Problema Autol v3 script

Buenos días, ya he visto varios temas sobre este “virus” y quería quitarlo, no he visto nada que sea genérico para todos los sistemas u ordenadores, y como me acaban de actualizar a windows10 no tengo ni idea de qué puedo hacer sin empeorar la cosa. También he de decir que me sale de vez en cuando un recuadro que dice ERROR “SYSTEMINFO.EXE” (0xc0000005) espero que alguien me pueda ayudar a quitar eso y ya que estamos, si me podéis recomendar antimalware gratis bueno, antivirus y demás para poner el ordenador al día… ya lleva tiempo que se peta muchísmo, no es un ordenador nuevo pero tampoco creo que sea una patata…

Hola @Natalia_Soto [email protected] alForospyware

Vamos a ir por partes, primero desinfectaremos tu equipo.

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis personalizado, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Historial de detecciones encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
  • Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Lo primero, muchísimas gracias por la ayuda. Por ahora no sale entre las aplicaciones que inician con el arranque, vamos bien. Adjunto los reportes que me indicas

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-19-2020
# Duration: 00:00:07
# OS:       Windows 10 Pro
# Cleaned:  9
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\Natalia\AppData\Roaming\DRPSu

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted       HKCU\Software\csastats
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

***** [ Chromium (and derivatives) ] *****

Deleted       Chrome Cleaner Pro - ccjleegmemocfpghkhpjmiccjcacackp

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2309 octets] - [19/04/2020 12:53:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 19/4/20
Hora del análisis: 12:26
Archivo de registro: 3f2cd0b4-8228-11ea-9101-94de80de172d.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.875
Versión del paquete de actualización: 1.0.22658
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x86
Sistema de archivos: NTFS
Usuario: Natalia-PC\Natalia

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 212196
Amenazas detectadas: 63
Amenazas en cuarentena: 63
Tiempo transcurrido: 9 min, 25 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 14
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 241, 182757, , , , 
PUP.Optional.WinYahoo, HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, 241, 182757, 1.0.22658, , ame, 
PUP.Optional.SecuredSearch, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ilnidodcffjfecahcfiihlhiohnaobic, En cuarentena, 236, 678397, 1.0.22658, , ame, 
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, En cuarentena, 430, 476595, 1.0.22658, , ame, 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6C732323-AC43-45C0-ACB5-2ADF51F0CABE}, En cuarentena, 241, 308967, 1.0.22658, , ame, 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{6C732323-AC43-45C0-ACB5-2ADF51F0CABE}, En cuarentena, 241, 308968, , , , 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered cosom, En cuarentena, 241, 308968, 1.0.22658, , ame, 
PUP.Optional.DriverPack, HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\drp.su, En cuarentena, 618, 472299, 1.0.22658, , ame, 
PUP.Optional.InstallCore, HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\SOFTWARE\PRODUCTSETUP, En cuarentena, 494, 481004, 1.0.22658, , ame, 
PUP.Optional.InstallCore, HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\SOFTWARE\CSASTATS\ic, En cuarentena, 494, 586068, 1.0.22658, , ame, 
Malware.Generic.4008478678, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AutoKMS, En cuarentena, 1000000, 0, , , , 
Malware.Generic.4008478678, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DE827D21-2950-48A6-905B-A8C302991B3D}, En cuarentena, 1000000, 0, , , , 
Malware.Generic.4008478678, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\BOOT\{DE827D21-2950-48A6-905B-A8C302991B3D}, En cuarentena, 1000000, 0, , , , 
PUP.Optional.ChromeSearch.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, En cuarentena, 312, -1, 0.0.0, , action, 

Valor del registro: 6
PUP.Optional.WinYahoo, HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, 241, 182757, 1.0.22658, , ame, 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6C732323-AC43-45C0-ACB5-2ADF51F0CABE}|PATH, En cuarentena, 241, 308967, 1.0.22658, , ame, 
Trojan.Agent.AutoIt.Generic, HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|37C4D940, En cuarentena, 5580, 783345, 1.0.22658, , ame, 
PUP.Optional.InstallCore, HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\SOFTWARE\PRODUCTSETUP|TB, En cuarentena, 494, 481004, 1.0.22658, , ame, 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, 241, 182758, 1.0.22658, , ame, 
PUP.Optional.ChromeSearch.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderSearchURL, En cuarentena, 312, 475452, , , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 9
PUP.Optional.SecuredSearch, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\ILNIDODCFFJFECAHCFIIHLHIOHNAOBIC, En cuarentena, 236, 678397, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\15f1973\c6723c6, En cuarentena, 5580, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\15f1973, En cuarentena, 5580, 781623, 1.0.22658, , ame, 
PUP.Optional.SecuredSearch, C:\USERS\NATALIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 236, 551753, , , , 
PUP.Optional.SearchManager.BITSRST, C:\USERS\NATALIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 283, 626729, , , , 
PUP.Optional.SearchManager.BITSRST, C:\USERS\NATALIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 283, 626729, , , , 
PUP.Optional.SearchManager.BITSRST, C:\USERS\NATALIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 283, 628563, , , , 
Adware.SearchEngineHijack, C:\USERS\NATALIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 404, 462944, , , , 
PUP.Optional.ChromeSearch.ChrPRST, C:\USERS\NATALIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 312, 475452, , , , 

Archivo: 34
PUP.Optional.SecuredSearch, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 236, 678397, , , , 
PUP.Optional.SecuredSearch, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, 236, 678397, , , , 
PUP.Optional.SearchManager, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 430, 476595, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\15F1973\AGBBDHI.EXE, En cuarentena, 5580, 783345, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\15F1973\D8344CC.AU3, En cuarentena, 5580, 783345, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\15f1973\c6723c6\19-04-2020.log, En cuarentena, 5580, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\15f1973\c6723c6\61986c5, En cuarentena, 5580, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\15f1973\pe.bin, En cuarentena, 5580, 781623, , , , 
PUP.Optional.SecuredSearch.Generic, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\ILNIDODCFFJFECAHCFIIHLHIOHNAOBIC\10.1.4.53_0\MANIFEST.JSON, En cuarentena, 15225, 443103, 1.0.22658, , ame, 
PUP.Optional.SearchManager.BITSRST, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\ILNIDODCFFJFECAHCFIIHLHIOHNAOBIC\10.1.4.53_0\RESPONSECONFIG.JSON, En cuarentena, 283, 626727, 1.0.22658, , ame, 
Malware.Generic.4008478678, C:\WINDOWS\SYSTEM32\TASKS\AutoKMS, En cuarentena, 1000000, 0, , , , 
Malware.Generic.4008478678, C:\WINDOWS\AUTOKMS\AUTOKMS.EXE, En cuarentena, 1000000, 0, 1.0.22658, 66BC27791016A779EEEC87D6, dds, 00683043
PUP.Optional.SecuredSearch, C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 236, 551753, , , , 
PUP.Optional.SecuredSearch, C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000448.ldb, En cuarentena, 236, 551753, , , , 
PUP.Optional.SecuredSearch, C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000450.log, En cuarentena, 236, 551753, , , , 
PUP.Optional.SecuredSearch, C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000451.ldb, En cuarentena, 236, 551753, , , , 
PUP.Optional.SecuredSearch, C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 236, 551753, , , , 
PUP.Optional.SecuredSearch, C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 236, 551753, , , , 
PUP.Optional.SecuredSearch, C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 236, 551753, , , , 
PUP.Optional.SecuredSearch, C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 236, 551753, , , , 
PUP.Optional.SecuredSearch, C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 236, 551753, , , , 
PUP.Optional.SecuredSearch, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 236, 551753, 1.0.22658, , ame, 
PUP.Optional.SearchManager.BITSRST, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 283, 626729, , , , 
PUP.Optional.SearchManager.BITSRST, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 283, 626729, 1.0.22658, , ame, 
PUP.Optional.SearchManager.BITSRST, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 283, 626729, 1.0.22658, , ame, 
PUP.Optional.SearchManager.BITSRST, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 283, 628563, 1.0.22658, , ame, 
Adware.SearchEngineHijack, C:\USERS\LUJÁN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 404, 462944, 1.0.22658, , ame, 
PUP.Optional.ChromeSearch.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, En cuarentena, 312, 475452, , , , 
PUP.Optional.ChromeSearch.ChrPRST, C:\USERS\NATALIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 312, 475452, 1.0.22658, , ame, 
PUP.Optional.ChromeSearch.ChrPRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, En cuarentena, 312, -1, 0.0.0, , action, 
PUP.Optional.ChromeSearch.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, En cuarentena, 312, -1, 0.0.0, , action, 
PUP.Optional.ChromeSearch.ChrPRST, C:\USERS\NATALIA\NTUSER.POL, En cuarentena, 312, -1, 0.0.0, , action, 
PUP.Optional.ChromeSearch.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\USER\REGISTRY.POL, En cuarentena, 312, -1, 0.0.0, , action, 
PUP.Optional.ChromeSearch.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, En cuarentena, 312, -1, 0.0.0, , action, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola

Malwarebytes ya lo ha eliminado.

Cómo funciona tu equipo, ha vuelto a saltar el error?

Un saludo

Bueno, he reiniciado y ya no sale eso en aplicaciones de inicio, y el error de SYSTEM no ha vuelto a salir. Va un poco lento, pero ya digo que puede ser porque ya tiene sus añitos… Muchas gracias por la ayuda.

Hola

Vamos a realizar una revisión un poco más profunda a ver si se podemos limpiar para que vaya un poco más rápido.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. :arrow_right: Como saber si Mi Windows es de 32 o 64 Bits ?.

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo


Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x86) Versión: 19-04-2020
Ejecutado por Natalia (19-04-2020 17:39:26)
Ejecutado desde C:\Users\Natalia\Desktop
Microsoft Windows 10 Pro Versión 1909 18363.778 (X86) (2020-01-14 14:13:32)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1184010905-2189604530-3785007993-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1184010905-2189604530-3785007993-503 - Limited - Disabled)
Invitado (S-1-5-21-1184010905-2189604530-3785007993-501 - Limited - Disabled)
Natalia (S-1-5-21-1184010905-2189604530-3785007993-1000 - Administrator - Enabled) => C:\Users\Natalia
WDAGUtilityAccount (S-1-5-21-1184010905-2189604530-3785007993-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: adaware antivirus (Enabled - Up to date) {3AF56CA3-CA5A-215C-108D-CECA729D293A}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: adaware antivirus (Enabled - Up to date) {81948D47-EC60-2ED2-2A3D-F5B8091A6387}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AdAwareInstaller (HKLM\...\{DAA408D4-E8E1-456A-9C31-7D6815D6765A}) (Version: 12.7.1055.0 - adaware) Hidden
AdAwareUpdater (HKLM\...\{D4A8C163-D4DB-4EA8-AC7B-BB3D99D7151E}) (Version: 12.7.1055.0 - adaware) Hidden
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.363 - Adobe)
AntimalwareEngine (HKLM\...\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}) (Version: 3.0.160.0 - adaware) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 80.1.3901.162 - Los creadores de Avast Secure Browser)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.1 - Seiko Epson Corporation)
Epson Event Manager (HKLM\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation)
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.9.5 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EVEREST Ultimate Edition v5.01 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.01 - Lavalys, Inc.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
FormatFactory 3.9.5.0 (HKLM\...\FormatFactory) (Version: 3.9.5.0 - Free Time)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 81.0.4044.113 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Java 8 Update 241 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEE versión 1.1.77 (HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\{646C7F16-BCD0-4776-8AE4-60263C871F13}_is1) (Version: 1.1.77 - Macmillan Education)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\Teams) (Version: 1.3.00.4461 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Music Recorder (HKLM\...\{F3949798-3544-433B-B5AB-A61F32F0386F}) (Version: 18.001.2 - Nero AG) Hidden
MyEpson Portal (HKLM\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
Navio 1.7.2763 (HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\{5C81CD19-C628-4948-A0E0-EDA231A646DC}_is1) (Version: 1.7.2763 - Macmillan)
Nero 2018 (HKLM\...\{34E116FD-CA2D-41A9-9EFF-DD7AD4552417}) (Version: 19.0.07000 - Nero AG)
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 19.0.0001 - Nero AG)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{E637E0EF-6EB3-44C4-97B8-6F9EA444D648}) (Version: 4.1.5 - dotPDN LLC)
Prerequisite installer (HKLM\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0003 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-09] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.35.2.0_x86__kgqvnymyfvs32 [2020-04-17] (king.com)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation)
Extensión de vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x86__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x86__8wekyb3d8bbwe [2020-04-17] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x86__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Natalia\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x86\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Natalia\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x86\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2017-10-21] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.7.1055.0\AdAwareShellExtension.dll [2019-11-14] (Adaware Software -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.7.1055.0\AdAwareShellExtension.dll [2019-11-14] (Adaware Software -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2017-10-21] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.I420] => C:\WINDOWS\system32\lvcodec2.dll [416280 2007-10-12] (Logitech Inc -> Logitech Inc.)

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Módulos cargados (Lista blanca) =============

2017-11-18 12:01 - 2016-10-04 17:12 - 000049664 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2017-11-18 13:26 - 2012-11-12 16:15 - 000476027 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enppmon.dll
2017-11-18 13:26 - 2012-10-22 18:19 - 000218112 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\WINDOWS\System32\enpres.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7945 más sitios.

IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\123simsen.com -> www.123simsen.com

Hay 7945 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 04:04 - 2020-04-14 15:42 - 000454874 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Hay 15614 más lineas.


==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{C46AB3E7-F0CA-482B-AD2C-ECC08B01A88B}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{E6A9D4B6-D7DE-4A77-A98A-18B70E5986AE}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{031FAD6F-FCFC-4232-A1BE-75EF22A624C8}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{79DCE542-9424-468D-B804-8802941CCC35}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero BackItup\NBService.exe (Nero AG -> Nero AG)
FirewallRules: [{08BF4C4B-960B-4BCA-8B14-FD56EEF860DD}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero BackItup\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{A0C32C60-05A2-4540-846A-D36CCBFFC719}] => (Allow) C:\Program Files\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{0B0444C6-6CED-456A-9621-D05E17E0E256}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{FDA45234-8204-47E1-AA9A-326E7E2CEAEA}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{F08F48C9-5A79-4B78-BDD6-5B64220B9E7F}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7F3B3E7A-2B64-488D-8FC1-9B2FC6390550}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{DD49FDF4-D990-4DAE-A5C4-93A590083397}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{A2A41BC1-F682-4A27-9310-509AAC7EB433}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{9C05A94E-F509-4DF1-B653-B15D18A0BCEB}] => (Allow) C:\Users\Natalia\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D116C1BF-433C-4E70-B063-CD4028EA4ADC}] => (Allow) C:\Users\Natalia\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4330B145-BF12-4D24-AABF-AC37C367EB33}] => (Allow) C:\Users\Natalia\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CF00081C-A0FD-4568-BEC0-BF85DAB90F6E}] => (Allow) C:\Users\Natalia\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4BAD7DA6-FAF1-44D2-ABD0-FB2E06016E23}] => (Allow) C:\Users\Natalia\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EE318AAF-E1A0-4385-8E42-ECB9C6B8EB89}] => (Allow) C:\Users\Natalia\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{91D8A992-65C3-4D96-A58F-3A146C7B0A1F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C71ED884-67CF-44BA-90C6-8E3099650B1F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9019EC3B-A2FE-4613-A343-3DFBDF82B490}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D6429177-2BAD-48ED-A7E3-879F11FD952C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1DBBFC7-E5DA-45BF-814C-3A46806E05B2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9E4D17F1-A1AA-4FE2-9645-BCDF5790EAB9}] => (Allow) LPort=53
FirewallRules: [{EE9BA0A1-8760-463D-971D-BE14F85058AA}] => (Allow) LPort=1542
FirewallRules: [{4D892032-A29A-4144-B2BF-C7D5F5BF52BF}] => (Allow) LPort=1542
FirewallRules: [{9B770709-2102-467C-9669-19055355D273}] => (Allow) C:\Users\Natalia\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{925409CD-0716-4D4C-886C-F61DDE1CAFEF}C:\users\natalia\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\natalia\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F22AE4CC-F698-426B-AD24-A56363D929B1}C:\users\natalia\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\natalia\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A38DEA0-04F5-41C6-B05E-C9B7EFD2FC11}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0B22CE17-D2BE-4729-A0D2-6BED6E13F575}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Puntos de Restauración =========================

30-03-2020 19:08:44 Punto de control programado
08-04-2020 21:28:12 Punto de control programado
09-04-2020 21:47:38 Instalador de Módulos de Windows
14-04-2020 15:13:10 AA11

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Intel(R) Management Engine Interface 
Description: Intel(R) Management Engine Interface 
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEI
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/19/2020 05:38:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6760,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/19/2020 05:19:44 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (04/19/2020 05:08:52 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (04/19/2020 04:24:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4260,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/19/2020 04:19:45 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (04/19/2020 04:19:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4260,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/19/2020 04:07:08 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (04/19/2020 04:06:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mepService.exe, versión: 1.0.3.3, marca de tiempo: 0x5953543d
Nombre del módulo con errores: mepService.exe, versión: 1.0.3.3, marca de tiempo: 0x5953543d
Código de excepción: 0xc000000d
Desplazamiento de errores: 0x0006deab
Identificador del proceso con errores: 0xb10
Hora de inicio de la aplicación con errores: 0x01d61653ae593672
Ruta de acceso de la aplicación con errores: C:\Program Files\EPSON\MyEpson Portal\mepService.exe
Ruta de acceso del módulo con errores: C:\Program Files\EPSON\MyEpson Portal\mepService.exe
Identificador del informe: fb5e4155-84a5-49e8-9a92-201abc03b3c6
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (04/19/2020 05:31:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Spybot-S&D 2 Updating Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (04/19/2020 05:31:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Spybot-S&D 2 Scanner Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (04/19/2020 05:31:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Spybot-S&D 2 Security Center Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (04/19/2020 05:31:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Seguridad de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.

Error: (04/19/2020 04:06:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio MyEpson Portal Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/19/2020 04:06:07 PM) (Source: MEI) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00004191, FWSTS1: 0x163B2100).

Error: (04/19/2020 04:05:51 PM) (Source: MEI) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00004191, FWSTS1: 0x163B2100).

Error: (04/19/2020 04:05:35 PM) (Source: MEI) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00004191, FWSTS1: 0x163B2100).


Windows Defender:
===================================
Date: 2020-04-19 12:47:00.065
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.285.74.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.15600.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

CodeIntegrity:
===================================

Date: 2020-04-19 17:42:26.812
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 17:42:25.452
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 17:42:15.175
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 17:41:34.016
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 17:40:42.860
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 17:40:41.441
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 17:40:40.021
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 17:40:39.680
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F4 08/14/2013
Placa base: Gigabyte Technology Co., Ltd. H81M-S2PV
Procesador: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Porcentaje de memoria en uso: 86%
RAM física total: 3481.25 MB
RAM física disponible: 475.54 MB
Virtual total: 7065.25 MB
Virtual disponible: 1883.07 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:930.96 GB) (Free:732.32 GB) NTFS
Drive e: () (RAMDisk) (Total:930.96 GB) (Free:732.29 GB) NTFS

\\?\Volume{674183c3-01d8-11e7-b9ce-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{0adae19e-0000-0000-0000-d0c3e8000000}\ () (Fixed) (Total:0.45 GB) (Free:0.08 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0ADAE19E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=462 MB) - (Type=27)

==================== Final  Addition.txt =======================

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x86) Versión: 19-04-2020
Ejecutado por Natalia (administrador) sobre NATALIA-PC (Gigabyte Technology Co., Ltd. H81M-S2PV) (19-04-2020 17:35:17)
Ejecutado desde C:\Users\Natalia\Desktop
Perfiles cargados: Natalia (Perfiles disponibles: Natalia)
Platform: Microsoft Windows 10 Pro Versión 1909 18363.778 (X86) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adaware Software -> ) C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.7.1055.0\AdAwareService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x86__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20022.11011.0_x86__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Nero AG -> Nero AG) C:\Program Files\Nero\Nero 2018\Nero BackItUp\NBService.exe
(Nero AG -> Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [238392 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\...\Policies\Explorer: [TaskbarNoThumbnail] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\80.1.3901.162\Installer\chrmstp.exe [2020-04-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\81.0.4044.113\Installer\chrmstp.exe [2020-04-17] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
BootExecute: autocheck autochk * sdnclean.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {02ED8DED-9B06-4DA8-A092-853326DDEADA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C668EAC-5414-460D-A494-0619F95894F9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0FAF0820-8058-4716-B473-306E0B93512D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1410152 2020-03-01] (Avast Software s.r.o. -> Avast Software)
Task: {129B5B60-4923-4396-B4CB-BFBDF3272CE7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {14ECC25F-7A0B-4F5F-808B-EC10703386D3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-04-02] (Avast Software s.r.o. -> AVAST Software)
Task: {152C9375-030C-4745-BEA5-D1DB1D800424} - System32\Tasks\EPSON XP-412 413 415 Series Update {FEDE25E2-CF5B-4458-B73C-AEB8C85B5548} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {15CEE6C8-7457-4635-8972-6D185C8D563A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {15F80C53-7F34-4D63-B487-7E6A1427BE88} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {1EF6B10B-5926-4168-A1F3-FED7F93317FA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2419CE49-94AC-4C83-8254-388BC67B244D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {29D97A34-8454-4F8E-A218-B3587E2D61E9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2E07A80E-A30F-49BA-8F35-C1792F2E4D5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3074CC9F-89F0-4829-960D-C31410575B6A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [281720 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3354B018-B070-4B6A-B8FB-0F2C8AB73EAE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {34548A87-09CF-46BD-873E-995A4C233FD3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {3B02685A-3A45-4F0E-9871-E95A3441EA40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-05] (Google Inc -> Google Inc.)
Task: {41D7B96C-08D5-4F7E-8216-7B3E30BC57A9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Natalia-PC-Natalia Natalia-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [448136 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {4963BE35-934C-438E-93D5-483EE9CBC5CA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {49F266EC-07FD-4C43-A205-8E7D57AF2AC2} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software s.r.o. -> AVAST Software)
Task: {51689A6C-DE86-4F19-8438-084E61FEAB3D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {57A5D0CC-EDCA-416B-838D-D1A384274D62} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {588D4DBD-E5D4-4477-9B4A-40A5AB7FA36C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {62DC8873-B3D2-4B2E-A930-8BBB3EDD0AE1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {65628259-B6D3-4BE9-8E60-40185CA21E09} - System32\Tasks\EPSON XP-412 413 415 Series Update {765E581D-FD8E-4728-BDD7-F63A636843D4} => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {65A96A71-4744-4723-B3B4-4733B6F84A3E} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {91EF1C72-D985-4A8C-8C2A-47A527972908} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {6A74F90B-B7DE-4ED5-807E-1F14B06B1905} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {FEDE25E2-CF5B-4458-B73C-AEB8C85B5548} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {6C407610-9C3E-4427-8F2D-66644EF26DD1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6CB0E4B4-2A47-4BDD-89EC-3205CB482574} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {71289494-FA50-4915-8B9B-AE57D2CBE4FB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73CF6BC3-4C67-42FF-9FF0-6AA279409E85} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {75737B78-368A-4342-9931-1175CB39F565} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {7B8C7EC5-CB8A-4DD9-BBBD-375EE766613D} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [6650744 2017-06-02] (Nero AG -> Nero AG)
Task: {8708D3B3-09D1-4FDE-8ACD-8C6AD53B540B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {881BC3B0-9E89-4B31-A433-A49FA73097A7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {9116D921-4525-4DBB-90C1-ED6204D5B7A0} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software s.r.o. -> AVAST Software)
Task: {92BD347A-15C2-4DB6-9191-3A05B830E62D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9A301C7C-7314-4CB5-9546-382360A613A1} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {765E581D-FD8E-4728-BDD7-F63A636843D4} => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {9D8DF233-1FC3-4499-9002-9480974B1C15} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9FB8B81C-8396-4AB2-A484-C9A113CEC97D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A97B20B1-55DA-4F6E-8F47-4EFA43E1DB5B} - System32\Tasks\EPSON XP-412 413 415 Series Update {91EF1C72-D985-4A8C-8C2A-47A527972908} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {AD95C946-1B40-423D-BCFD-763EFBB69947} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B67452B9-EB43-4680-A8AE-5E794A7F3F6F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe)
Task: {BCBF4DD1-1050-440C-8031-9C1E0EB838C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153752 2017-03-05] (Google Inc -> Google Inc.)
Task: {BE293E68-D19C-4B62-A48C-694DFC13213E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1064112 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C17E77FB-3D0C-4971-95EB-BCFBCE00C20D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C7852610-8EF3-4179-979A-23C2ABCEB4C0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C8B6A085-D28D-4688-A979-9C7EE8C19C96} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {90468C33-D2C1-46B4-AEEF-91E8ABB01E56} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {CB08274B-FB35-45B7-B389-7644766358AD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3196864 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
Task: {E33BFD78-E923-4FE2-8107-01DBB5106EE4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [281720 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4D6C160-C408-42D8-9048-015847A775A3} - System32\Tasks\EPSON XP-412 413 415 Series Update {90468C33-D2C1-46B4-AEEF-91E8ABB01E56} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {E687D97C-F0ED-48F7-A6A9-ABFC4C76C0A5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {EAFACD50-86EC-46B6-A800-89AF8417D0C6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F31C571E-ECE7-47AF-B2B2-264B85D2D84B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F4A9C941-F11E-4F49-BBBD-C5F0C809F6B1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-04-02] (Avast Software s.r.o. -> AVAST Software)
Task: {F4B9F4AC-0692-4E39-A369-1C867079DE16} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {F7A0FDEA-ABBF-46F9-AB08-FBD763C8D161} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-14] (Adobe Inc. -> Adobe)
Task: {F8CF76FC-5590-4B55-B997-246A509AC201} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\ Update {4D282891-86D9-43C2-9D04-C8ECB24B8896}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE:/EXE:{4D282891-86D9-43C2-9D04-C8ECB24B8896} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {765E581D-FD8E-4728-BDD7-F63A636843D4}.job => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {90468C33-D2C1-46B4-AEEF-91E8ABB01E56}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {91EF1C72-D985-4A8C-8C2A-47A527972908}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {FEDE25E2-CF5B-4458-B73C-AEB8C85B5548}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {765E581D-FD8E-4728-BDD7-F63A636843D4}.job => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE:/EXE:{765E581D-FD8E-4728-BDD7-F63A636843D4} /F:UpdateWORKGROUP\NATALIA-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {90468C33-D2C1-46B4-AEEF-91E8ABB01E56}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE:/EXE:{90468C33-D2C1-46B4-AEEF-91E8ABB01E56} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {91EF1C72-D985-4A8C-8C2A-47A527972908}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE:/EXE:{91EF1C72-D985-4A8C-8C2A-47A527972908} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {FEDE25E2-CF5B-4458-B73C-AEB8C85B5548}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE:/EXE:{FEDE25E2-CF5B-4458-B73C-AEB8C85B5548} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{654E8DDC-37BA-4350-83FA-F1810AD32276}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1184010905-2189604530-3785007993-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-02-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-18] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1184010905-2189604530-3785007993-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Natalia\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default [2020-04-19]
CHR DownloadDir: C:\Users\Natalia\Desktop\DESCARGAS
CHR Notifications: Default -> hxxps://forospyware.com; hxxps://teams.microsoft.com
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.google.es/"
CHR Extension: (Presentaciones) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Documentos) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-05]
CHR Extension: (YouTube) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-05]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-20]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-15]
CHR Extension: (Avast Online Security) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-04]
CHR Extension: (Player para ver Movistar+) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2020-01-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-17]
CHR Profile: C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-19]
CHR HKLM\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.7.1055.0\AdAwareService.exe [542896 2019-11-14] (Adaware Software -> )
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [4920736 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [367184 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\80.1.3901.162\elevation_service.exe [973760 2020-04-02] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57536 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [292848 2017-03-17] (Intel(R) pGFX -> Intel Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [310768 2017-03-17] (Intel(R) pGFX -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5547464 2020-04-19] (Malwarebytes Inc -> Malwarebytes)
S2 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [805752 2017-06-02] (Nero AG -> Nero AG)
R2 NeroBackItUpBackgroundService2018; C:\Program Files\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-09-12] (Nero AG -> Nero AG)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3828288 2020-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3379072 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [91560 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35752 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [175464 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [221968 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [167184 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58640 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211840 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41448 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148416 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95416 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73552 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [690232 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [395696 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [177000 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277648 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [165376 2019-10-07] (Microsoft Corporation) [Archivo no firmado]
R3 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [152784 2018-05-02] (Bitdefender SRL -> BitDefender LLC)
S3 LVUSBSta; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [41752 2007-10-12] (Logitech Inc -> Logitech Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2020-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MEI; C:\WINDOWS\System32\drivers\TeeDriverW8.sys [178336 2017-07-27] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 pepifilter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [13848 2007-10-12] (Logitech Inc -> Logitech Inc.)
S3 PID_PEPI; C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [1279000 2007-10-12] (Logitech Inc -> Logitech Inc.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [579872 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
R3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [378336 2018-05-02] (Bitdefender SRL -> BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38280 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [268768 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [47584 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-19 17:35 - 2020-04-19 17:36 - 000033334 _____ C:\Users\Natalia\Desktop\FRST.txt
2020-04-19 17:31 - 2020-04-19 17:31 - 002009600 _____ (Farbar) C:\Users\Natalia\Desktop\FRST (1).exe
2020-04-19 17:26 - 2020-04-19 17:36 - 000000000 ____D C:\FRST
2020-04-19 13:06 - 2020-04-19 13:06 - 000031766 _____ C:\WINDOWS\system32\cc_20200419_130627.reg
2020-04-19 13:05 - 2020-04-19 13:06 - 000448150 _____ C:\WINDOWS\system32\cc_20200419_130543.reg
2020-04-19 12:59 - 2020-04-19 12:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-19 12:59 - 2020-04-19 12:59 - 000002882 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-04-19 12:59 - 2020-04-19 12:59 - 000000998 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-19 12:59 - 2020-04-19 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-04-19 12:59 - 2020-04-19 12:59 - 000000000 ____D C:\Program Files\CCleaner
2020-04-19 12:51 - 2020-04-19 12:53 - 000000000 ____D C:\AdwCleaner
2020-04-19 12:21 - 2020-04-19 12:21 - 000000000 ____D C:\Users\Natalia\AppData\Local\mbamtray
2020-04-19 12:21 - 2020-04-19 12:21 - 000000000 ____D C:\Users\Natalia\AppData\Local\mbam
2020-04-19 12:20 - 2020-04-19 12:20 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-19 12:20 - 2020-04-19 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-19 12:19 - 2020-04-19 12:18 - 000129056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2020-04-19 12:19 - 2020-04-19 12:17 - 000017352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-19 10:47 - 2020-04-19 10:47 - 008196784 _____ (Malwarebytes) C:\Users\Natalia\Desktop\adwcleaner_8.0.4.exe
2020-04-18 21:55 - 2020-04-18 22:56 - 000000000 ____D C:\Users\Natalia\AppData\Local\Aula Virtual
2020-04-18 21:54 - 2020-04-18 21:55 - 000000000 ____D C:\Users\Natalia\aulavirtual
2020-04-18 21:54 - 2020-04-18 21:54 - 000001030 _____ C:\Users\Natalia\Desktop\Aula Virtual.lnk
2020-04-18 21:54 - 2020-04-18 21:54 - 000000000 ____D C:\Users\Natalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aula Virtual 3 - Santillana
2020-04-18 17:32 - 2020-04-18 17:32 - 000000000 ____D C:\ProgramData\Intel
2020-04-18 13:27 - 2020-04-18 13:27 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-04-17 11:11 - 2020-04-17 11:11 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 002536448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001616704 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001495864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000023552 _____ (Microsoft Corporation) 

C:\WINDOWS\system32\ias.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 007070736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002978816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002711864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 002234680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 002078096 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001659736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001473848 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001429312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001394544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-17 11:10 - 2020-04-17 11:10 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001247024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 001077424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000880952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000636696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000627000 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000607544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000587264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000526352 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-17 11:10 - 2020-04-17 11:10 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000397624 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000397624 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000392208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000374584 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000361784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000331064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-17 11:10 - 2020-04-17 11:10 - 000265528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000138768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000136504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000102248 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000043008 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000031544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000031248 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 004867944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 004755968 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 002760720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 002622976 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 002377216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 002058240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001541120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001539688 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001401344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001150464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 001139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000899688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000689680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000506232 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000402528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000393728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000325136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000235320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000134416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000105592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000096000 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000094976 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000072808 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000047416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000042792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-17 11:09 - 2020-04-17 11:09 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-16 16:14 - 2020-04-16 16:14 - 000014146 _____ C:\Users\Natalia\Desktop\PE1997.pdf
2020-04-16 09:24 - 2020-03-17 05:57 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-14 16:14 - 2020-04-14 16:14 - 000000365 _____ C:\WINDOWS\wininit.ini
2020-04-14 15:42 - 2020-04-14 15:39 - 000454874 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20200414-154204.backup
2020-04-14 15:39 - 2020-01-15 12:13 - 000450575 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20200414-153911.backup
2020-04-14 09:51 - 2020-04-14 09:51 - 261368817 _____ C:\Users\Natalia\Desktop\catalogo-2020.pdf
2020-04-05 10:02 - 2020-04-05 10:02 - 000001937 _____ C:\Users\Natalia\Desktop\Zoom.lnk
2020-04-04 12:58 - 2020-04-19 13:02 - 000000000 ____D C:\WINDOWS\Minidump
2020-04-03 10:53 - 2020-04-03 10:53 - 000000000 ____D C:\Users\Natalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-04-03 09:41 - 2020-04-19 13:02 - 000000000 ____D C:\Users\Natalia\AppData\Local\CrashDumps
2020-04-02 13:45 - 2020-04-02 13:45 - 000002378 _____ C:\Users\Natalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-04-02 13:45 - 2020-04-02 13:45 - 000002370 _____ C:\Users\Natalia\Desktop\Microsoft Teams.lnk
2020-04-02 13:45 - 2020-04-02 13:45 - 000000000 ____D C:\Users\Natalia\AppData\Roaming\Microsoft Teams
2020-04-02 13:44 - 2020-04-02 13:45 - 000000000 ____D C:\Users\Natalia\AppData\Local\SquirrelTemp
2020-04-01 10:44 - 2020-04-01 10:44 - 000000000 ____D C:\Users\Natalia\Documents\Zoom
2020-04-01 09:55 - 2020-04-03 10:53 - 000000000 ____D C:\Users\Natalia\AppData\Roaming\Zoom
2020-04-01 09:54 - 2007-10-12 02:00 - 000490008 _____ (Logitech Inc.) C:\WINDOWS\system32\LVUI2.dll
2020-04-01 09:54 - 2007-10-12 02:00 - 000465432 _____ (Logitech Inc.) C:\WINDOWS\system32\LVUI2RC.dll
2020-04-01 09:54 - 2007-10-12 01:57 - 000416280 _____ (Logitech Inc.) C:\WINDOWS\system32\lvcodec2.dll
2020-04-01 09:54 - 2007-10-12 01:56 - 001279000 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\LV302V32.SYS
2020-04-01 09:53 - 2020-04-01 09:53 - 000000000 ____D C:\Program Files\Common Files\logishrd
2020-04-01 09:53 - 2007-10-12 02:00 - 000041752 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\LVUSBSta.sys
2020-04-01 09:53 - 2007-10-12 01:57 - 000195096 _____ (Logitech Inc.) C:\WINDOWS\system32\lvci1150.dll
2020-04-01 09:53 - 2007-10-12 01:56 - 000013848 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lv302af.sys
2020-04-01 09:53 - 2007-10-12 01:18 - 000021138 _____ C:\WINDOWS\system32\Repository.reg
2020-04-01 09:53 - 2007-10-12 01:11 - 000059500 _____ C:\WINDOWS\system32\lvcoinst.ini
2020-03-31 16:16 - 2020-03-31 16:16 - 000000000 ____D C:\Users\Natalia\AppData\Local\OneDrive
2020-03-27 17:33 - 2020-04-19 17:36 - 000000000 ____D C:\Users\Natalia\Desktop\NATALIA
2020-03-20 11:47 - 2020-04-19 12:45 - 000000947 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {765E581D-FD8E-4728-BDD7-F63A636843D4}.job
2020-03-20 11:47 - 2020-04-19 12:45 - 000000761 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {765E581D-FD8E-4728-BDD7-F63A636843D4}.job
2020-03-20 11:47 - 2020-04-18 18:40 - 000003514 _____ C:\WINDOWS\system32\Tasks\EPSON XP-412 413 415 Series Update {765E581D-FD8E-4728-BDD7-F63A636843D4}
2020-03-20 11:47 - 2020-04-18 18:40 - 000003336 _____ C:\WINDOWS\system32\Tasks\EPSON XP-412 413 415 Series Invitation {765E581D-FD8E-4728-BDD7-F63A636843D4}

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-19 17:36 - 2020-01-14 10:38 - 000000000 ____D C:\Users\Natalia\Desktop\LUJÁN COLE
2020-04-19 17:36 - 2019-03-19 04:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-19 17:32 - 2020-01-15 12:09 - 000000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2020-04-19 17:31 - 2020-03-15 16:37 - 000000000 ____D C:\Users\Natalia\Desktop\DESCARGAS
2020-04-19 17:30 - 2020-01-14 17:39 - 000000000 ____D C:\Users\Natalia\AppData\Local\D3DSCache
2020-04-19 17:20 - 2020-01-14 15:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-19 16:06 - 2020-01-14 16:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-19 16:06 - 2017-03-06 09:42 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-04-19 16:06 - 2017-03-06 08:52 - 000000000 __SHD C:\Users\Natalia\IntelGraphicsProfiles
2020-04-19 16:04 - 2019-03-19 04:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-19 15:57 - 2019-03-19 04:44 - 000000000 ____D C:\WINDOWS\INF
2020-04-19 13:03 - 2017-03-06 12:05 - 000000000 ____D C:\Users\Natalia\AppData\Roaming\uTorrent
2020-04-19 13:02 - 2020-01-14 15:25 - 000000000 ___DC C:\WINDOWS\Panther
2020-04-19 12:58 - 2020-01-14 16:12 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-04-19 12:46 - 2017-12-07 11:20 - 000000282 __RSH C:\ProgramData\ntuser.pol
2020-04-19 12:45 - 2019-04-10 13:42 - 000000731 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {90468C33-D2C1-46B4-AEEF-91E8ABB01E56}.job
2020-04-19 12:45 - 2019-04-10 13:41 - 000000917 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {91EF1C72-D985-4A8C-8C2A-47A527972908}.job
2020-04-19 12:45 - 2019-04-10 13:41 - 000000917 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Update {90468C33-D2C1-46B4-AEEF-91E8ABB01E56}.job
2020-04-19 12:45 - 2019-04-10 13:41 - 000000731 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {91EF1C72-D985-4A8C-8C2A-47A527972908}.job
2020-04-19 12:45 - 2017-07-19 15:05 - 000000731 _____ C:\WINDOWS\Tasks\EPSON XP-412 413 415 Series Invitation {FEDE25E2-CF5B-4458-B73C-AEB8C85B5548}.job
2020-04-19 12:37 - 2020-01-14 16:04 - 000000000 ____D C:\Users\Natalia
2020-04-19 12:37 - 2017-03-06 00:45 - 000000000 ____D C:\WINDOWS\AutoKMS
2020-04-19 12:19 - 2019-03-19 04:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-19 12:18 - 2017-03-05 23:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-19 12:17 - 2017-06-27 19:25 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-19 10:49 - 2020-01-14 16:04 - 001930426 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-19 10:49 - 2019-03-19 09:13 - 000845438 _____ C:\WINDOWS\system32\perfh00A.dat
2020-04-19 10:49 - 2019-03-19 09:13 - 000182928 _____ C:\WINDOWS\system32\perfc00A.dat
2020-04-18 23:17 - 2019-04-06 20:43 - 000000000 ____D C:\Users\Natalia\AppData\Local\BitTorrentHelper
2020-04-18 23:14 - 2020-01-14 18:15 - 000000000 ____D C:\Users\Natalia\Desktop\LUCA COLE
2020-04-18 23:14 - 2020-01-14 16:14 - 000000000 ____D C:\Users\Natalia\AppData\Local\Packages
2020-04-18 18:40 - 2020-01-15 19:53 - 000004086 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for Natalia-PC-Natalia Natalia-PC
2020-04-18 18:40 - 2020-01-14 16:12 - 000003790 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-04-18 18:40 - 2020-01-14 16:12 - 000003538 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-18 18:40 - 2020-01-14 16:12 - 000003454 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-04-18 18:40 - 2020-01-14 16:12 - 000003414 _____ C:\WINDOWS\system32\Tasks\EPSON XP-412 413 415 Series Update {91EF1C72-D985-4A8C-8C2A-47A527972908}
2020-04-18 18:40 - 2020-01-14 16:12 - 000003414 _____ C:\WINDOWS\system32\Tasks\EPSON XP-412 413 415 Series Update {90468C33-D2C1-46B4-AEEF-91E8ABB01E56}
2020-04-18 18:40 - 2020-01-14 16:12 - 000003314 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-18 18:40 - 2020-01-14 16:12 - 000003228 _____ C:\WINDOWS\system32\Tasks\EPSON XP-412 413 415 Series Invitation {FEDE25E2-CF5B-4458-B73C-AEB8C85B5548}
2020-04-18 18:40 - 2020-01-14 16:12 - 000003228 _____ C:\WINDOWS\system32\Tasks\EPSON XP-412 413 415 Series Invitation {91EF1C72-D985-4A8C-8C2A-47A527972908}
2020-04-18 18:40 - 2020-01-14 16:12 - 000003228 _____ C:\WINDOWS\system32\Tasks\EPSON XP-412 413 415 Series Invitation {90468C33-D2C1-46B4-AEEF-91E8ABB01E56}
2020-04-18 18:40 - 2020-01-14 16:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-04-18 10:20 - 2020-01-14 15:58 - 000430736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-17 21:34 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-17 21:33 - 2019-03-19 09:15 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-17 21:33 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-17 21:33 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-17 21:33 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-17 21:33 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-04-17 21:33 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-17 11:18 - 2019-03-19 04:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-17 10:56 - 2019-03-19 04:46 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-17 10:56 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-16 19:21 - 2020-01-14 16:12 - 000003844 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-04-16 19:21 - 2020-01-14 16:12 - 000003260 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-04-16 19:21 - 2018-04-06 16:15 - 000002402 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-04-14 20:42 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-14 16:14 - 2020-01-15 12:09 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-04-14 15:49 - 2020-01-14 16:34 - 000000000 ____D C:\Users\Natalia\AppData\Local\Comms
2020-04-14 15:40 - 2019-03-29 14:51 - 000000000 ____D C:\Users\LUJÁN
2020-04-14 15:28 - 2020-01-14 16:30 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-04-14 15:27 - 2020-01-14 16:32 - 000000000 ___RD C:\Users\Natalia\OneDrive
2020-04-14 15:24 - 2019-11-22 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adaware
2020-04-12 19:11 - 2020-01-14 16:13 - 000000000 ____D C:\Users\Natalia\AppData\Local\ConnectedDevicesPlatform
2020-04-11 11:15 - 2020-01-14 16:31 - 000000000 ____D C:\Users\Natalia\AppData\Local\PlaceholderTileLogoFolder
2020-04-11 10:58 - 2020-01-14 16:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-04-10 21:20 - 2018-01-19 16:12 - 000000000 ____D C:\Users\Natalia\.fontconfig
2020-04-10 21:19 - 2018-01-19 16:10 - 000000016 _____ C:\ProgramData\mntemp
2020-04-04 20:09 - 2019-03-19 04:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-02 12:09 - 2020-01-14 18:15 - 000000000 ____D C:\Users\Natalia\Desktop\HACIENDA
2020-03-30 21:46 - 2019-10-24 07:52 - 000000000 ____D C:\Users\Natalia\Desktop\AMPA
2020-03-26 13:15 - 2020-01-14 10:46 - 000000000 ____D C:\Users\Natalia\Desktop\PICHU
2020-03-26 10:58 - 2017-03-05 23:19 - 000000000 ____D C:\ProgramData\AVAST Software

==================== Archivos en la raíz de algunos directorios ========

2018-06-13 14:54 - 2018-10-23 12:38 - 000000136 _____ () C:\Users\Natalia\AppData\Roaming\WB.CFG

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Creo que está todo, aunque no sé si habré hecho bien lo de CODE :frowning:

Hola

Pones los codes en la misma línea que los reportes, tienes que ponerlos antes y después del reporte, en diferentes renglones.


Descarga, instala y ejecuta Revo Uninstaller

  • Desinstala Adaware y Spybot. Elige el modo avanzado de desinstalación.

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación :warning: con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {62DC8873-B3D2-4B2E-A930-8BBB3EDD0AE1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {75737B78-368A-4342-9931-1175CB39F565} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C17E77FB-3D0C-4971-95EB-BCFBCE00C20D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-20]
CHR Extension: (Avast Online Security) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-17]
CHR HKLM\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
U3 idsvc; no ImagePath
2020-04-19 16:06 - 2017-03-06 09:42 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
C:\ProgramData\Intel\Wireless\15f1973

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX/Corregir y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Resultados de la corrección de Farbar Recovery Scan Tool (x86) Versión: 19-04-2020
Ejecutado por Natalia (20-04-2020 15:27:05) Run:1
Ejecutado desde C:\Users\Natalia\Desktop
Perfiles cargados: Natalia (Perfiles disponibles: Natalia)
Modo de Inicio: Normal

==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {62DC8873-B3D2-4B2E-A930-8BBB3EDD0AE1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {75737B78-368A-4342-9931-1175CB39F565} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C17E77FB-3D0C-4971-95EB-BCFBCE00C20D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-20]
CHR Extension: (Avast Online Security) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-17]
CHR HKLM\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
U3 idsvc; no ImagePath
2020-04-19 16:06 - 2017-03-06 09:42 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
C:\ProgramData\Intel\Wireless\15f1973

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SDTray" => no encontrado
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62DC8873-B3D2-4B2E-A930-8BBB3EDD0AE1} => no encontrado
"C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" => no encontrado
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => no encontrado
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75737B78-368A-4342-9931-1175CB39F565} => no encontrado
"C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" => no encontrado
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system => no encontrado
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C17E77FB-3D0C-4971-95EB-BCFBCE00C20D} => no encontrado
"C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" => no encontrado
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates => no encontrado
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-20] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Avast Online Security) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-03-04] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Chrome Media Router) - C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-17] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\SOFTWARE\Google\Chrome\Extensions\ccjleegmemocfpghkhpjmiccjcacackp => eliminado correctamente
HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => eliminado correctamente
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => eliminado correctamente
HKLM\System\CurrentControlSet\Services\idsvc => eliminado correctamente
idsvc => servicio eliminado correctamente
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => movido correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
"C:\ProgramData\Intel\Wireless\15f1973" => no encontrado
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1184010905-2189604530-3785007993-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1184010905-2189604530-3785007993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04192020230816790\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1184010905-2189604530-3785007993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04192020230816790\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1184010905-2189604530-3785007993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04192020230822212\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1184010905-2189604530-3785007993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04192020230822212\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : hitronhub.home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::5ce1:fbf7:365d:5a5c%6
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.19
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11665569 B
Java, Flash, Steam htmlcache => 357 B
Windows/system/drivers => 42579 B
Edge => 236426490 B
Chrome => 457375506 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 27218 B
NetworkService => 27218 B
Natalia => 40863852 B

RecycleBin => 18068979 B
EmptyTemp: => 739.4 MB datos temporales Eliminados.

================================


El sistema necesita reiniciarse.

==== Final  Fixlog 15:29:35 ====

Hola

Como es ahora el funcionamiento de tu equipo?

Un saludo

pues parece que bien, no ha dado ningún problema por ahora muchísimas gracias

1 me gusta

Hola @Natalia_Soto

Tienes instalado Avast, con ese antivirus y Malwarebytes tienes más que suficiente, lo principal es tener cuidado con las descargas que no sean de páginas oficiales y las visitas a web poco confiables.

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte :handshake:

Nos alegramos que se te haya resuelto :+1: Damos el tema por solucionado.

Solucionado

Un saludo

1 me gusta