: [{A0815FEF-0194-476C-98D2-8846F3BDC553}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc → Dropbox, Inc.) FirewallRules: [{24BDCB96-8C46-495E-A08E-0E53452BCC7E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC → Google LLC)
==================== Puntos de Restauración =========================
10-04-2021 15:50:11 AdwCleaner_BeforeCleaning_10/04/2021_15:50:11 10-04-2021 15:54:12 JRT Pre-Junkware Removal
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
Error: (04/13/2021 12:11:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: GDCAgent.exe, versión: 1.0.1.6, marca de tiempo: 0x55b8998c Nombre del módulo con errores: GDCAgent.exe, versión: 1.0.1.6, marca de tiempo: 0x55b8998c Código de excepción: 0xc0000005 Desplazamiento de errores: 0x00020fb8 Identificador del proceso con errores: 0x2604 Hora de inicio de la aplicación con errores: 0x01d72e0dd7c63a5c Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe Ruta de acceso del módulo con errores: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe Identificador del informe: fedb7ee1-9750-478f-a5d6-f7b01bbf62e4 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores:
Error: (04/12/2021 11:24:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: MsMpEng.exe, versión: 4.18.1911.3, marca de tiempo: 0x2c9b5e9d Nombre del módulo con errores: mprtp.dll, versión: 4.18.1911.3, marca de tiempo: 0xf2142587 Código de excepción: 0xc0000409 Desplazamiento de errores: 0x00000000000842ed Identificador del proceso con errores: 0x2e14 Hora de inicio de la aplicación con errores: 0x01d72faffe77a733 Ruta de acceso de la aplicación con errores: C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe Ruta de acceso del módulo con errores: C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\mprtp.dll Identificador del informe: 0ddbccb9-497b-428b-8ced-fe76b1f83365 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores:
Error: (04/11/2021 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: No se completó la copia de seguridad debido a un error al escribir en la ubicación de copia de seguridad F:. El error es: La ubicación de copia de seguridad no se encuentra o no es válida. Revisa la configuración de copia de seguridad y comprueba la ubicación de copia de seguridad. (0x81000006).
Error: (04/11/2021 10:42:49 AM) (Source: ESENT) (EventID: 455) (User: ) Description: DllHost (7436,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) al abrir un archivo de registro C:\Users\ALBERTO\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (04/11/2021 10:42:49 AM) (Source: ESENT) (EventID: 490) (User: ) Description: DllHost (7436,R,98) WebCacheLocal: Al intentar abrir el archivo “C:\Users\ALBERTO\AppData\Local\Microsoft\Windows\WebCache\V01.log” para acceso de lectura y escritura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (04/11/2021 10:42:33 AM) (Source: ESENT) (EventID: 455) (User: ) Description: DllHost (7436,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) al abrir un archivo de registro C:\Users\ALBERTO\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (04/11/2021 10:42:32 AM) (Source: ESENT) (EventID: 490) (User: ) Description: DllHost (7436,R,98) WebCacheLocal: Al intentar abrir el archivo “C:\Users\ALBERTO\AppData\Local\Microsoft\Windows\WebCache\V01.log” para acceso de lectura y escritura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (04/11/2021 02:14:28 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: El optimizador de almacenamiento no pudo completar volver a optimizar en LENOVO (D:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Errores del sistema:
Error: (04/13/2021 12:11:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio GDCAgent se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (04/12/2021 11:35:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x8024200b: Actualización de la plataforma antimalware de Windows Defender Antivirus - KB4052623 (versión 4.18.2001.10).
Error: (04/12/2021 11:24:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Servicio Antivirus de Microsoft Defender terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 100 milisegundos: Ejecutar el programa de recuperación configurado.
Error: (04/12/2021 05:33:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio System Interface Foundation Service no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado.
Error: (04/12/2021 05:22:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x8024200b: Actualización de la plataforma antimalware de Windows Defender Antivirus - KB4052623 (versión 4.18.2001.10).
Error: (04/12/2021 05:19:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio System Interface Foundation Service no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado.
Error: (04/12/2021 05:19:55 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-TCQ476TQ) Description: El servidor Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (04/12/2021 05:18:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: El servicio System Interface Foundation Service no pudo iniciarse debido al siguiente error: El sistema no puede encontrar el archivo especificado.
Windows Defender:
Date: 2021-04-10 23:41:55 Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {F361CDB1-1074-4401-A81D-44C2160D2FA6} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-10 19:41:34 Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {9CA6B3EB-8B7A-4097-817D-FE20D0577605} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-10 18:25:16 Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {EEFC7682-DA3E-47E3-A0B2-EDE8992309CC} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-10 00:14:36 Description: El examen de Antivirus de Microsoft Defender se detuvo antes de completarse. Id. de examen: {08118407-8D31-4D67-A725-8DD51724D464} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-10 14:56:12 Description: Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.335.552.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.18000.5 Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Date: 2021-04-10 14:46:02 Description: La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error: Característica: Durante el acceso Código de error: 0x8007043c Descripción del error: El servicio no puede iniciarse en modo a prueba de errores Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2021-04-09 23:36:45 Description: Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad. Nueva versión de inteligencia de seguridad: Versión anterior de inteligencia de seguridad: 1.313.1307.0 Origen de actualización: Servidor de Microsoft Update Tipo de inteligencia de seguridad: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión actual del motor: Versión anterior del motor: 1.1.16900.4 Código de error: 0x80070643 Descripción del error: Error irrecuperable durante la instalación.
Date: 2021-04-09 23:36:43 Description: Antivirus de Microsoft Defender encontró un error al intentar actualizar el motor. Nueva versión de motor: 1.1.18000.5 Versión de motor anterior: 1.1.16900.4 Usuario: NT AUTHORITY\SYSTEM Código de error: 0x8050800c Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico.
CodeIntegrity:
Date: 2021-04-12 23:24:23 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2021-04-09 23:00:58 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.21.2.50\symamsi.dll that did not meet the Microsoft signing level requirements.
==================== Información de la memoria ===========================
BIOS: LENOVO D5CN47WW 08/26/2016 Placa base: LENOVO Paris 5A8 Procesador: Intel(R) Core™ i7-6500U CPU @ 2.50GHz Porcentaje de memoria en uso: 77% RAM física total: 8051.91 MB RAM física disponible: 1844.42 MB Virtual total: 9937.55 MB Virtual disponible: 2253.23 MB
==================== Unidades ================================
Drive c: (Windows) (Fixed) (Total:884.47 GB) (Free:739.19 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.06 GB) NTFS
\?\Volume{58007887-c3ba-4e22-a863-8d1454dbc658}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS \?\Volume{59924cb7-279f-4c3c-98c6-8b935c2f4b32}\ (LENOVO_PART) (Fixed) (Total:19.82 GB) (Free:7.27 GB) NTFS \?\Volume{06b50945-63ac-47e8-84ea-7c35de092937}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Tabla de particiones ====================
========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: DCF2148E)
Partition: GPT.
==================== Final de Addition.txt =======================
Hola, buenas @forta
Disculpa que haya tardado en responder. Analizar dichos logs es algo que no se hace en 5 min. y si no están bien puestos estéticamente a nivel de formato pues es una tortura y es casi imposible analizarlos.
Ponlos de nuevo por favor tal y como te indique debes de ponerlo entre las etiquetas de code:
Salu2.
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 11-04-2021
Ejecutado por ALBERTO (administrador) sobre LAPTOP-TCQ476TQ (LENOVO 80Q7) (13-04-2021 16:05:45)
Ejecutado desde C:\Users\ALBERTO\Desktop
Perfiles cargados: ALBERTO
Platform: Windows 10 Home Versión 20H2 19042.867 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\119.4.1772\QtWebEngineProcess.exe <2>
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-03-30] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\Run: [53BCB50F32F7089E9B0E3706FF13A4AAB9B4FF19._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {01E35EF6-44AE-4414-A6A6-D53C05CB9455} - \Lenovo\ImController\TimeBasedEvents\41d00699-c02c-41d6-a268-6a6de4f4cdad -> Ningún archivo <==== ATENCIÓN
Task: {0259C9B1-827A-4E29-9CEB-314FCCF66AD1} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Ningún archivo <==== ATENCIÓN
Task: {02BB7FBD-DD16-4E5A-8D9C-A42400DCD179} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {081E2E9A-7FDB-4F2D-B320-ECC626C08B4E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-06] (LENOVO -> Lenovo)
Task: {0DCB5533-CE15-4100-875D-E2FC8493D006} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {14FD2B23-2E74-463F-B570-2BB31E89DB99} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {19EFA77A-2E63-4ABC-BDCB-F335319C2708} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\ALBERTO\Downloads\ESETOnlineScanner_ESL.exe
Task: {2034E620-B022-4E7C-A6F4-1B6F786E9E67} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\ScheduleEventAction.exe [13240 2020-07-09] (Lenovo -> Lenovo Group Ltd.)
Task: {296AC455-7293-444C-8953-0188FA9ED84A} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {2AAEAD35-4E82-41D3-99CA-D5BC9EE83C5D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C595B00-B11B-4F07-A873-5ED2856109DA} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Ningún archivo <==== ATENCIÓN
Task: {2F33D2E0-D649-418D-8005-9D5A4AB858B8} - \Lenovo\ImController\TimeBasedEvents\a1653e63-af0f-4142-8c3e-57a85dd5ec0f -> Ningún archivo <==== ATENCIÓN
Task: {30D5CBBB-E291-4FC3-B410-7BFF022277D4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {351ADF56-36E6-45DB-A094-798686C448BB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\ALBERTO\Downloads\ESETOnlineScanner_ESL.exe
Task: {4E8B96C3-93B8-463E-B35C-305AB87A938A} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {57822FCB-5FF5-4AD1-93D0-870BC88941A6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5F3D557A-E60F-4813-899B-713FD18D8D37} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {65801DDB-FB30-4B6C-AF46-A7529B8D3726} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe
Task: {65DB49F3-8473-4ACF-A0AC-5408DA31209F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A17DA86-64DC-4C25-B5F9-DBA12E218C8D} - System32\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001 => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-08] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {7C606F97-CA58-461A-8A69-1B2BD0276A3F} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe
Task: {7C96DE06-11DF-4E28-AC31-03DE8D6D3F33} - \Lenovo\ImController\TimeBasedEvents\86fb1487-40ae-41b0-94a7-092737c32da2 -> Ningún archivo <==== ATENCIÓN
Task: {7F17FB83-6F3F-41E4-B6DB-36F1929D428A} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {8BE9A27F-E4BF-4811-86B2-03591C4A498F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {8F8706D2-4255-4372-86A2-14838465A83C} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {9146C4B8-BC30-4A39-944D-C86C6D0C43E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {94357371-788A-48B1-A757-4AE8E4DA0395} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe
Task: {9E597A12-4D3B-43EF-A123-925DED2C55E4} - \Lenovo\ImController\TimeBasedEvents\711decec-f0e3-4965-a0a1-9d66460ed853 -> Ningún archivo <==== ATENCIÓN
Task: {9FE04BAE-9E71-4391-976D-6360F0FB9D0A} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {A08B0F86-8ABA-4008-A443-97DBCF39C085} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BC0FC313-9F06-4827-A70A-51DEE65FA838} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF7657FA-F78E-4A28-965D-968C82F37CE1} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {C4999162-F483-451C-9EC5-735D9CA04D24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C87BFF5E-658B-4AE6-B922-C7086408953D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {CE47F755-A9C6-4BCC-96E5-DACC03DD548B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CF26A032-3D94-4A16-BB79-F640E664535B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Ningún archivo <==== ATENCIÓN
Task: {D13F36CF-117C-4C29-A064-14861024F58C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC -> Google LLC)
Task: {D999E38A-5E37-422F-ABB3-6CB5602FEFA1} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe
Task: {E27E95F1-BDAD-447F-9629-12106E70C1DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC -> Google LLC)
Task: {F188E05D-8547-4455-8352-F3B8CB261E9A} - System32\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001 => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-08] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {F20DBB6F-967D-4573-A838-42BF2F8EF183} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
Task: {FF5B609A-4789-4944-93E7-38D311623B83} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001.job => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001.job => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupload.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{940beb9b-c103-45fa-a19e-6582db76af14}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{bfd3d4cc-5f03-4e12-a10a-685129ef2128}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Edge:
=======
DownloadDir: C:\Users\ALBERTO\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\ALBERTO\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-13]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF ProfilePath: C:\Users\ALBERTO\AppData\Roaming\TomTom\HOME\Profiles\37smhuan.default [2019-10-26]
FF Extension: (Sin Nombre) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected] [no encontrado]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-03-26] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-11-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2614724653-299048476-2895592305-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\ALBERTO\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default [2021-04-13]
CHR HomePage: Default -> hxxp://es.msn.com/
CHR DefaultSearchURL: Default -> hxxp://ver.movistarplus.es/favicon.png
CHR Extension: (Presentaciones) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Documentos) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-28]
CHR Extension: (Adobe Acrobat) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-04-10]
CHR Extension: (Hojas de cálculo) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-06]
CHR Extension: (Norton Safe Web) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-03-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-11]
CHR Extension: (CANALES online en directo - Movistar+) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdnbbimlpkbccknkhcedbdjefmncppai [2020-01-21]
CHR Extension: (CANALES MOVISTAR) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgpanfagbakkedomaocbfiibceknhlh [2021-01-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-10]
CHR Extension: (Player para ver Movistar+) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2020-11-11]
CHR Extension: (CORREO AYUNTAMIENTO) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\knofleilnncdcdkmghjgieheocegmnmk [2021-01-25]
CHR Extension: (Instagram) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2021-01-26]
CHR Extension: (Webmail :: Bienvenido a Webmail) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbgkppeojbfednnokjgmelaoliifghjm [2020-11-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (PDF Viewer) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2021-04-10]
CHR Extension: (SERIES online - Yomvi es Movistar+ en...) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipjkcpcfjccacfcdjbploglkejhophd [2019-04-23]
CHR Extension: (Gmail) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11]
CHR Profile: C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\ALBERTO\AppData\Roaming\Opera Software\Opera Stable [2020-01-12]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.es/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-03-30] (Dropbox, Inc -> Dropbox, Inc.)
S2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe [18360 2020-07-09] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-25] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-03-26] (McAfee, LLC -> McAfee, LLC)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-11] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl320a68c4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C8571FF-8449-4316-BC8F-94785145EAF8}\MpKslDrv.sys [97528 2021-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2020-02-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-25] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 MpKsl93ac1a54; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B58908CE-99B9-40FB-8FBC-75E60117B920}\MpKslDrv.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2021-04-13 16:05 - 2021-04-13 16:07 - 000026131 _____ C:\Users\ALBERTO\Desktop\FRST.txt
2021-04-13 16:00 - 2021-04-13 16:00 - 000000000 ____D C:\Users\ALBERTO\Desktop\Nueva carpeta
2021-04-13 00:13 - 2021-04-13 16:06 - 000000000 ____D C:\FRST
2021-04-13 00:02 - 2021-04-13 00:02 - 002297856 _____ (Farbar) C:\Users\ALBERTO\Desktop\FRST64.exe
2021-04-12 23:21 - 2021-04-12 23:21 - 006029210 _____ C:\Users\ALBERTO\Downloads\ilovepdf_extracted-pages (1).zip
2021-04-12 20:15 - 2021-04-12 20:15 - 000488024 _____ C:\Users\ALBERTO\Downloads\CamScanner 11-20-2020 17.05.pdf
2021-04-12 18:55 - 2021-04-12 18:56 - 000789797 _____ C:\Users\ALBERTO\Downloads\Certificado empleador baja Alicia García Reyes (2).pdf
2021-04-12 18:54 - 2021-04-12 18:54 - 000789797 _____ C:\Users\ALBERTO\Downloads\Certificado empleador baja Alicia García Reyes (1).pdf
2021-04-12 18:53 - 2021-04-12 18:53 - 000789797 _____ C:\Users\ALBERTO\Downloads\Certificado empleador baja Alicia García Reyes.pdf
2021-04-12 18:12 - 2021-04-12 18:12 - 001077893 _____ C:\Users\ALBERTO\Downloads\ilovepdf_extracted-pages.zip
2021-04-12 17:58 - 2021-04-12 17:58 - 000034683 _____ C:\Users\ALBERTO\Downloads\DOC120421-12042021114705-3 (1).pdf
2021-04-12 17:50 - 2021-04-12 17:50 - 000034683 _____ C:\Users\ALBERTO\Downloads\DOC120421-12042021114705-3.pdf
2021-04-12 17:41 - 2021-04-12 17:41 - 001120422 _____ C:\Users\ALBERTO\Downloads\DOC120421-12042021114705.pdf
2021-04-11 14:48 - 2021-04-11 14:48 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-11 11:33 - 2021-04-11 11:33 - 000000000 ____D C:\Users\ALBERTO\Doctor Web
2021-04-11 11:28 - 2021-04-11 11:32 - 243733136 _____ C:\Users\ALBERTO\Downloads\bz4mgmm8.exe
2021-04-10 23:30 - 2021-04-10 23:30 - 000309104 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_1bdf2134a_klark.sys
2021-04-10 23:28 - 2021-04-10 23:28 - 000224880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_1bdf2134a_mark.sys
2021-04-10 23:28 - 2021-04-10 23:28 - 000127792 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\1bdf2134.sys
2021-04-10 23:26 - 2021-04-10 23:27 - 000000000 ____D C:\KVRT2020_Data
2021-04-10 23:23 - 2021-04-10 23:25 - 102434224 _____ (AO Kaspersky Lab) C:\Users\ALBERTO\Downloads\KVRT.exe
2021-04-10 23:12 - 2021-04-10 23:12 - 000000340 _____ C:\Users\ALBERTO\Desktop\ESET.txt
2021-04-10 19:46 - 2021-04-10 19:47 - 000000787 _____ C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-04-10 19:46 - 2021-04-10 19:46 - 015019488 _____ (ESET spol. s r.o.) C:\Users\ALBERTO\Downloads\esetonlinescanner.exe
2021-04-10 19:46 - 2021-04-10 19:46 - 000000659 _____ C:\Users\ALBERTO\Desktop\ESET Online Scanner.lnk
2021-04-10 19:28 - 2021-04-10 19:28 - 000410712 _____ C:\Users\ALBERTO\Desktop\cc_20210410_192748.reg
2021-04-10 19:20 - 2021-04-10 19:20 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (5).exe
2021-04-10 19:19 - 2021-04-10 19:20 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (4).exe
2021-04-10 19:19 - 2021-04-10 19:19 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (3).exe
2021-04-10 19:19 - 2021-04-10 19:19 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (2).exe
2021-04-10 19:19 - 2021-04-10 19:19 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (1).exe
2021-04-10 19:04 - 2021-04-10 19:04 - 000001713 _____ C:\Users\ALBERTO\Desktop\JustificanteCita.pdf
2021-04-10 16:10 - 2021-04-10 16:10 - 000002777 _____ C:\Users\ALBERTO\Desktop\ZHPCleaner (R).txt
2021-04-10 16:08 - 2021-04-10 16:08 - 000002611 _____ C:\Users\ALBERTO\Desktop\ZHPCleaner (S).txt
2021-04-10 16:00 - 2021-04-10 16:10 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\ZHP
2021-04-10 16:00 - 2021-04-10 16:00 - 000000884 _____ C:\Users\ALBERTO\Desktop\ZHPCleaner.lnk
2021-04-10 16:00 - 2021-04-10 16:00 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\ZHP
2021-04-10 15:58 - 2021-04-10 15:58 - 003325592 _____ (Nicolas Coolman) C:\Users\ALBERTO\Downloads\ZHPCleaner.exe
2021-04-10 15:56 - 2021-04-10 15:57 - 000000873 _____ C:\Users\ALBERTO\Desktop\JRT.txt
2021-04-10 15:52 - 2021-04-10 15:52 - 000001790 _____ C:\Users\ALBERTO\Desktop\AdwCleaner[C01].txt
2021-04-09 16:27 - 2021-04-09 16:27 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\VS Revo Group
2021-04-09 16:26 - 2021-04-09 16:26 - 000001129 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2021-04-09 16:26 - 2021-04-09 16:26 - 000000000 ____D C:\ProgramData\VS Revo Group
2021-04-09 16:26 - 2021-04-09 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-04-09 16:26 - 2021-04-09 16:26 - 000000000 ____D C:\Program Files\VS Revo Group
2021-04-09 16:26 - 2020-10-14 04:07 - 000038400 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2021-04-09 07:05 - 2021-04-09 07:06 - 016509944 _____ (VS Revo Group ) C:\Users\ALBERTO\Downloads\RevoUninProSetup.exe
2021-04-08 22:42 - 2021-04-08 22:42 - 007495512 _____ (VS Revo Group ) C:\Users\ALBERTO\Downloads\revosetup.exe
2021-04-08 17:31 - 2021-04-08 17:31 - 007495512 _____ (VS Revo Group ) C:\Users\ALBERTO\Downloads\revo-uninstaller-2-2-5.exe
2021-04-08 00:24 - 2021-04-08 00:25 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\ALBERTO\Downloads\NRnR (1).exe
2021-04-08 00:22 - 2021-04-08 00:23 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\ALBERTO\Downloads\NRnR.exe
2021-04-07 18:09 - 2021-04-07 18:10 - 000000000 ____D C:\Users\ALBERTO\Desktop\desinfeccion
2021-04-07 18:00 - 2021-04-07 17:58 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe
2021-04-07 17:51 - 2021-04-07 17:51 - 014262248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ALBERTO\Downloads\avgclear.exe
2021-04-06 18:06 - 2021-04-06 18:07 - 000399710 _____ C:\Users\ALBERTO\Desktop\cc_20210406_180627.reg
2021-04-06 17:44 - 2021-04-06 17:45 - 000075902 _____ C:\Users\ALBERTO\Desktop\cc_20210406_174431 (2º informe).reg
2021-04-05 16:45 - 2021-04-05 16:45 - 008534696 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\adwcleaner_8.2 (2).exe
2021-04-04 20:44 - 2021-04-04 20:44 - 001790024 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\junkware-removal-tool-8-1-4.exe
2021-04-04 20:26 - 2021-04-04 20:26 - 001599815 _____ C:\Users\ALBERTO\Downloads\IFS (1).exe
2021-04-04 20:22 - 2021-04-05 17:14 - 000000000 ____D C:\AdwCleaner
2021-04-04 20:14 - 2021-04-04 20:14 - 008534696 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\adwcleaner_8.2 (1).exe
2021-04-04 20:12 - 2021-04-04 20:13 - 008534696 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\adwcleaner_8.2.exe
2021-04-04 19:52 - 2021-04-09 23:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2021-04-04 18:57 - 2021-04-10 15:44 - 000000000 ____D C:\FSTool
2021-04-04 18:56 - 2021-04-04 18:56 - 001599815 _____ C:\Users\ALBERTO\Downloads\IFS.exe
2021-04-04 18:47 - 2021-04-04 18:48 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577.exe
2021-04-01 23:18 - 2021-04-12 00:22 - 000000000 ____D C:\Users\ALBERTO\Downloads\Telegram Desktop
2021-04-01 14:17 - 2021-04-01 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-03-30 19:52 - 2021-03-30 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-03-30 19:52 - 2021-03-30 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-03-30 19:52 - 2021-03-30 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-03-29 00:01 - 2021-04-12 23:43 - 000000000 ____D C:\Users\ALBERTO\Desktop\ALICIA
2021-03-27 03:56 - 2021-03-27 03:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-03-27 03:48 - 2021-03-27 03:48 - 000000020 ___SH C:\Users\ALBERTO\ntuser.ini
2021-03-27 03:32 - 2021-03-27 03:40 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-03-27 03:32 - 2021-03-27 03:40 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-03-27 02:08 - 2021-04-13 00:12 - 001774678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-27 02:04 - 2021-04-13 16:11 - 000004222 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8E062058-A517-4CAE-8665-1077E5E601AA}
2021-03-27 02:04 - 2021-04-12 22:36 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2614724653-299048476-2895592305-1001
2021-03-27 02:04 - 2021-04-10 15:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-27 02:04 - 2021-03-27 02:06 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-27 02:04 - 2021-03-27 02:06 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-27 02:04 - 2021-03-27 02:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform
2021-03-27 02:03 - 2021-04-13 15:56 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-27 02:03 - 2021-04-08 17:43 - 000003850 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001
2021-03-27 02:03 - 2021-04-08 17:43 - 000003754 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001
2021-03-27 02:03 - 2021-04-05 17:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-03-27 02:03 - 2021-03-27 02:07 - 000003548 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-27 02:03 - 2021-03-27 02:07 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-03-27 02:03 - 2021-03-27 02:06 - 000003540 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-03-27 02:03 - 2021-03-27 02:06 - 000003324 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-27 02:03 - 2021-03-27 02:06 - 000002598 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-03-27 02:03 - 2021-03-27 02:05 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-03-27 02:03 - 2021-03-27 02:05 - 000003316 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-03-27 02:03 - 2021-03-27 02:05 - 000002978 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-03-27 02:03 - 2021-03-27 02:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\CyberLink
2021-03-27 02:03 - 2021-03-27 02:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-03-27 01:52 - 2021-04-13 00:38 - 000000000 ____D C:\Users\ALBERTO
2021-03-27 01:52 - 2021-04-12 22:31 - 000002410 _____ C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Reciente
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Plantillas
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Mis documentos
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Menú Inicio
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Impresoras
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Entorno de red
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Documents\Mis vídeos
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Documents\Mis imágenes
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Documents\Mi música
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Datos de programa
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Configuración local
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Local\Historial
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Local\Datos de programa
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Local\Archivos temporales de Internet
2021-03-27 01:50 - 2018-09-06 03:02 - 000146304 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-03-27 01:50 - 2018-09-06 03:02 - 000121216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2021-03-27 01:44 - 2021-04-12 22:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-27 01:44 - 2021-04-10 15:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-27 01:44 - 2021-03-27 01:45 - 000637016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-27 01:36 - 2021-03-27 01:43 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-03-27 01:30 - 2021-03-27 01:35 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-03-27 01:30 - 2021-03-27 01:30 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-03-27 01:25 - 2021-03-27 01:25 - 000000000 ____D C:\ProgramData\ssh
2021-03-27 01:14 - 2021-03-27 01:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-27 01:14 - 2021-03-27 01:14 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-03-27 01:14 - 2021-03-27 01:14 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-03-27 01:14 - 2021-03-27 01:14 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-03-27 01:14 - 2021-03-27 01:14 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-03-27 01:14 - 2021-03-27 01:14 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-03-27 01:14 - 2021-03-27 01:14 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-03-27 01:14 - 2021-03-27 01:14 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-03-27 01:14 - 2021-03-27 01:14 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-03-27 01:14 - 2021-03-27 01:14 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-03-27 01:14 - 2021-03-27 01:14 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-03-27 01:13 - 2021-03-27 01:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-27 01:13 - 2021-03-27 01:13 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-03-27 01:13 - 2021-03-27 01:13 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-03-27 01:13 - 2021-03-27 01:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-03-27 01:13 - 2021-03-27 01:13 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-03-27 01:13 - 2021-03-27 01:13 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-03-27 01:13 - 2021-03-27 01:13 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-03-27 01:13 - 2021-03-27 01:13 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-03-27 01:13 - 2021-03-27 01:13 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-03-27 01:13 - 2021-03-27 01:13 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-03-27 01:13 - 2021-03-27 01:13 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-27 01:12 - 2021-03-27 01:12 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-03-27 01:12 - 2021-03-27 01:12 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-03-27 01:12 - 2021-03-27 01:12 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-03-27 01:12 - 2021-03-27 01:12 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-03-27 01:12 - 2021-03-27 01:12 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-03-27 01:12 - 2021-03-27 01:12 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-27 01:11 - 2021-03-27 01:11 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-27 01:11 - 2021-03-27 01:11 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-03-27 01:11 - 2021-03-27 01:11 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-03-27 01:11 - 2021-03-27 01:11 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-03-27 01:11 - 2021-03-27 01:11 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-03-27 01:11 - 2021-03-27 01:11 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-03-27 01:10 - 2021-03-27 01:10 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-03-27 01:10 - 2021-03-27 01:10 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-27 01:10 - 2021-03-27 01:10 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-27 01:10 - 2021-03-27 01:10 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-03-27 01:10 - 2021-03-27 01:10 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-03-27 01:10 - 2021-03-27 01:10 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-03-27 01:10 - 2021-03-27 01:10 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-03-27 01:10 - 2021-03-27 01:10 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-03-27 01:10 - 2021-03-27 01:10 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-03-27 01:10 - 2021-03-27 01:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-03-27 01:10 - 2021-03-27 01:10 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-03-27 01:10 - 2021-03-27 01:10 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-03-27 01:09 - 2021-03-27 01:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-03-27 01:09 - 2021-03-27 01:09 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-27 01:09 - 2021-03-27 01:09 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-03-27 01:08 - 2021-03-27 01:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-03-27 01:08 - 2021-03-27 01:08 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-03-27 01:08 - 2021-03-27 01:08 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-03-27 01:08 - 2021-03-27 01:08 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-03-27 00:46 - 2021-03-27 00:46 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-03-27 00:46 - 2021-03-27 00:46 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files\MSBuild
2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-23 01:20 - 2021-04-08 05:16 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-23 00:56 - 2021-03-23 00:56 - 000000000 ___HD C:\$WinREAgent
2021-03-16 19:49 - 2021-03-30 19:52 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2021-04-13 15:54 - 2021-01-25 16:33 - 000000000 ____D C:\Program Files\CCleaner
2021-04-13 00:38 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-13 00:31 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-13 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-13 00:12 - 2019-12-07 16:55 - 000789518 _____ C:\WINDOWS\system32\perfh00A.dat
2021-04-13 00:12 - 2019-12-07 16:55 - 000155870 _____ C:\WINDOWS\system32\perfc00A.dat
2021-04-13 00:12 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-12 22:31 - 2016-11-28 20:03 - 000000000 ___RD C:\Users\ALBERTO\OneDrive
2021-04-11 14:48 - 2021-01-25 16:39 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-11 13:40 - 2017-12-29 15:53 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Telegram Desktop
2021-04-10 19:23 - 2018-07-09 23:15 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\CrashDumps
2021-04-10 19:21 - 2021-01-25 16:33 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-04-10 15:50 - 2015-12-01 17:50 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-04-10 15:30 - 2016-11-28 20:00 - 000000000 __SHD C:\Users\ALBERTO\IntelGraphicsProfiles
2021-04-10 15:29 - 2020-03-20 19:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-10 15:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-10 15:28 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-10 15:23 - 2020-04-12 00:05 - 000000000 ____D C:\Program Files\Common Files\AV
2021-04-10 14:46 - 2020-01-12 16:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-04-10 14:34 - 2018-03-28 20:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-10 12:37 - 2020-06-15 16:03 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-10 00:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-09 23:34 - 2017-01-02 14:37 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-04-09 23:25 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-09 23:25 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-04-08 17:55 - 2020-11-16 19:11 - 000000678 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001.job
2021-04-08 17:55 - 2020-11-16 19:11 - 000000582 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001.job
2021-04-08 17:42 - 2020-11-16 19:11 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\GoToMeeting
2021-04-06 23:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-05 17:16 - 2016-11-28 20:01 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\Lenovo
2021-04-05 17:16 - 2015-12-01 17:52 - 000000000 ____D C:\Program Files\Lenovo
2021-04-05 17:16 - 2015-12-01 17:50 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-04-05 17:15 - 2020-03-12 20:15 - 000000000 ____D C:\WINDOWS\Lenovo
2021-04-05 17:15 - 2017-04-13 11:49 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Samsung
2021-04-05 17:15 - 2015-12-01 18:07 - 000000000 ____D C:\ProgramData\Lenovo
2021-04-04 20:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-02 20:23 - 2017-12-29 17:16 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\Packages
2021-04-02 13:41 - 2021-01-25 14:45 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-02 13:41 - 2021-01-25 14:45 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-02 13:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-01 22:14 - 2021-01-26 21:08 - 000000000 ____D C:\Users\ALBERTO\Desktop\VARIOS
2021-04-01 19:51 - 2017-04-13 11:45 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-04-01 19:51 - 2015-12-01 17:52 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-04-01 19:50 - 2017-04-13 11:45 - 000000000 ____D C:\ProgramData\Samsung
2021-04-01 14:20 - 2017-04-06 23:30 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-03-30 22:18 - 2018-06-12 23:26 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\PlaceholderTileLogoFolder
2021-03-28 23:11 - 2019-12-07 16:56 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-03-27 13:09 - 2019-08-17 22:32 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\PackageStaging
2021-03-27 06:35 - 2020-10-02 23:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-27 04:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-27 03:52 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-27 03:52 - 2018-07-02 23:23 - 000000000 ____D C:\ProgramData\Packages
2021-03-27 03:52 - 2015-07-16 17:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-03-27 03:51 - 2017-12-29 17:38 - 000000000 ___RD C:\Users\ALBERTO\3D Objects
2021-03-27 03:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-27 03:41 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-03-27 03:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-03-27 03:40 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-27 03:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-03-27 02:36 - 2016-12-30 14:46 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-03-27 01:57 - 2020-04-14 11:28 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-03-27 01:57 - 2019-04-23 22:06 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2021-03-27 01:57 - 2017-12-29 15:53 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2021-03-27 01:57 - 2017-11-23 22:52 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-27 01:50 - 2017-08-11 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2021-03-27 01:50 - 2017-08-11 19:52 - 000000000 ____D C:\Program Files\Elantech
2021-03-27 01:50 - 2017-08-11 19:52 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2021-03-27 01:43 - 2021-01-25 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-03-27 01:43 - 2020-11-20 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-03-27 01:43 - 2020-04-15 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.4
2021-03-27 01:43 - 2020-02-25 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoFirma
2021-03-27 01:43 - 2020-01-02 22:06 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2021-03-27 01:43 - 2020-01-02 22:00 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-03-27 01:43 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-03-27 01:43 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-27 01:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-27 01:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-03-27 01:43 - 2017-11-23 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-27 01:43 - 2017-08-11 19:53 - 000000000 ____D C:\Program Files\CONEXANT
2021-03-27 01:43 - 2017-08-11 19:52 - 000000000 ____D C:\Program Files\Intel
2021-03-27 01:43 - 2017-05-24 20:06 - 000000000 ____D C:\Program Files\UNP
2021-03-27 01:43 - 2016-12-13 21:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-27 01:43 - 2016-12-12 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2021-03-27 01:43 - 2015-12-04 11:36 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2021-03-27 01:43 - 2015-12-04 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2021-03-27 01:43 - 2015-12-04 11:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-03-27 01:43 - 2015-12-01 18:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2021-03-27 01:42 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-03-27 01:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2021-03-27 01:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-03-27 01:36 - 2015-12-04 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2021-03-27 01:25 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-27 01:25 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-27 01:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-27 01:23 - 2019-12-07 16:57 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-03-27 01:23 - 2019-12-07 16:57 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-03-27 00:44 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-03-27 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-03-27 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-03-14 22:27 - 2021-03-02 23:20 - 000429944 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-03-14 22:27 - 2021-03-02 23:20 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-03-14 22:27 - 2021-03-02 23:20 - 000062392 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-03-14 22:27 - 2017-12-16 22:26 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-03-14 13:56 - 2020-03-20 19:07 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\TeamViewer
==================== Archivos en la raíz de algunos directorios ========
2018-10-30 15:02 - 2018-10-30 15:50 - 000004608 _____ () C:\Users\ALBERTO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 11-04-2021
Ejecutado por ALBERTO (13-04-2021 16:11:10)
Ejecutado desde C:\Users\ALBERTO\Desktop
Windows 10 Home Versión 20H2 19042.867 (X64) (2021-03-27 01:47:30)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-2614724653-299048476-2895592305-500 - Administrator - Disabled)
ALBERTO (S-1-5-21-2614724653-299048476-2895592305-1001 - Administrator - Enabled) => C:\Users\ALBERTO
DefaultAccount (S-1-5-21-2614724653-299048476-2895592305-503 - Limited - Disabled)
Invitado (S-1-5-21-2614724653-299048476-2895592305-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2614724653-299048476-2895592305-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 119.4.1772 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
GoTo Opener (HKLM-x32\...\{C2A61D74-BB65-42AD-B81F-AC25E1F7DE02}) (Version: 1.0.536 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F1C8272B-5DAF-49BA-B694-A1D4747F6432}) (Version: 17.1.1530.1669 - Intel Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Manuales de usuario (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.75 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 4.4.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.2 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Servicio Lenovo Vantage (HKLM-x32\...\VantageSRV_is1) (Version: 3.3.115.0 - Lenovo Group Ltd.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{af70f8b2-e114-485d-9f21-da50d8571c40}) (Version: 20.10.0 - Intel Corporation)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
Telegram Desktop version 2.7.1 (HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.1 - Telegram FZ-LLC)
Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.)
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.582 - McAfee, LLC)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2021-01-24] (Autodesk Inc.)
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation)
Coolle VLLC Media Player for Windows 10 -> C:\Program Files\WindowsApps\37309CoolLeGetInc.CoolleVLCMediaPlayerforWindows10_1.0.16.0_neutral__g0y9d13zmhd68 [2021-02-10] (CoolLeGet Inc)
DS video -> C:\Program Files\WindowsApps\999289FE.DSvideo_1.5.69.0_x64__g23c5rrjyxaaj [2021-01-24] (Synology Inc.)
Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2021-01-24] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-11] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation) [MS Ad]
Portal de cuenta de Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2021-01-24] (LENOVO INCORPORATED.)
QR Code for Windows 10 -> C:\Program Files\WindowsApps\17036IYIA.QRCodeforWindows10_6.4.2.0_x64__dggz0n4pnn0ge [2021-03-26] (IYIA)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2021-01-24] (Twitter Inc.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-2614724653-299048476-2895592305-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\ALBERTO\AppData\Local\GoToMeeting\18962\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2614724653-299048476-2895592305-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\ALBERTO\Dropbox [2017-04-06 23:36]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Ningún archivo
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> Ningún archivo
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxDTCM.dll [2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\ALBERTO\Desktop\CANALES MOVISTAR.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hkgpanfagbakkedomaocbfiibceknhlh
ShortcutWithArgument: C:\Users\ALBERTO\Desktop\CORREO AYUNTAMIENTO.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knofleilnncdcdkmghjgieheocegmnmk
ShortcutWithArgument: C:\Users\ALBERTO\Desktop\Instagram.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm
ShortcutWithArgument: C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\CANALES MOVISTAR.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hkgpanfagbakkedomaocbfiibceknhlh
ShortcutWithArgument: C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\CORREO AYUNTAMIENTO.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knofleilnncdcdkmghjgieheocegmnmk
ShortcutWithArgument: C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Instagram.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm
==================== Módulos cargados (Lista blanca) =============
2015-07-22 11:44 - 2015-07-22 11:44 - 000285184 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-07-22 11:44 - 2015-07-22 11:44 - 000562688 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2021-02-13 00:03 - 2020-05-30 21:04 - 001638912 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\x64\SQLite.Interop.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-2614724653-299048476-2895592305-1001 -> DefaultScope {03D7C72E-29E4-470C-839D-0068BF828710} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-10-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-11-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-20] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Ningún archivo
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2015-07-10 13:04 - 2020-01-12 16:56 - 000000027 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: NortonSecurity => 2
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\StartupApproved\Run: => "Discord"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{DC616697-4E90-4A61-A5D4-7A6A9322D243}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D2DB6929-777F-4285-9236-1033EF7B4F1C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E4E774AF-058C-4E1D-A9D5-2D2936AC9B85}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1B78C2CB-8397-4B58-97EF-046C6CED2D84}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3A5BD2E7-72CC-46EF-8749-9DFD1A63A847}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CF5BCE23-85D0-4D31-BADB-68B7A7B9ED63}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34A26D7E-BF60-4052-B7BA-C9F069A1B87A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{019C79F7-C9D4-4B50-B4F8-01EF27B7F2B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6592B5CE-3495-43B0-A4A9-AF6AC7962E12}] => (Allow) C:\Users\ALBERTO\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{40C28085-34A2-4301-B23C-5259416B9EA2}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Block) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [TCP Query User{CB5DBC5D-C020-4572-B5D3-55C21B167742}C:\program files\autofirma\autofirma\jre\bin\javaw.exe] => (Block) C:\program files\autofirma\autofirma\jre\bin\javaw.exe
FirewallRules: [{0742CD6B-0A7F-40E6-9186-45AD99305ECB}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{71F2A275-57CA-4393-A2E0-A28EF0EEF05C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7AB9ACB1-4036-4828-A9B5-3EE7D2E25B83}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{95886008-0AB7-4D86-8E6B-F9E68636E9BA}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0815FEF-0194-476C-98D2-8846F3BDC553}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{24BDCB96-8C46-495E-A08E-0E53452BCC7E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Puntos de Restauración =========================
10-04-2021 15:50:11 AdwCleaner_BeforeCleaning_10/04/2021_15:50:11
10-04-2021 15:54:12 JRT Pre-Junkware Removal
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (04/13/2021 12:11:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: GDCAgent.exe, versión: 1.0.1.6, marca de tiempo: 0x55b8998c
Nombre del módulo con errores: GDCAgent.exe, versión: 1.0.1.6, marca de tiempo: 0x55b8998c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00020fb8
Identificador del proceso con errores: 0x2604
Hora de inicio de la aplicación con errores: 0x01d72e0dd7c63a5c
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Identificador del informe: fedb7ee1-9750-478f-a5d6-f7b01bbf62e4
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (04/12/2021 11:24:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MsMpEng.exe, versión: 4.18.1911.3, marca de tiempo: 0x2c9b5e9d
Nombre del módulo con errores: mprtp.dll, versión: 4.18.1911.3, marca de tiempo: 0xf2142587
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x00000000000842ed
Identificador del proceso con errores: 0x2e14
Hora de inicio de la aplicación con errores: 0x01d72faffe77a733
Ruta de acceso de la aplicación con errores: C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe
Ruta de acceso del módulo con errores: C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\mprtp.dll
Identificador del informe: 0ddbccb9-497b-428b-8ced-fe76b1f83365
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (04/11/2021 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: No se completó la copia de seguridad debido a un error al escribir en la ubicación de copia de seguridad F:\. El error es: La ubicación de copia de seguridad no se encuentra o no es válida. Revisa la configuración de copia de seguridad y comprueba la ubicación de copia de seguridad. (0x81000006).
Error: (04/11/2021 10:42:49 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (7436,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) al abrir un archivo de registro C:\Users\ALBERTO\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (04/11/2021 10:42:49 AM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (7436,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\ALBERTO\AppData\Local\Microsoft\Windows\WebCache\V01.log" para acceso de lectura y escritura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (04/11/2021 10:42:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (7436,R,98) WebCacheLocal: Error -1032 (0xfffffbf8) al abrir un archivo de registro C:\Users\ALBERTO\AppData\Local\Microsoft\Windows\WebCache\V01.log.
Error: (04/11/2021 10:42:32 AM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (7436,R,98) WebCacheLocal: Al intentar abrir el archivo "C:\Users\ALBERTO\AppData\Local\Microsoft\Windows\WebCache\V01.log" para acceso de lectura y escritura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).
Error: (04/11/2021 02:14:28 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en LENOVO (D:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Errores del sistema:
=============
Error: (04/13/2021 04:07:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio System Interface Foundation Service no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/13/2021 03:54:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x8024200b: Actualización de la plataforma antimalware de Windows Defender Antivirus - KB4052623 (versión 4.18.2001.10).
Error: (04/13/2021 03:53:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio System Interface Foundation Service no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/13/2021 03:53:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio System Interface Foundation Service no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/13/2021 12:11:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio GDCAgent se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (04/12/2021 11:35:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x8024200b: Actualización de la plataforma antimalware de Windows Defender Antivirus - KB4052623 (versión 4.18.2001.10).
Error: (04/12/2021 11:24:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Antivirus de Microsoft Defender terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 100 milisegundos: Ejecutar el programa de recuperación configurado.
Error: (04/12/2021 05:33:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio System Interface Foundation Service no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Windows Defender:
================
Date: 2021-04-10 23:41:55
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {F361CDB1-1074-4401-A81D-44C2160D2FA6}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-10 19:41:34
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {9CA6B3EB-8B7A-4097-817D-FE20D0577605}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-10 18:25:16
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {EEFC7682-DA3E-47E3-A0B2-EDE8992309CC}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-10 00:14:36
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {08118407-8D31-4D67-A725-8DD51724D464}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-10 14:56:12
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.335.552.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.18000.5
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Date: 2021-04-10 14:46:02
Description:
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2021-04-09 23:36:45
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.313.1307.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80070643
Descripción del error: Error irrecuperable durante la instalación.
Date: 2021-04-09 23:36:43
Description:
Antivirus de Microsoft Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.18000.5
Versión de motor anterior: 1.1.16900.4
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x8050800c
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico.
CodeIntegrity:
===============
Date: 2021-04-12 23:24:23
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2021-04-09 23:00:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.21.2.50\symamsi.dll that did not meet the Microsoft signing level requirements.
==================== Información de la memoria ===========================
BIOS: LENOVO D5CN47WW 08/26/2016
Placa base: LENOVO Paris 5A8
Procesador: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Porcentaje de memoria en uso: 54%
RAM física total: 8051.91 MB
RAM física disponible: 3672.22 MB
Virtual total: 9937.55 MB
Virtual disponible: 5478.38 MB
==================== Unidades ================================
Drive c: (Windows) (Fixed) (Total:884.47 GB) (Free:738.97 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.06 GB) NTFS
\\?\Volume{58007887-c3ba-4e22-a863-8d1454dbc658}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS
\\?\Volume{59924cb7-279f-4c3c-98c6-8b935c2f4b32}\ (LENOVO_PART) (Fixed) (Total:19.82 GB) (Free:7.27 GB) NTFS
\\?\Volume{06b50945-63ac-47e8-84ea-7c35de092937}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DCF2148E)
Partition: GPT.
==================== Final de Addition.txt =======================Hola, buenas @forta correcto ahora sí que están bien puestos.
Voy a analizar los informes, esto conlleva un rato. Pues es algo tedioso analizarlos… En cuanto los tenga, tendrás tu respuesta. De mientras:
NOTA IMPORTANTE
Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:
- No realices pasos/acciones que NOSOTROS no te hayamos indicado.
- No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
- No instales NADA (programas/software/complementos/extensiones del navegador…).
- No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
- No realices por tu cuenta otros procedimientos.
- Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.
Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:
Salu2.
Hola Marr0n,
qué tal van los análisis? Quisiera restituir mi antivirus e intentar recobrar la normalidad con mi portátil. (lo necesito para trabajar)
Siento insistir.
Gracias.
Mañana lo tienes.
Salu2.
Hola @forta
¿Instalaste esta aplicación en tu equipo: Wondershare? ¿La reconoces/te suena de algo? ¿La has usado alguna vez?
Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:
-
Reinicias el ordenador en Modo Normal.
-
Descargas DelFix en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.
-
Presionas en Run.
Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.
Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {01E35EF6-44AE-4414-A6A6-D53C05CB9455} - \Lenovo\ImController\TimeBasedEvents\41d00699-c02c-41d6-a268-6a6de4f4cdad -> Ningún archivo <==== ATENCIÓN
Task: {0259C9B1-827A-4E29-9CEB-314FCCF66AD1} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Ningún archivo <==== ATENCIÓN
Task: {296AC455-7293-444C-8953-0188FA9ED84A} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {2C595B00-B11B-4F07-A873-5ED2856109DA} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Ningún archivo <==== ATENCIÓN
Task: {2F33D2E0-D649-418D-8005-9D5A4AB858B8} - \Lenovo\ImController\TimeBasedEvents\a1653e63-af0f-4142-8c3e-57a85dd5ec0f -> Ningún archivo <==== ATENCIÓN
Task: {7C606F97-CA58-461A-8A69-1B2BD0276A3F} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe
Task: {7C96DE06-11DF-4E28-AC31-03DE8D6D3F33} - \Lenovo\ImController\TimeBasedEvents\86fb1487-40ae-41b0-94a7-092737c32da2 -> Ningún archivo <==== ATENCIÓN
Task: {94357371-788A-48B1-A757-4AE8E4DA0395} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe
Task: {9E597A12-4D3B-43EF-A123-925DED2C55E4} - \Lenovo\ImController\TimeBasedEvents\711decec-f0e3-4965-a0a1-9d66460ed853 -> Ningún archivo <==== ATENCIÓN
Task: {CF26A032-3D94-4A16-BB79-F640E664535B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Ningún archivo <==== ATENCIÓN
Task: {D999E38A-5E37-422F-ABB3-6CB5602FEFA1} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
FF Extension: (Sin Nombre) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected] [no encontrado]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-03-26] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-06]
CHR Extension: (Norton Safe Web) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-03-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-03-26] (McAfee, LLC -> McAfee, LLC)
S3 MpKsl93ac1a54; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B58908CE-99B9-40FB-8FBC-75E60117B920}\MpKslDrv.sys [X]
2021-04-08 00:24 - 2021-04-08 00:25 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\ALBERTO\Downloads\NRnR (1).exe
2021-04-08 00:22 - 2021-04-08 00:23 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\ALBERTO\Downloads\NRnR.exe
2021-04-07 18:00 - 2021-04-07 17:58 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe
2021-04-07 17:51 - 2021-04-07 17:51 - 014262248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ALBERTO\Downloads\avgclear.exe
2021-04-04 19:52 - 2021-04-09 23:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2021-03-27 02:03 - 2021-03-27 02:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-04-10 14:46 - 2020-01-12 16:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Ningún archivo
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> Ningún archivo
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
MSCONFIG\Services: NortonSecurity => 2
C:\Program Files\McAfee
C:\Program Files\Norton Security
File: C:\Users\ALBERTO\Downloads\bz4mgmm8.exe
VirusTotal: C:\Users\ALBERTO\Downloads\bz4mgmm8.exe
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
ENDLo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.
Finalmente (OJO, en MODO NORMAL):
-
Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).
-
Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.
-
Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.
-
Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.
Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:
Salu2.
1 me gusta
Hola Marr0n, pues te comento que la aplicación wondershare no me suena de nada, y tampoco la uso para nada (de hecho no sé cual es su finalidad). Comentarte que una vez pasado el FRST el portatil me ha advertido, en un par de veces, que windows defender había bloqueado dos aplicaciones, en concreto google chrome y también con dropbox. Por lo demás el portatil va fluido, teniendo en cuenta que tengo desactivado mi antivirus como se me indicó. A continuación paso el reporte que habías solicitado.
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 17-04-2021
Ejecutado por ALBERTO (20-04-2021 00:00:08) Run:1
Ejecutado desde C:\Users\ALBERTO\Desktop
Perfiles cargados: ALBERTO
Modo de Inicio: Normal
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {01E35EF6-44AE-4414-A6A6-D53C05CB9455} - \Lenovo\ImController\TimeBasedEvents1d00699-c02c-41d6-a268-6a6de4f4cdad -> Ningún archivo <==== ATENCIÓN
Task: {0259C9B1-827A-4E29-9CEB-314FCCF66AD1} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Ningún archivo <==== ATENCIÓN
Task: {296AC455-7293-444C-8953-0188FA9ED84A} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {2C595B00-B11B-4F07-A873-5ED2856109DA} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Ningún archivo <==== ATENCIÓN
Task: {2F33D2E0-D649-418D-8005-9D5A4AB858B8} - \Lenovo\ImController\TimeBasedEvents\a1653e63-af0f-4142-8c3e-57a85dd5ec0f -> Ningún archivo <==== ATENCIÓN
Task: {7C606F97-CA58-461A-8A69-1B2BD0276A3F} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine2.21.2.50\SymErr.exe
Task: {7C96DE06-11DF-4E28-AC31-03DE8D6D3F33} - \Lenovo\ImController\TimeBasedEvents6fb1487-40ae-41b0-94a7-092737c32da2 -> Ningún archivo <==== ATENCIÓN
Task: {94357371-788A-48B1-A757-4AE8E4DA0395} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine2.21.2.50\SymErr.exe
Task: {9E597A12-4D3B-43EF-A123-925DED2C55E4} - \Lenovo\ImController\TimeBasedEvents11decec-f0e3-4965-a0a1-9d66460ed853 -> Ningún archivo <==== ATENCIÓN
Task: {CF26A032-3D94-4A16-BB79-F640E664535B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Ningún archivo <==== ATENCIÓN
Task: {D999E38A-5E37-422F-ABB3-6CB5602FEFA1} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine2.21.2.50\SymErr.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
FF Extension: (Sin Nombre) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected] [no encontrado]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-03-26] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-06]
CHR Extension: (Norton Safe Web) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-03-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-03-26] (McAfee, LLC -> McAfee, LLC)
S3 MpKsl93ac1a54; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B58908CE-99B9-40FB-8FBC-75E60117B920}\MpKslDrv.sys [X]
2021-04-08 00:24 - 2021-04-08 00:25 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\ALBERTO\Downloads\NRnR (1).exe
2021-04-08 00:22 - 2021-04-08 00:23 - 013036984 _____ (NortonLifeLock Inc.) C:\Users\ALBERTO\Downloads\NRnR.exe
2021-04-07 18:00 - 2021-04-07 17:58 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe
2021-04-07 17:51 - 2021-04-07 17:51 - 014262248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ALBERTO\Downloads\avgclear.exe
2021-04-04 19:52 - 2021-04-09 23:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2021-03-27 02:03 - 2021-03-27 02:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-04-10 14:46 - 2020-01-12 16:54 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Ningún archivo
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> Ningún archivo
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
MSCONFIG\Services: NortonSecurity => 2
C:\Program Files\McAfee
C:\Program Files\Norton Security
File: C:\Users\ALBERTO\Downloads\bz4mgmm8.exe
VirusTotal: C:\Users\ALBERTO\Downloads\bz4mgmm8.exe
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
[12328] C:\Program Files\McAfee\WebAdvisor\servicehost.exe => proceso cerrado correctamente.
[13272] C:\Program Files\McAfee\WebAdvisor\uihost.exe => proceso cerrado correctamente.
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01E35EF6-44AE-4414-A6A6-D53C05CB9455}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01E35EF6-44AE-4414-A6A6-D53C05CB9455}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents1d00699-c02c-41d6-a268-6a6de4f4cdad" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0259C9B1-827A-4E29-9CEB-314FCCF66AD1}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0259C9B1-827A-4E29-9CEB-314FCCF66AD1}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{296AC455-7293-444C-8953-0188FA9ED84A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{296AC455-7293-444C-8953-0188FA9ED84A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C595B00-B11B-4F07-A873-5ED2856109DA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C595B00-B11B-4F07-A873-5ED2856109DA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F33D2E0-D649-418D-8005-9D5A4AB858B8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F33D2E0-D649-418D-8005-9D5A4AB858B8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\a1653e63-af0f-4142-8c3e-57a85dd5ec0f" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C606F97-CA58-461A-8A69-1B2BD0276A3F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C606F97-CA58-461A-8A69-1B2BD0276A3F}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Norton 360\Norton 360 Autofix => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton 360\Norton 360 Autofix" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C96DE06-11DF-4E28-AC31-03DE8D6D3F33}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C96DE06-11DF-4E28-AC31-03DE8D6D3F33}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents6fb1487-40ae-41b0-94a7-092737c32da2" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94357371-788A-48B1-A757-4AE8E4DA0395}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94357371-788A-48B1-A757-4AE8E4DA0395}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Norton 360\Norton 360 Error Processor => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton 360\Norton 360 Error Processor" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E597A12-4D3B-43EF-A123-925DED2C55E4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E597A12-4D3B-43EF-A123-925DED2C55E4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents11decec-f0e3-4965-a0a1-9d66460ed853" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CF26A032-3D94-4A16-BB79-F640E664535B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF26A032-3D94-4A16-BB79-F640E664535B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D999E38A-5E37-422F-ABB3-6CB5602FEFA1}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D999E38A-5E37-422F-ABB3-6CB5602FEFA1}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Norton 360\Norton 360 Error Analyzer => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton 360\Norton 360 Error Analyzer" => eliminado correctamente
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => movido correctamente
C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected] => ruta eliminado correctamente
"HKLM\Software\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}" => eliminado correctamente
C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => movido correctamente
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}" => eliminado correctamente
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-06] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Norton Safe Web) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-03-19] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => eliminado correctamente
McAfee WebAdvisor => Servicio detenido correctamente.
HKLM\System\CurrentControlSet\Services\McAfee WebAdvisor => eliminado correctamente
McAfee WebAdvisor => servicio eliminado correctamente
MpKsl93ac1a54 => servicio no encontrado.
C:\Users\ALBERTO\Downloads\NRnR (1).exe => movido correctamente
C:\Users\ALBERTO\Downloads\NRnR.exe => movido correctamente
C:\WINDOWS\system32\avgremoverx.exe => movido correctamente
C:\Users\ALBERTO\Downloads\avgclear.exe => movido correctamente
C:\WINDOWS\system32\Tasks\Norton 360 => movido correctamente
C:\WINDOWS\system32\Tasks\AVAST Software => movido correctamente
"C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job" => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\CLVDShellExt => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => eliminado correctamente
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\CLVDShellExt => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => eliminado correctamente
HKLM\Software\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NortonSecurity => eliminado correctamente
HKLM\System\CurrentControlSet\Services\NortonSecurity => no encontrado
C:\Program Files\McAfee => movido correctamente
"C:\Program Files\Norton Security" => no encontrado
========================= File: C:\Users\ALBERTO\Downloads\bz4mgmm8.exe ========================
C:\Users\ALBERTO\Downloads\bz4mgmm8.exe
El archivo está firmado digitalmente
MD5: 043E788417FD148207D877AB07B351A3
Fecha de creación y modificación: 2021-04-11 11:28 - 2021-04-11 11:32
Tamaño: 243733136
Atributos: ----A
Nombre de la compañía: Doctor Web Ltd. ->
Interno Nombre:
Original Nombre:
Producto:
Descripción:
Archivo Versión:
Producto Versión:
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/b299ed66d7ae122d088d31b42f3ff5b6884474b2a78307419e960f1eb4c23e6f/detection/f-b299ed66d7ae122d088d31b42f3ff5b6884474b2a78307419e960f1eb4c23e6f-1618132364
====== Final de File: ======
VirusTotal: C:\Users\ALBERTO\Downloads\bz4mgmm8.exe => (3) Error
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 4 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 6 mientras los medios
est‚n desconectados.
Adaptador de Ethernet Ethernet 2:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Conexi¢n de rea local* 4:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Conexi¢n de rea local* 6:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Wi-Fi:
Sufijo DNS espec¡fico para la conexi¢n. . :
V¡nculo: direcci¢n IPv6 local. . . : fe80::54d2:4edc:81e1:acb8%15
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.41
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.1.1
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
{51DD667E-6ED2-4B1F-B41F-34F59CA919DC} canceled.
{CB400371-68F7-4C88-9AC7-06C603F0B294} canceled.
{D4863913-AED3-477E-9881-AD6C7C55EDB3} canceled.
3 out of 3 jobs canceled.
========= Final de CMD: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-2614724653-299048476-2895592305-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-2614724653-299048476-2895592305-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 80082337 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 580253 B
Edge => 85720 B
Chrome => 1330660837 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 17394 B
ALBERTO => 117775659 B
RecycleBin => 1487892967 B
EmptyTemp: => 2.8 GB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 00:07:09 ====Hola, buenas @forta
con lo que tú me dices más sumándole que esta aplicación:
Dicha App no es un malware como tal, la empresa que lo fabrica es legítima pero sino sabes como ha llegado a tu máquina muy probablemente se te habrá instalado con otro programa/producto de terceros pasando desapercibida.
Aparte tu no la usas para nada, así que:
Para los programas en que te diga: puedes quitarlos. Hazlo así:
Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.
Quitas todos los programas que encuentre Revo con el nombre: Wondershare
Seguidamente, quitas estas dos extensiones de Chrome: McAfee® WebAdvisor y Norton Safe Web.
Bien. Esto se debe a algunas de las directrices que he implementado en el script, como en este caso son aplicaciones legítimas, simplemente dile al Defender que no las bloque y ya esta.
cuando sea el momento ya pondremos el antivirus que corresponda.
Finalmente, ejecutas de nuevo FRST como te indiqué en:
NOTA IMPORTANTE
Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:
- No realices pasos/acciones que NOSOTROS no te hayamos indicado.
- No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
- No instales NADA (programas/software/complementos/extensiones del navegador…).
- No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
- No realices por tu cuenta otros procedimientos.
- Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.
EN TU PRÓXIMA RESPUESTA
- Haces lo que te he dicho del WonderShare y me cuentas como te ha ido.
- Haces lo que te he dicho quitar estas dos extensiones de Chrome: McAfee® WebAdvisor y Norton Safe Web y me cuentas como te ha ido.
- Haces lo del FRST y pegas los reportes de FRST.txt y Addition.txt.
Salu2.
Hola de nuevo Marr0n, he seguido tus instrucciones al pie de la letra y a continuación de pongo los reportes solicitados. FRST
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 17-04-2021
Ejecutado por ALBERTO (administrador) sobre LAPTOP-TCQ476TQ (LENOVO 80Q7) (20-04-2021 23:22:29)
Ejecutado desde C:\Users\ALBERTO\Desktop
Perfiles cargados: ALBERTO
Platform: Windows 10 Home Versión 20H2 19042.928 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\120.4.4598\QtWebEngineProcess.exe <2>
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\Run: [53BCB50F32F7089E9B0E3706FF13A4AAB9B4FF19._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.85\Installer\chrmstp.exe [2021-04-20] (Google LLC -> Google LLC)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {02BB7FBD-DD16-4E5A-8D9C-A42400DCD179} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {081E2E9A-7FDB-4F2D-B320-ECC626C08B4E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-06] (LENOVO -> Lenovo)
Task: {14FD2B23-2E74-463F-B570-2BB31E89DB99} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {19EFA77A-2E63-4ABC-BDCB-F335319C2708} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\ALBERTO\Downloads\ESETOnlineScanner_ESL.exe
Task: {2034E620-B022-4E7C-A6F4-1B6F786E9E67} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\ScheduleEventAction.exe [13240 2020-07-09] (Lenovo -> Lenovo Group Ltd.)
Task: {2AAEAD35-4E82-41D3-99CA-D5BC9EE83C5D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AC7FD9B-5B06-4D68-BD1A-07C05A19E758} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {351ADF56-36E6-45DB-A094-798686C448BB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\ALBERTO\Downloads\ESETOnlineScanner_ESL.exe
Task: {43F40197-C76C-4A29-8BF0-99D6F8B8AE42} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E8B96C3-93B8-463E-B35C-305AB87A938A} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {57822FCB-5FF5-4AD1-93D0-870BC88941A6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5F3D557A-E60F-4813-899B-713FD18D8D37} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {65801DDB-FB30-4B6C-AF46-A7529B8D3726} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe
Task: {692CAA90-12FB-430E-AA69-9DAEFC262C55} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A17DA86-64DC-4C25-B5F9-DBA12E218C8D} - System32\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001 => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-08] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {7F17FB83-6F3F-41E4-B6DB-36F1929D428A} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {8BE9A27F-E4BF-4811-86B2-03591C4A498F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {8F8706D2-4255-4372-86A2-14838465A83C} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {9146C4B8-BC30-4A39-944D-C86C6D0C43E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FE04BAE-9E71-4391-976D-6360F0FB9D0A} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {A1585383-5C4D-43E0-A5B1-1120833811DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BC0FC313-9F06-4827-A70A-51DEE65FA838} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF7657FA-F78E-4A28-965D-968C82F37CE1} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {C87BFF5E-658B-4AE6-B922-C7086408953D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {CE47F755-A9C6-4BCC-96E5-DACC03DD548B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D13F36CF-117C-4C29-A064-14861024F58C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC -> Google LLC)
Task: {DAC71B8A-0437-467F-8208-08F98B205561} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {E27E95F1-BDAD-447F-9629-12106E70C1DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-25] (Google LLC -> Google LLC)
Task: {F188E05D-8547-4455-8352-F3B8CB261E9A} - System32\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001 => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-08] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {F20DBB6F-967D-4573-A838-42BF2F8EF183} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
Task: {FF5B609A-4789-4944-93E7-38D311623B83} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001.job => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001.job => C:\Users\ALBERTO\AppData\Local\GoToMeeting\19598\g2mupload.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{940beb9b-c103-45fa-a19e-6582db76af14}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{bfd3d4cc-5f03-4e12-a10a-685129ef2128}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Edge:
=======
DownloadDir: C:\Users\ALBERTO\Downloads
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\ALBERTO\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-20]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ALBERTO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF ProfilePath: C:\Users\ALBERTO\AppData\Roaming\TomTom\HOME\Profiles\37smhuan.default [2019-10-26]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-11-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2614724653-299048476-2895592305-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\ALBERTO\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default [2021-04-20]
CHR HomePage: Default -> hxxp://es.msn.com/
CHR DefaultSearchURL: Default -> hxxp://ver.movistarplus.es/favicon.png
CHR Extension: (Presentaciones) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Documentos) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-28]
CHR Extension: (Adobe Acrobat) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-04-10]
CHR Extension: (Hojas de cálculo) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-16]
CHR Extension: (CANALES online en directo - Movistar+) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdnbbimlpkbccknkhcedbdjefmncppai [2020-01-21]
CHR Extension: (CANALES MOVISTAR) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgpanfagbakkedomaocbfiibceknhlh [2021-01-25]
CHR Extension: (Player para ver Movistar+) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2020-11-11]
CHR Extension: (CORREO AYUNTAMIENTO) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\knofleilnncdcdkmghjgieheocegmnmk [2021-01-25]
CHR Extension: (Instagram) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2021-01-26]
CHR Extension: (Webmail :: Bienvenido a Webmail) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbgkppeojbfednnokjgmelaoliifghjm [2020-11-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (PDF Viewer) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2021-04-10]
CHR Extension: (SERIES online - Yomvi es Movistar+ en...) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipjkcpcfjccacfcdjbploglkejhophd [2019-04-23]
CHR Extension: (Gmail) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-17]
CHR Profile: C:\Users\ALBERTO\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\ALBERTO\AppData\Roaming\Opera Software\Opera Stable [2020-01-12]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.es/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (LENOVO -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe [18360 2020-07-09] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-25] (Malwarebytes Inc -> Malwarebytes)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [X]
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [X]
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-11] (Malwarebytes Inc -> Malwarebytes)
R3 MpKslc33864fd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CC7D4404-0EB7-4880-8DAF-19F6D099CD93}\MpKslDrv.sys [97528 2021-04-20] (Microsoft Windows -> Microsoft Corporation)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) (Lista blanca) =========
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2021-04-20 23:22 - 2021-04-20 23:24 - 000024905 _____ C:\Users\ALBERTO\Desktop\FRST.txt
2021-04-20 23:07 - 2021-04-20 23:07 - 000000000 ____D C:\Users\ALBERTO\Desktop\FRST Y ADDITION
2021-04-20 00:00 - 2021-04-20 00:07 - 000023867 _____ C:\Users\ALBERTO\Desktop\Fixlog.txt
2021-04-19 23:54 - 2021-04-19 23:54 - 000000000 ____D C:\Users\ALBERTO\Desktop\FRST-OlderVersion
2021-04-19 23:47 - 2021-04-19 23:47 - 000000249 _____ C:\Users\ALBERTO\Desktop\DelFix.txt
2021-04-19 23:44 - 2021-04-19 23:44 - 000797760 _____ C:\Users\ALBERTO\Downloads\delfix.exe
2021-04-18 21:50 - 2021-04-18 21:50 - 000469041 _____ C:\Users\ALBERTO\Desktop\FORMULARIO.pdf
2021-04-18 19:27 - 2021-04-18 19:27 - 000446863 _____ C:\Users\ALBERTO\Downloads\formulariJUS007BAIX210418192700.pdf
2021-04-18 19:15 - 2021-04-18 19:15 - 000446774 _____ C:\Users\ALBERTO\Downloads\formulariJUS007BAIX210418183600 (2).pdf
2021-04-18 18:40 - 2021-04-18 18:40 - 000446863 _____ C:\Users\ALBERTO\Downloads\formulariJUS007BAIX210418183600 (1).pdf
2021-04-18 18:36 - 2021-04-18 18:36 - 000446864 _____ C:\Users\ALBERTO\Downloads\formulariJUS007BAIX210418183600.pdf
2021-04-16 23:05 - 2021-04-16 23:05 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 23:04 - 2021-04-16 23:04 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 23:04 - 2021-04-16 23:04 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-16 22:08 - 2021-04-16 22:08 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-04-15 18:10 - 2021-04-15 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-04-13 16:28 - 2021-04-13 16:28 - 000003558 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7229cd9eb96f1
2021-04-13 16:00 - 2021-04-13 16:00 - 000000000 ____D C:\Users\ALBERTO\Desktop\Nueva carpeta
2021-04-13 00:13 - 2021-04-20 23:23 - 000000000 ____D C:\FRST
2021-04-13 00:02 - 2021-04-19 23:54 - 002298368 _____ (Farbar) C:\Users\ALBERTO\Desktop\FRST64.exe
2021-04-12 23:21 - 2021-04-12 23:21 - 006029210 _____ C:\Users\ALBERTO\Downloads\ilovepdf_extracted-pages (1).zip
2021-04-12 20:15 - 2021-04-12 20:15 - 000488024 _____ C:\Users\ALBERTO\Downloads\CamScanner 11-20-2020 17.05.pdf
2021-04-12 18:55 - 2021-04-12 18:56 - 000789797 _____ C:\Users\ALBERTO\Downloads\Certificado empleador baja Alicia García Reyes (2).pdf
2021-04-12 18:54 - 2021-04-12 18:54 - 000789797 _____ C:\Users\ALBERTO\Downloads\Certificado empleador baja Alicia García Reyes (1).pdf
2021-04-12 18:53 - 2021-04-12 18:53 - 000789797 _____ C:\Users\ALBERTO\Downloads\Certificado empleador baja Alicia García Reyes.pdf
2021-04-12 18:12 - 2021-04-12 18:12 - 001077893 _____ C:\Users\ALBERTO\Downloads\ilovepdf_extracted-pages.zip
2021-04-12 17:58 - 2021-04-12 17:58 - 000034683 _____ C:\Users\ALBERTO\Downloads\DOC120421-12042021114705-3 (1).pdf
2021-04-12 17:50 - 2021-04-12 17:50 - 000034683 _____ C:\Users\ALBERTO\Downloads\DOC120421-12042021114705-3.pdf
2021-04-12 17:41 - 2021-04-12 17:41 - 001120422 _____ C:\Users\ALBERTO\Downloads\DOC120421-12042021114705.pdf
2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-04-12 12:51 - 2021-04-12 12:51 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-04-11 14:48 - 2021-04-11 14:48 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-11 11:33 - 2021-04-11 11:33 - 000000000 ____D C:\Users\ALBERTO\Doctor Web
2021-04-11 11:28 - 2021-04-11 11:32 - 243733136 _____ C:\Users\ALBERTO\Downloads\bz4mgmm8.exe
2021-04-10 23:26 - 2021-04-10 23:27 - 000000000 ____D C:\KVRT2020_Data
2021-04-10 23:23 - 2021-04-10 23:25 - 102434224 _____ (AO Kaspersky Lab) C:\Users\ALBERTO\Downloads\KVRT.exe
2021-04-10 23:12 - 2021-04-10 23:12 - 000000340 _____ C:\Users\ALBERTO\Desktop\ESET.txt
2021-04-10 19:46 - 2021-04-10 19:47 - 000000787 _____ C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-04-10 19:46 - 2021-04-10 19:46 - 015019488 _____ (ESET spol. s r.o.) C:\Users\ALBERTO\Downloads\esetonlinescanner.exe
2021-04-10 19:46 - 2021-04-10 19:46 - 000000659 _____ C:\Users\ALBERTO\Desktop\ESET Online Scanner.lnk
2021-04-10 19:28 - 2021-04-10 19:28 - 000410712 _____ C:\Users\ALBERTO\Desktop\cc_20210410_192748.reg
2021-04-10 19:20 - 2021-04-10 19:20 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (5).exe
2021-04-10 19:19 - 2021-04-10 19:20 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (4).exe
2021-04-10 19:19 - 2021-04-10 19:19 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (3).exe
2021-04-10 19:19 - 2021-04-10 19:19 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (2).exe
2021-04-10 19:19 - 2021-04-10 19:19 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577 (1).exe
2021-04-10 19:04 - 2021-04-10 19:04 - 000001713 _____ C:\Users\ALBERTO\Desktop\JustificanteCita.pdf
2021-04-10 16:10 - 2021-04-10 16:10 - 000002777 _____ C:\Users\ALBERTO\Desktop\ZHPCleaner (R).txt
2021-04-10 16:08 - 2021-04-10 16:08 - 000002611 _____ C:\Users\ALBERTO\Desktop\ZHPCleaner (S).txt
2021-04-10 16:00 - 2021-04-10 16:10 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\ZHP
2021-04-10 16:00 - 2021-04-10 16:00 - 000000884 _____ C:\Users\ALBERTO\Desktop\ZHPCleaner.lnk
2021-04-10 16:00 - 2021-04-10 16:00 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\ZHP
2021-04-10 15:58 - 2021-04-10 15:58 - 003325592 _____ (Nicolas Coolman) C:\Users\ALBERTO\Downloads\ZHPCleaner.exe
2021-04-10 15:56 - 2021-04-10 15:57 - 000000873 _____ C:\Users\ALBERTO\Desktop\JRT.txt
2021-04-10 15:52 - 2021-04-10 15:52 - 000001790 _____ C:\Users\ALBERTO\Desktop\AdwCleaner[C01].txt
2021-04-09 16:27 - 2021-04-09 16:27 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\VS Revo Group
2021-04-09 16:26 - 2021-04-09 16:26 - 000001129 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2021-04-09 16:26 - 2021-04-09 16:26 - 000000000 ____D C:\ProgramData\VS Revo Group
2021-04-09 16:26 - 2021-04-09 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-04-09 16:26 - 2021-04-09 16:26 - 000000000 ____D C:\Program Files\VS Revo Group
2021-04-09 16:26 - 2020-10-14 04:07 - 000038400 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2021-04-09 07:05 - 2021-04-09 07:06 - 016509944 _____ (VS Revo Group ) C:\Users\ALBERTO\Downloads\RevoUninProSetup.exe
2021-04-08 22:42 - 2021-04-08 22:42 - 007495512 _____ (VS Revo Group ) C:\Users\ALBERTO\Downloads\revosetup.exe
2021-04-08 17:31 - 2021-04-08 17:31 - 007495512 _____ (VS Revo Group ) C:\Users\ALBERTO\Downloads\revo-uninstaller-2-2-5.exe
2021-04-07 18:09 - 2021-04-07 18:10 - 000000000 ____D C:\Users\ALBERTO\Desktop\desinfeccion
2021-04-06 18:06 - 2021-04-06 18:07 - 000399710 _____ C:\Users\ALBERTO\Desktop\cc_20210406_180627.reg
2021-04-06 17:44 - 2021-04-06 17:45 - 000075902 _____ C:\Users\ALBERTO\Desktop\cc_20210406_174431 (2º informe).reg
2021-04-05 16:45 - 2021-04-05 16:45 - 008534696 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\adwcleaner_8.2 (2).exe
2021-04-04 20:44 - 2021-04-04 20:44 - 001790024 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\junkware-removal-tool-8-1-4.exe
2021-04-04 20:26 - 2021-04-04 20:26 - 001599815 _____ C:\Users\ALBERTO\Downloads\IFS (1).exe
2021-04-04 20:22 - 2021-04-05 17:14 - 000000000 ____D C:\AdwCleaner
2021-04-04 20:14 - 2021-04-04 20:14 - 008534696 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\adwcleaner_8.2 (1).exe
2021-04-04 20:12 - 2021-04-04 20:13 - 008534696 _____ (Malwarebytes) C:\Users\ALBERTO\Downloads\adwcleaner_8.2.exe
2021-04-04 18:57 - 2021-04-10 15:44 - 000000000 ____D C:\FSTool
2021-04-04 18:56 - 2021-04-04 18:56 - 001599815 _____ C:\Users\ALBERTO\Downloads\IFS.exe
2021-04-04 18:47 - 2021-04-04 18:48 - 030972600 _____ (Piriform Software Ltd) C:\Users\ALBERTO\Downloads\ccsetup577.exe
2021-04-01 23:18 - 2021-04-19 20:00 - 000000000 ____D C:\Users\ALBERTO\Downloads\Telegram Desktop
2021-03-29 00:01 - 2021-04-12 23:43 - 000000000 ____D C:\Users\ALBERTO\Desktop\ALICIA
2021-03-27 03:56 - 2021-03-27 03:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-03-27 03:48 - 2021-03-27 03:48 - 000000020 ___SH C:\Users\ALBERTO\ntuser.ini
2021-03-27 03:32 - 2021-03-27 03:40 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-03-27 03:32 - 2021-03-27 03:40 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-03-27 02:08 - 2021-04-20 00:17 - 001774678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-27 02:04 - 2021-04-20 20:52 - 000004222 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8E062058-A517-4CAE-8665-1077E5E601AA}
2021-03-27 02:04 - 2021-04-20 00:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-27 02:04 - 2021-04-13 16:28 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-27 02:04 - 2021-04-12 22:36 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2614724653-299048476-2895592305-1001
2021-03-27 02:04 - 2021-03-27 02:06 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-27 02:04 - 2021-03-27 02:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform
2021-03-27 02:03 - 2021-04-16 22:11 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-03-27 02:03 - 2021-04-13 15:56 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-27 02:03 - 2021-04-08 17:43 - 000003850 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001
2021-03-27 02:03 - 2021-04-08 17:43 - 000003754 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001
2021-03-27 02:03 - 2021-04-05 17:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-03-27 02:03 - 2021-03-27 02:07 - 000003548 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-27 02:03 - 2021-03-27 02:07 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-03-27 02:03 - 2021-03-27 02:06 - 000003540 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-03-27 02:03 - 2021-03-27 02:06 - 000003324 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-27 02:03 - 2021-03-27 02:06 - 000002598 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-03-27 02:03 - 2021-03-27 02:05 - 000003316 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-03-27 02:03 - 2021-03-27 02:05 - 000002978 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-03-27 02:03 - 2021-03-27 02:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\CyberLink
2021-03-27 01:52 - 2021-04-13 00:38 - 000000000 ____D C:\Users\ALBERTO
2021-03-27 01:52 - 2021-04-12 22:31 - 000002410 _____ C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Reciente
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Plantillas
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Mis documentos
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Menú Inicio
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Impresoras
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Entorno de red
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Documents\Mis vídeos
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Documents\Mis imágenes
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Documents\Mi música
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Datos de programa
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\Configuración local
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Local\Historial
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Local\Datos de programa
2021-03-27 01:52 - 2021-03-27 01:52 - 000000000 _SHDL C:\Users\ALBERTO\AppData\Local\Archivos temporales de Internet
2021-03-27 01:50 - 2018-09-06 03:02 - 000146304 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-03-27 01:50 - 2018-09-06 03:02 - 000121216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2021-03-27 01:44 - 2021-04-20 22:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-27 01:44 - 2021-04-20 00:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-27 01:44 - 2021-04-17 00:58 - 000637016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-27 01:36 - 2021-03-27 01:43 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-03-27 01:30 - 2021-03-27 01:35 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-03-27 01:30 - 2021-03-27 01:30 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-03-27 01:25 - 2021-03-27 01:25 - 000000000 ____D C:\ProgramData\ssh
2021-03-27 01:14 - 2021-03-27 01:14 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-27 01:14 - 2021-03-27 01:14 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-03-27 01:14 - 2021-03-27 01:14 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-03-27 01:14 - 2021-03-27 01:14 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-03-27 01:14 - 2021-03-27 01:14 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-03-27 01:14 - 2021-03-27 01:14 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-03-27 01:14 - 2021-03-27 01:14 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-03-27 01:14 - 2021-03-27 01:14 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-03-27 01:14 - 2021-03-27 01:14 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-03-27 01:14 - 2021-03-27 01:14 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-03-27 01:14 - 2021-03-27 01:14 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-03-27 01:13 - 2021-03-27 01:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-27 01:13 - 2021-03-27 01:13 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-03-27 01:13 - 2021-03-27 01:13 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-03-27 01:13 - 2021-03-27 01:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-03-27 01:13 - 2021-03-27 01:13 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-03-27 01:13 - 2021-03-27 01:13 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-03-27 01:13 - 2021-03-27 01:13 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-03-27 01:13 - 2021-03-27 01:13 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-03-27 01:13 - 2021-03-27 01:13 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-03-27 01:13 - 2021-03-27 01:13 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-03-27 01:13 - 2021-03-27 01:13 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-27 01:12 - 2021-03-27 01:12 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-03-27 01:12 - 2021-03-27 01:12 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-03-27 01:12 - 2021-03-27 01:12 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-03-27 01:12 - 2021-03-27 01:12 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-03-27 01:12 - 2021-03-27 01:12 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-03-27 01:12 - 2021-03-27 01:12 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-03-27 01:12 - 2021-03-27 01:12 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-27 01:11 - 2021-03-27 01:11 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-03-27 01:11 - 2021-03-27 01:11 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-03-27 01:11 - 2021-03-27 01:11 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-03-27 01:11 - 2021-03-27 01:11 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-03-27 01:11 - 2021-03-27 01:11 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-03-27 01:11 - 2021-03-27 01:11 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-03-27 01:10 - 2021-03-27 01:10 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-03-27 01:10 - 2021-03-27 01:10 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-27 01:10 - 2021-03-27 01:10 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-03-27 01:10 - 2021-03-27 01:10 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-03-27 01:10 - 2021-03-27 01:10 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-03-27 01:10 - 2021-03-27 01:10 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-03-27 01:10 - 2021-03-27 01:10 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-03-27 01:10 - 2021-03-27 01:10 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-03-27 01:10 - 2021-03-27 01:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-03-27 01:10 - 2021-03-27 01:10 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-03-27 01:10 - 2021-03-27 01:10 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-03-27 01:09 - 2021-03-27 01:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-03-27 01:09 - 2021-03-27 01:09 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-27 01:09 - 2021-03-27 01:09 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-03-27 01:09 - 2021-03-27 01:09 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-03-27 01:08 - 2021-03-27 01:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-03-27 01:08 - 2021-03-27 01:08 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-03-27 01:08 - 2021-03-27 01:08 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-03-27 01:08 - 2021-03-27 01:08 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-03-27 01:08 - 2021-03-27 01:08 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-03-27 00:46 - 2021-03-27 00:46 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-03-27 00:46 - 2021-03-27 00:46 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files\MSBuild
2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-27 00:31 - 2021-03-27 00:31 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-23 01:20 - 2021-04-08 05:16 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-23 00:56 - 2021-03-23 00:56 - 000000000 ___HD C:\$WinREAgent
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2021-04-20 23:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-20 22:23 - 2021-01-25 14:45 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-20 22:23 - 2021-01-25 14:45 - 000002211 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-20 16:52 - 2021-01-25 16:33 - 000000000 ____D C:\Program Files\CCleaner
2021-04-20 16:48 - 2016-11-28 20:00 - 000000000 __SHD C:\Users\ALBERTO\IntelGraphicsProfiles
2021-04-20 00:17 - 2019-12-07 16:55 - 000789518 _____ C:\WINDOWS\system32\perfh00A.dat
2021-04-20 00:17 - 2019-12-07 16:55 - 000155870 _____ C:\WINDOWS\system32\perfc00A.dat
2021-04-20 00:17 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-20 00:10 - 2020-03-20 19:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-20 00:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-20 00:08 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-19 23:47 - 2020-01-12 14:54 - 000000249 _____ C:\DelFix.txt
2021-04-19 19:31 - 2017-12-29 15:53 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Telegram Desktop
2021-04-18 18:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-17 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-17 00:57 - 2020-01-11 15:17 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\ESET
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-17 00:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 23:13 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-04-16 23:13 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 22:20 - 2016-12-13 21:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 22:19 - 2020-06-15 16:03 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-16 22:12 - 2018-01-03 20:09 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-16 22:10 - 2016-11-29 00:40 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-16 22:07 - 2015-07-10 13:04 - 000000167 _____ C:\WINDOWS\win.ini
2021-04-15 18:11 - 2017-04-06 23:30 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-04-15 17:43 - 2018-03-28 20:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-12 22:31 - 2016-11-28 20:03 - 000000000 ___RD C:\Users\ALBERTO\OneDrive
2021-04-11 14:48 - 2021-01-25 16:39 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-10 19:23 - 2018-07-09 23:15 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\CrashDumps
2021-04-10 19:21 - 2021-01-25 16:33 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-04-10 15:50 - 2015-12-01 17:50 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-04-10 15:23 - 2020-04-12 00:05 - 000000000 ____D C:\Program Files\Common Files\AV
2021-04-09 23:34 - 2017-01-02 14:37 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-04-09 23:25 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-09 23:25 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-04-08 17:55 - 2020-11-16 19:11 - 000000678 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2614724653-299048476-2895592305-1001.job
2021-04-08 17:55 - 2020-11-16 19:11 - 000000582 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2614724653-299048476-2895592305-1001.job
2021-04-08 17:42 - 2020-11-16 19:11 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\GoToMeeting
2021-04-06 23:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-05 17:16 - 2016-11-28 20:01 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\Lenovo
2021-04-05 17:16 - 2015-12-01 17:52 - 000000000 ____D C:\Program Files\Lenovo
2021-04-05 17:16 - 2015-12-01 17:50 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-04-05 17:15 - 2020-03-12 20:15 - 000000000 ____D C:\WINDOWS\Lenovo
2021-04-05 17:15 - 2017-04-13 11:49 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Samsung
2021-04-05 17:15 - 2015-12-01 18:07 - 000000000 ____D C:\ProgramData\Lenovo
2021-04-04 20:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-02 20:23 - 2017-12-29 17:16 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\Packages
2021-04-02 13:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-01 22:14 - 2021-01-26 21:08 - 000000000 ____D C:\Users\ALBERTO\Desktop\VARIOS
2021-04-01 19:51 - 2017-04-13 11:45 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-04-01 19:51 - 2015-12-01 17:52 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-04-01 19:50 - 2017-04-13 11:45 - 000000000 ____D C:\ProgramData\Samsung
2021-03-30 22:18 - 2018-06-12 23:26 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\PlaceholderTileLogoFolder
2021-03-28 23:11 - 2019-12-07 16:56 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-03-27 13:09 - 2019-08-17 22:32 - 000000000 ____D C:\Users\ALBERTO\AppData\Local\PackageStaging
2021-03-27 06:35 - 2020-10-02 23:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-27 04:09 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-27 03:52 - 2018-07-02 23:23 - 000000000 ____D C:\ProgramData\Packages
2021-03-27 03:52 - 2015-07-16 17:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-03-27 03:51 - 2017-12-29 17:38 - 000000000 ___RD C:\Users\ALBERTO\3D Objects
2021-03-27 03:41 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-03-27 03:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-03-27 03:40 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-27 03:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-03-27 02:36 - 2016-12-30 14:46 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-03-27 01:57 - 2020-04-14 11:28 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-03-27 01:57 - 2019-04-23 22:06 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2021-03-27 01:57 - 2017-12-29 15:53 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2021-03-27 01:57 - 2017-11-23 22:52 - 000000000 ____D C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-27 01:50 - 2017-08-11 19:53 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2021-03-27 01:50 - 2017-08-11 19:52 - 000000000 ____D C:\Program Files\Elantech
2021-03-27 01:50 - 2017-08-11 19:52 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2021-03-27 01:43 - 2021-01-25 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-03-27 01:43 - 2020-11-20 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-03-27 01:43 - 2020-04-15 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.4
2021-03-27 01:43 - 2020-02-25 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoFirma
2021-03-27 01:43 - 2020-01-02 22:06 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2021-03-27 01:43 - 2020-01-02 22:00 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-03-27 01:43 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-03-27 01:43 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-27 01:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-27 01:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-27 01:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-03-27 01:43 - 2017-11-23 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-27 01:43 - 2017-08-11 19:53 - 000000000 ____D C:\Program Files\CONEXANT
2021-03-27 01:43 - 2017-08-11 19:52 - 000000000 ____D C:\Program Files\Intel
2021-03-27 01:43 - 2017-05-24 20:06 - 000000000 ____D C:\Program Files\UNP
2021-03-27 01:43 - 2016-12-12 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2021-03-27 01:43 - 2015-12-04 11:36 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2021-03-27 01:43 - 2015-12-04 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2021-03-27 01:43 - 2015-12-04 11:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-03-27 01:43 - 2015-12-01 18:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2021-03-27 01:42 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-03-27 01:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2021-03-27 01:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-03-27 01:36 - 2015-12-04 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2021-03-27 01:25 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-27 01:25 - 2019-12-07 16:57 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-03-27 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-27 01:23 - 2019-12-07 16:57 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-03-27 01:23 - 2019-12-07 16:57 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-03-27 00:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-03-27 00:44 - 2019-12-07 16:55 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-03-27 00:44 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-03-27 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-03-27 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
==================== Archivos en la raíz de algunos directorios ========
2018-10-30 15:02 - 2018-10-30 15:50 - 000004608 _____ () C:\Users\ALBERTO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================ADDITION
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 17-04-2021
Ejecutado por ALBERTO (20-04-2021 23:29:28)
Ejecutado desde C:\Users\ALBERTO\Desktop
Windows 10 Home Versión 20H2 19042.928 (X64) (2021-03-27 01:47:30)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-2614724653-299048476-2895592305-500 - Administrator - Disabled)
ALBERTO (S-1-5-21-2614724653-299048476-2895592305-1001 - Administrator - Enabled) => C:\Users\ALBERTO
DefaultAccount (S-1-5-21-2614724653-299048476-2895592305-503 - Limited - Disabled)
Invitado (S-1-5-21-2614724653-299048476-2895592305-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2614724653-299048476-2895592305-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.001.20149 - Adobe Systems Incorporated)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 120.4.4598 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.85 - Google LLC)
GoTo Opener (HKLM-x32\...\{C2A61D74-BB65-42AD-B81F-AC25E1F7DE02}) (Version: 1.0.536 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F1C8272B-5DAF-49BA-B694-A1D4747F6432}) (Version: 17.1.1530.1669 - Intel Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Manuales de usuario (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.77 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 4.4.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.2 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Servicio Lenovo Vantage (HKLM-x32\...\VantageSRV_is1) (Version: 3.3.115.0 - Lenovo Group Ltd.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{af70f8b2-e114-485d-9f21-da50d8571c40}) (Version: 20.10.0 - Intel Corporation)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
Telegram Desktop version 2.7.1 (HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.1 - Telegram FZ-LLC)
Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486745) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{4568DCFB-EF6A-4285-9276-6E97164E8719}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.)
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.585 - McAfee, LLC)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2021-01-24] (Autodesk Inc.)
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation)
Coolle VLLC Media Player for Windows 10 -> C:\Program Files\WindowsApps\37309CoolLeGetInc.CoolleVLCMediaPlayerforWindows10_1.0.16.0_neutral__g0y9d13zmhd68 [2021-02-10] (CoolLeGet Inc)
DS video -> C:\Program Files\WindowsApps\999289FE.DSvideo_1.5.69.0_x64__g23c5rrjyxaaj [2021-01-24] (Synology Inc.)
Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2021-01-24] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-11] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-24] (Microsoft Corporation) [MS Ad]
Portal de cuenta de Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2021-01-24] (LENOVO INCORPORATED.)
QR Code for Windows 10 -> C:\Program Files\WindowsApps\17036IYIA.QRCodeforWindows10_6.4.2.0_x64__dggz0n4pnn0ge [2021-03-26] (IYIA)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2021-01-24] (Twitter Inc.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-2614724653-299048476-2895592305-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\ALBERTO\AppData\Local\GoToMeeting\18962\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2614724653-299048476-2895592305-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\ALBERTO\Dropbox [2017-04-06 23:36]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxDTCM.dll [2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\ALBERTO\Desktop\CANALES MOVISTAR.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hkgpanfagbakkedomaocbfiibceknhlh
ShortcutWithArgument: C:\Users\ALBERTO\Desktop\CORREO AYUNTAMIENTO.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knofleilnncdcdkmghjgieheocegmnmk
ShortcutWithArgument: C:\Users\ALBERTO\Desktop\Instagram.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm
ShortcutWithArgument: C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\CANALES MOVISTAR.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hkgpanfagbakkedomaocbfiibceknhlh
ShortcutWithArgument: C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\CORREO AYUNTAMIENTO.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knofleilnncdcdkmghjgieheocegmnmk
ShortcutWithArgument: C:\Users\ALBERTO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Instagram.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=maonlnecdeecdljpahhnnlmhbmalehlm
==================== Módulos cargados (Lista blanca) =============
2015-07-22 11:44 - 2015-07-22 11:44 - 000285184 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-07-22 11:44 - 2015-07-22 11:44 - 000562688 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2021-02-13 00:03 - 2020-05-30 21:04 - 001638912 _____ (Robert Simpson, et al.) [Archivo no firmado] C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\x64\SQLite.Interop.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
==================== Asociación (Lista blanca) =================
==================== Internet Explorer (Lista blanca) ==========
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-2614724653-299048476-2895592305-1001 -> DefaultScope {03D7C72E-29E4-470C-839D-0068BF828710} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-10-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-11-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-20] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Ningún archivo
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2015-07-10 13:04 - 2021-04-20 00:03 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-2614724653-299048476-2895592305-1001\...\StartupApproved\Run: => "Discord"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [TCP Query User{D0D279AD-A1C8-443D-ABB9-FDBCE925AFFB}C:\program files (x86)\dropbox\client\dropbox.exe] => (Block) C:\program files (x86)\dropbox\client\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{197E2F6E-2E1E-423B-B988-575A68250809}C:\program files (x86)\dropbox\client\dropbox.exe] => (Block) C:\program files (x86)\dropbox\client\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{86F0C007-FACB-4A0D-8529-EDE85E72B625}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{2AE9FB55-8FDC-42A4-8793-3C4C8EE836A8}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7501771D-4842-4651-A92D-2C3F294A9779}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Puntos de Restauración =========================
16-04-2021 22:20:27 Instalador de Módulos de Windows
16-04-2021 22:29:32 Instalador de Módulos de Windows
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (04/20/2021 11:16:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: DoSnapshotSet
Error: (04/20/2021 11:11:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: DoSnapshotSet
Error: (04/20/2021 11:09:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: DoSnapshotSet
Error: (04/20/2021 10:56:17 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: DoSnapshotSet
Error: (04/20/2021 10:55:13 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.
Operación:
Recopilando datos del escritor
Contexto:
Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
Nombre del escritor: System Writer
Id. de instancia del escritor: {f49b64e5-018b-4409-bc60-d0a0dc94c8bf}
Error: (04/20/2021 12:01:28 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.
Operación:
Ejecutando operación asincrónica
Contexto:
Estado actual: DoSnapshotSet
Error: (04/20/2021 12:00:09 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.
Operación:
Recopilando datos del escritor
Contexto:
Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
Nombre del escritor: System Writer
Id. de instancia del escritor: {dad952ef-bac8-4471-a7a4-cd4a17bb0128}
Error: (04/18/2021 09:04:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: El optimizador de almacenamiento no pudo completar volver a optimizar en LENOVO (D:) debido a: El hardware del volumen no admite la operación solicitada. (0x8900002A)
Errores del sistema:
=============
Error: (04/20/2021 10:58:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Wondershare Driver Install Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (04/20/2021 10:58:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Wondershare Application Framework Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (04/20/2021 04:49:27 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-TCQ476TQ)
Description: El servidor Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (04/20/2021 12:12:12 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-TCQ476TQ)
Description: El servidor Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (04/20/2021 12:08:20 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.
Ruta de acceso del módulo: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (04/20/2021 12:08:20 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.
Ruta de acceso del módulo: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (04/20/2021 12:08:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.
Ruta de acceso del módulo: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (04/20/2021 12:01:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio McAfee WebAdvisor terminó inesperadamente. Esto se ha repetido 2 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.
Windows Defender:
================
Date: 2021-04-19 20:28:23
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {F4C81890-AD00-4442-8239-20A3A8F311C1}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-18 20:26:20
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {21328CCC-CCE0-491D-81F2-E291ED0D7C18}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-17 23:27:14
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {F864CAF1-DE6E-4E28-80E8-C7A01E4D9C9A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-17 23:21:19
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {3ED0635D-353E-47F2-A507-9F1448FF98AB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-16 23:20:39
Description:
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {C3CD2E37-4C8A-4C19-BDCF-091D0AEF1E04}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2021-04-16 22:13:56
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.335.996.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.18000.5
Código de error: 0x80070102
Descripción del error: Tiempo de espera de la operación de espera agotado.
Date: 2021-04-10 14:56:12
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.335.552.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.18000.5
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Date: 2021-04-10 14:46:02
Description:
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.
Date: 2021-04-09 23:36:45
Description:
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.313.1307.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80070643
Descripción del error: Error irrecuperable durante la instalación.
Date: 2021-04-09 23:36:43
Description:
Antivirus de Microsoft Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.18000.5
Versión de motor anterior: 1.1.16900.4
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x8050800c
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico.
CodeIntegrity:
===============
Date: 2021-04-12 23:24:23
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2021-04-09 23:00:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.21.2.50\symamsi.dll that did not meet the Microsoft signing level requirements.
==================== Información de la memoria ===========================
BIOS: LENOVO D5CN47WW 08/26/2016
Placa base: LENOVO Paris 5A8
Procesador: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Porcentaje de memoria en uso: 73%
RAM física total: 8051.91 MB
RAM física disponible: 2098.48 MB
Virtual total: 9331.91 MB
Virtual disponible: 2040.88 MB
==================== Unidades ================================
Drive c: (Windows) (Fixed) (Total:884.47 GB) (Free:734.89 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.06 GB) NTFS
\\?\Volume{58007887-c3ba-4e22-a863-8d1454dbc658}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS
\\?\Volume{59924cb7-279f-4c3c-98c6-8b935c2f4b32}\ (LENOVO_PART) (Fixed) (Total:19.82 GB) (Free:7.27 GB) NTFS
\\?\Volume{06b50945-63ac-47e8-84ea-7c35de092937}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DCF2148E)
Partition: GPT.
==================== Final de Addition.txt =======================Si, he seguido tus instrucciones tal cual me has indicado. El wondershare lo he podido eliminar completamente (aunque he tenido que usar el programa de desinstalación dos o tres veces para que se eliminase en la totalidad). Las extensiones también las he quitado correctamente. Gracias de nuevo por toda la ayuda que me estás prestando.
wondershare >> respecto este queda algún pequeño rastro. Ahora estoy generando un nuevo Script para eliminar este y algún otro que pequeño residuo que queda en el sistema de AVG y Norton 360. (En muy poco lo tengo).
Respecto las extensiones >> OK.
Salu2.
Hola de nuevo @forta
Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:
-
Reinicias el ordenador en Modo Normal.
-
Descargas DelFix en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.
-
Presionas en Run.
Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.
Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [X]
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [X]
AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Ningún archivo
Folder: C:\ProgramData\ssh
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
ENDLo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.
Finalmente (OJO, en MODO NORMAL):
-
Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).
-
Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.
-
Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.
-
Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.
Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:
Salu2.
Hola Marr0n, tengo una duda: cuando dices que ejecute el FRST.exe, indicas que “Presionas sobre Fix/Corregir y esperas a que finalice el proceso” Cuando abro me salen las opciones Analizar/Buscar Archivos/Buscar registros/Corregir. No entiendo lo de Fix. Debo dar a analizar y después corregir? Te lo pregunto porque no quiero cometer ningún error.