Hola Los conozco hace mucho pero nunca me anime hacer una consulta , hoy me decidí ya que no encuentro solucion a una sospecha de malware , que des instale pero persiste en arranque de windows incluso se encuentra la carpeta en archivo de programa ,desearía que me puedan ayudar gracias!
Hola @lukitas.ju
Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:
1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.
- Realiza un Análisis personalizado, actualizando si te lo pide.
- Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
- En el apartado del manual Historial de detecciones encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.
2) Descarga AdwCleaner | InfoSpyware en el escritorio.
- Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
- Cierra también todos los programas que tengas abiertos.
- Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
- Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
- Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
- Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
- El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt
3) Descarga CCleaner
- Instala Ccleaner
- Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
- Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
- Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.
Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.
¿Cómo pegar reportes en el foro?
Un saludo
hola @Daniela
Gracias por la pronta respuesta , no pude realizar el primer paso , osea la instalación de malwarebytes.
Con respecto a lo demás genial, a continuación adhiero el reporte de AdwCleaner , tu me dime como seguimos. Muchas gracias
Hola
No has adjuntado el reporte de AdwCleaner, pon lo en tu siguiente respuesta.
Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus
Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.
- Ejecuta FRST.exe.
- En el mensaje de la ventana del Disclaimer, pulsamos Yes
- En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
- Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Pon los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Un saludo
oh si disculpas aqui esta el reporte de AdwCleaner
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-31-2020
# Duration: 00:00:09
# OS: Windows 8.1 Single Language
# Cleaned: 16
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\karinasoule\AppData\Roaming\AdvertismentImages
***** [ Files ] *****
Deleted C:\appverifier.txt
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\csastats
Deleted HKLM\Software\AppApcVerifier
Deleted HKLM\Software\Wow6432Node\0d79c293c1ed61418462e24595c90d04
Deleted HKLM\Software\pcv-var
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}
Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|WebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WebStorage
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2836 octets] - [31/03/2020 03:52:02]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Frst.txt 1/2
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 29-03-2020
Ejecutado por karinasoule (administrador) sobre KARINA (ASUSTeK COMPUTER INC. X555LD) (31-03-2020 06:13:48)
Ejecutado desde C:\Users\karinasoule\Downloads\HERRAMIENTAS SISTEMAS\Farbar Recovery Scan Tool
Perfiles cargados: karinasoule (Perfiles disponibles: karinasoule)
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Beijing Qihu Technology Co., Ltd. -> QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(QIHU 360 SOFTWARE CO. LIMITED -> QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(StarWind Software) [Archivo no firmado] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804432 2015-11-17] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2019-11-07] (QIHU 360 SOFTWARE CO. LIMITED -> QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [172032 2019-05-14] (Voobly) [Archivo no firmado]
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\RunOnce: [Uninstall C:\Users\karinasoule\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\karinasoule\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {0942c77c-3cb6-11ea-8314-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {49d94b7a-63a8-11e9-8306-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {4a5059b9-96d8-11e8-82db-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {638f44c1-ff26-11e9-8310-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {638f44ec-ff26-11e9-8310-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {9fda9afc-8826-11e7-82c1-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {a37eebd9-4c43-11ea-8316-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {a77c2ae8-8096-11e9-8309-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {b68ec375-c5e9-11e9-830c-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {b875699b-df25-11e8-82e8-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {bfedff3c-a943-11e8-82dd-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {bfedff71-a943-11e8-82dd-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {d90beffc-e180-11e9-830e-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {ef399161-3f87-11ea-8316-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {ef399178-3f87-11ea-8316-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {f70fe6e5-628b-11e8-82d5-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\Users\karinasoule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2019-11-19]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\karinasoule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2020-03-23]
ShortcutTarget: GameRanger.lnk -> C:\Users\karinasoule\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {043BA045-F9EA-4A74-8983-A5FCBD7D1C1E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0D22ADEA-6C19-418F-8702-AF15AE88D2D9} - System32\Tasks\{75ED5981-67CE-4E41-859C-C5B0085DEEC2} => C:\Windows\system32\pcalua.exe -a "C:\Users\karinasoule\AppData\Roaming\Movavi Video Editor 15\uninst.exe"
Task: {1613E0BD-F06A-4242-8471-2C75B4F74431} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-17] (Google Inc -> Google Inc.)
Task: {1C99084C-F76A-4F47-B2DA-E98B0108BC25} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24707448 2020-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {256B86C1-8E55-4D76-BA0A-EA01E6E33F94} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-17] (Google Inc -> Google Inc.)
Task: {562D1D55-7FDD-4DFE-97B2-5C7F256CD5A0} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {7F310F0B-A705-4691-8561-98C86AA37A99} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24707448 2020-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {936CEEE3-513A-4978-933C-741DBB42FD94} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {9896911F-C948-4F81-96F2-2C8BB049DC56} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {99BD4E95-C07C-44C1-829C-566DC301BAA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CDE08FD-0CB4-406E-812B-2B23336D19FF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A6D32B1A-126D-462D-8B52-53F103FD3F38} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {B86B4635-4ACC-4D3B-95B3-77D365EBC9E9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5D24416-49FC-4397-9384-E25BD904E4DC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F32B399A-FB81-40AE-BFB5-BA04B846E9F6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{8BA1D9BB-540D-4C7B-ADC4-F3DF33799227}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Internet Explorer:
==================
HKU\S-1-5-21-300670512-4152565617-490769388-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-300670512-4152565617-490769388-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
DownloadDir: C:\Users\karinasoule\Downloads\Nueva carpeta
SearchScopes: HKU\S-1-5-21-300670512-4152565617-490769388-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2019-11-07] (QIHU 360 SOFTWARE CO. LIMITED -> Qihu 360 Software Co., Ltd.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2019-11-07] (Qihoo 360 Software (Beijing) Company Limited -> Qihu 360 Software Co., Ltd.)
BHO-x32: Sin Nombre -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Ningún archivo
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-31]
CHR Notifications: Profile 1 -> hxxps://www1a.bethanyharrell.pro
CHR HomePage: Profile 1 -> hxxps://www.google.com.ar/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com.ar/"
CHR DefaultSearchURL: Profile 1 -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Presentaciones) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-04]
CHR Extension: (Documentos) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-04]
CHR Extension: (Google Drive) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-04]
CHR Extension: (YouTube) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-04]
CHR Extension: (Search Manager) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\codhflfnidhlkphogdmhfhjmkehlfjjk [2020-03-23]
CHR Extension: (AdBlocker by Trustnav) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dgbldpiollgaehnlegmfhioconikkjjh [2020-03-04]
CHR Extension: (Adobe Acrobat) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-04]
CHR Extension: (Hojas de cálculo) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-04]
CHR Extension: (EditThisCookie) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2020-03-30]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (Protección de Internet 360) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\glcimepnljoholdmjchkloafkggfoijh [2020-03-04]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-04]
CHR Extension: (Gmail) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR Profile: C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-03-31]
CHR Extension: (Presentaciones) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-04]
CHR Extension: (Documentos) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-04]
CHR Extension: (Google Drive) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-04]
CHR Extension: (YouTube) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-04]
CHR Extension: (Adobe Acrobat) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-04]
CHR Extension: (Hojas de cálculo) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-04]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-04]
CHR Extension: (Protección de Internet 360) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\glcimepnljoholdmjchkloafkggfoijh [2020-03-04]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-04]
CHR Extension: (Gmail) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-04]
CHR Profile: C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-31]
CHR HKLM\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKLM\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM-x32\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh]
CHR HKLM-x32\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10628888 2020-03-24] (Microsoft Corporation -> Microsoft Corporation)
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [166400 2009-09-14] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [128512 2009-09-14] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1401504 2016-09-23] (Intel(R) Software -> Intel Corporation)
S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Archivo no firmado]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2020-03-27] (Even Balance, Inc. -> )
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [961888 2019-11-07] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Archivo no firmado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216272 2020-03-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-03-27] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [190384 2019-11-07] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2019-11-07] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2019-11-07] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [334792 2019-11-07] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [49088 2018-12-14] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [457672 2019-11-07] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [96424 2018-12-14] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
S3 5257CAFE; C:\Windows\system32\drivers\5257CAFE.sys [255928 2020-03-26] (Malwarebytes Corporation -> Malwarebytes)
S3 AgereSoftModem; C:\Windows\system32\DRIVERS\agrsm64.sys [1146880 2013-06-18] (Microsoft Windows -> LSI Corp)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [304296 2017-06-07] (Disc Soft Ltd -> Alcohol Soft Development Team)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [217544 2019-11-07] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
R3 BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [600088 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [64504 2016-09-23] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [60912 2016-09-23] (Intel(R) Software -> Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [59384 2016-09-23] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [268792 2016-09-23] (Intel(R) Software -> Intel Corporation)
S3 GunBod; C:\Windows\system32\gunbod64.sys [84384 2016-09-13] (Beijing Apex Weifeng Technology Co.,Ltd. -> )
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 HWHandSet; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [226560 2019-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] ([email protected] -> EZB Systems, Inc.)
S3 nmwcd; C:\Windows\system32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\system32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsucx64; C:\Windows\system32\drivers\nmwcdnsucx64.sys [12800 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsux64; C:\Windows\system32\drivers\nmwcdnsux64.sys [171008 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [591360 2013-06-18] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [425216 2016-05-25] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11616 2020-03-23] () [Archivo no firmado]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2017-06-07] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Apple, Inc.) [Archivo no firmado]
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-24] (Microsoft Windows -> Microsoft Corporation)
S3 usbser; C:\Windows\system32\drivers\usbser.sys [33280 2019-12-26] (Microsoft Corporation) [Archivo no firmado]
S3 UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Frst.txt 2/2
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-03-31 06:13 - 2020-03-31 06:14 - 000000000 ____D C:\FRST
2020-03-31 04:09 - 2020-03-31 04:09 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-03-31 04:09 - 2020-03-31 04:09 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-03-31 04:09 - 2020-03-31 04:09 - 000000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-03-31 04:09 - 2020-03-31 04:09 - 000000836 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-03-31 04:09 - 2020-03-31 04:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-03-31 04:09 - 2020-03-31 04:09 - 000000000 ____D C:\Program Files\CCleaner
2020-03-31 04:05 - 2020-03-31 04:05 - 000003009 _____ C:\Users\karinasoule\Desktop\AdwCleaner[C00].txt
2020-03-31 03:49 - 2020-03-31 03:59 - 000000000 ____D C:\AdwCleaner
2020-03-31 03:32 - 2020-03-31 03:32 - 000001095 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2020-03-31 03:32 - 2020-03-31 03:32 - 000001095 _____ C:\ProgramData\Desktop\360 Total Security.lnk
2020-03-31 03:15 - 2020-03-31 04:15 - 000000000 ____D C:\Users\karinasoule\AppData\Local\LogMeIn Hamachi
2020-03-31 03:15 - 2020-03-31 03:15 - 000000000 ____D C:\Users\karinasoule\AppData\Local\LogMeIn
2020-03-31 03:15 - 2020-03-31 03:15 - 000000000 ____D C:\ProgramData\LogMeIn
2020-03-31 03:14 - 2020-03-31 03:14 - 000000940 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2020-03-31 03:14 - 2020-03-31 03:14 - 000000940 _____ C:\ProgramData\Desktop\LogMeIn Hamachi.lnk
2020-03-31 03:14 - 2020-03-31 03:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2020-03-31 03:14 - 2020-03-31 03:14 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2020-03-31 03:10 - 2020-03-31 03:10 - 009142272 _____ C:\Users\karinasoule\Downloads\hamachi.msi
2020-03-30 06:57 - 2020-03-30 06:57 - 000001052 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-03-30 06:57 - 2020-03-30 06:57 - 000001052 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-03-30 06:57 - 2020-03-30 06:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-03-30 06:57 - 2020-03-30 06:57 - 000000000 ____D C:\Program Files\VS Revo Group
2020-03-30 06:29 - 2020-03-30 06:29 - 000000256 _____ C:\DelFix.txt
2020-03-30 06:29 - 2020-03-30 06:29 - 000000000 ____D C:\Windows\ERUNT
2020-03-30 05:38 - 2020-03-30 06:33 - 000000000 ____D C:\Users\karinasoule\Downloads\HERRAMIENTAS SISTEMAS
2020-03-30 05:18 - 2020-03-31 03:48 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-30 05:18 - 2020-03-30 05:18 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-30 04:51 - 2020-03-30 04:52 - 727680230 _____ C:\Users\karinasoule\Downloads\0ad-0.0.23b-alpha-win32.exe
2020-03-30 04:46 - 2020-03-30 04:52 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\uTorrent
2020-03-29 06:18 - 2020-03-29 06:18 - 000326301 _____ C:\Users\karinasoule\Downloads\28-03-20-reporte-vespertino-covid-19.pdf
2020-03-29 02:50 - 2020-03-29 02:50 - 000001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-03-29 02:50 - 2020-03-29 02:50 - 000001045 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2020-03-29 02:50 - 2020-03-29 02:50 - 000001045 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2020-03-29 02:49 - 2020-03-31 04:02 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-03-29 02:48 - 2020-03-29 02:49 - 027292336 _____ (TeamViewer Germany GmbH) C:\Users\karinasoule\Downloads\TeamViewer_Setup.exe
2020-03-28 17:43 - 2020-03-28 17:43 - 000000000 ____D C:\Users\karinasoule\Documents\PUBGLite
2020-03-27 23:54 - 2020-03-27 23:54 - 000000000 ____D C:\Users\karinasoule\AppData\Local\UnrealEngine
2020-03-27 23:54 - 2020-03-27 23:54 - 000000000 ____D C:\Users\karinasoule\AppData\Local\ShadowTrackerExtra
2020-03-27 23:53 - 2019-11-06 09:38 - 000001350 _____ C:\Users\karinasoule\Downloads\README.txt
2020-03-27 23:53 - 2016-08-10 10:38 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2020-03-27 23:53 - 2016-08-10 10:38 - 000107368 _____ (Microsoft Corporation) C:\Users\karinasoule\Downloads\xinput1_3.dll
2020-03-27 23:52 - 2020-03-27 23:52 - 000050474 _____ C:\Users\karinasoule\Downloads\xinput1_3.zip
2020-03-27 23:51 - 2020-03-27 23:51 - 000292184 _____ (Microsoft Corporation) C:\Users\karinasoule\Downloads\dxwebsetup.exe
2020-03-27 23:42 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2020-03-27 23:42 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2020-03-27 23:42 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2020-03-27 23:42 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2020-03-27 23:42 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2020-03-27 23:42 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2020-03-27 23:42 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2020-03-27 23:42 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2020-03-27 23:42 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2020-03-27 23:42 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2020-03-27 23:42 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2020-03-27 23:42 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2020-03-27 23:41 - 2020-03-27 23:41 - 000000000 ____D C:\Program Files\Common Files\Uncheater
2020-03-27 21:47 - 2020-03-27 21:47 - 000000000 ____D C:\ProgramData\PUBG
2020-03-27 21:44 - 2020-03-27 21:48 - 000000000 ____D C:\Program Files (x86)\PUBGLite
2020-03-27 21:44 - 2020-03-27 21:44 - 000001051 _____ C:\Users\karinasoule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PUBG LITE.lnk
2020-03-27 21:44 - 2020-03-27 21:44 - 000001021 _____ C:\Users\karinasoule\Desktop\PUBG LITE.lnk
2020-03-27 21:40 - 2020-03-27 21:40 - 067269568 _____ ( ) C:\Users\karinasoule\Downloads\PUBG-Lite-Setup.exe
2020-03-27 04:23 - 2020-03-27 04:23 - 000183791 _____ C:\Users\karinasoule\Downloads\lead3dengine.zip
2020-03-27 04:23 - 2020-03-27 04:23 - 000000000 ____D C:\Users\karinasoule\Downloads\lead3dengine
2020-03-27 04:23 - 2016-08-11 21:14 - 000361096 _____ C:\Windows\system32\Lead3DEngine.dll
2020-03-27 04:17 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2020-03-27 04:17 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2020-03-27 04:17 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2020-03-27 04:17 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2020-03-27 04:17 - 2006-09-28 16:03 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2020-03-27 04:17 - 2006-09-28 16:03 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2020-03-27 04:17 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2020-03-27 04:17 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2020-03-27 04:17 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2020-03-27 04:17 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2020-03-27 04:17 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2020-03-27 04:17 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2020-03-27 04:17 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2020-03-27 04:17 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2020-03-27 04:17 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2020-03-27 04:17 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2020-03-27 04:17 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2020-03-27 04:17 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2020-03-27 04:17 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2020-03-27 04:17 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2020-03-27 04:17 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2020-03-27 04:17 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2020-03-27 04:17 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2020-03-27 04:17 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2020-03-27 04:17 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2020-03-27 04:17 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2020-03-27 04:17 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2020-03-27 04:17 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2020-03-27 04:17 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2020-03-27 04:17 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2020-03-27 04:13 - 2020-03-27 04:13 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2020-03-27 02:35 - 2020-03-27 02:39 - 000000000 ____D C:\Users\karinasoule\Downloads\Nueva carpeta
2020-03-27 01:58 - 2020-03-27 01:58 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-03-27 00:22 - 2020-03-27 00:45 - 000111928 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2020-03-27 00:22 - 2020-03-27 00:36 - 000111928 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2020-03-27 00:22 - 2020-03-27 00:22 - 000076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2020-03-27 00:22 - 2013-04-30 10:41 - 000840264 _____ C:\Windows\SysWOW64\pbsvc.exe
2020-03-27 00:21 - 2020-03-27 00:21 - 000001360 _____ C:\Users\Public\Desktop\Join SiMPLE BF1942 [FRA].lnk
2020-03-27 00:21 - 2020-03-27 00:21 - 000001360 _____ C:\ProgramData\Desktop\Join SiMPLE BF1942 [FRA].lnk
2020-03-27 00:21 - 2020-03-27 00:21 - 000001200 _____ C:\Users\Public\Desktop\Battlefield 1942.lnk
2020-03-27 00:21 - 2020-03-27 00:21 - 000001200 _____ C:\ProgramData\Desktop\Battlefield 1942.lnk
2020-03-27 00:21 - 2020-03-27 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2020-03-27 00:21 - 2020-03-27 00:21 - 000000000 ____D C:\Program Files (x86)\EA Games
2020-03-27 00:19 - 2018-01-17 11:14 - 000000000 ____D C:\Users\karinasoule\Downloads\Battlefield 1942.NTtv
2020-03-26 23:50 - 2020-03-27 00:12 - 955618699 _____ C:\Users\karinasoule\Downloads\Battlefield 1942.NTtv.rar
2020-03-26 16:03 - 2020-03-26 16:03 - 044134697 _____ C:\Users\karinasoule\Downloads\20170806_213552.mp4
2020-03-26 15:47 - 2020-03-26 15:47 - 004334916 _____ C:\Users\karinasoule\Downloads\VID-20190922-WA0062.mp4
2020-03-26 15:23 - 2020-03-30 05:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-26 15:23 - 2020-03-26 15:23 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\5257CAFE.sys
2020-03-26 15:22 - 2020-03-26 16:37 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-03-26 15:22 - 2020-03-26 16:34 - 000000000 ____D C:\Users\karinasoule\Desktop\mbar
2020-03-26 15:22 - 2020-03-26 15:22 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2020-03-26 04:41 - 2020-03-26 04:41 - 000000000 ____D C:\ProgramData\Age of Empires 3
2020-03-26 04:31 - 2020-03-26 04:31 - 000001787 _____ C:\Users\karinasoule\Desktop\age3y.exe - Acceso directo.lnk
2020-03-26 04:31 - 2020-03-26 04:31 - 000001787 _____ C:\Users\karinasoule\Desktop\age3x.exe - Acceso directo.lnk
2020-03-26 03:36 - 2020-03-26 03:36 - 000000000 ____D C:\Users\karinasoule\Documents\My Games
2020-03-26 03:25 - 2020-03-26 03:25 - 000002175 _____ C:\Users\karinasoule\Desktop\Age of Empires III.lnk
2020-03-26 03:25 - 2020-03-26 03:25 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2020-03-26 03:24 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2020-03-26 03:24 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2020-03-26 03:24 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2020-03-26 03:24 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2020-03-26 01:59 - 2018-03-29 14:15 - 000000000 ____D C:\Users\karinasoule\Downloads\Age of Empires III TUTOS IVAN
2020-03-26 01:23 - 2020-03-26 01:27 - 2918953733 _____ C:\Users\karinasoule\Downloads\Age of Empires III TUTOS IVAN.rar
2020-03-25 22:40 - 2020-03-25 22:40 - 000002078 _____ C:\Users\Public\Desktop\The Conquerors.lnk
2020-03-25 22:40 - 2020-03-25 22:40 - 000002078 _____ C:\ProgramData\Desktop\The Conquerors.lnk
2020-03-25 06:42 - 2020-03-25 06:58 - 000000000 ____D C:\Users\karinasoule\AppData\Local\parasite_in_city
2020-03-25 05:01 - 2020-03-25 05:09 - 845110692 _____ C:\Users\karinasoule\Downloads\Stranded Deep v0.52.00 64 bits version por Themastermartin.rar
2020-03-25 04:55 - 2020-03-25 04:55 - 000000533 _____ C:\Windows\eReg.dat
2020-03-25 04:29 - 1998-06-17 18:08 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2020-03-25 04:26 - 2020-03-27 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2020-03-25 04:22 - 2020-03-25 04:22 - 000001306 _____ C:\Users\karinasoule\Desktop\client.exe.lnk
2020-03-25 04:06 - 2020-03-25 21:16 - 000000000 ____D C:\Users\karinasoule\Downloads\fotos y videos
2020-03-25 03:48 - 2020-03-25 03:52 - 962711552 _____ C:\Users\karinasoule\Downloads\Battlefield 1942.iso
2020-03-25 03:23 - 2020-03-25 03:23 - 002333124 _____ C:\Users\karinasoule\Downloads\Manual_SdC.pdf
2020-03-25 03:08 - 2020-03-25 04:21 - 000000000 ____D C:\Program Files\UO
2020-03-24 23:41 - 2020-03-31 01:00 - 000000000 ____D C:\Program Files (x86)\Voobly
2020-03-24 23:41 - 2020-03-29 02:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voobly
2020-03-24 23:41 - 2020-03-24 23:41 - 000000993 _____ C:\Users\karinasoule\Desktop\Voobly.lnk
2020-03-24 16:57 - 2020-03-24 16:57 - 014178840 _____ (Malwarebytes Corp.) C:\Users\karinasoule\Downloads\mbar-1.10.3.1001.exe
2020-03-24 04:43 - 2020-03-31 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms Armageddon
2020-03-24 02:09 - 2020-03-24 02:09 - 000001899 _____ C:\Users\karinasoule\Desktop\UltraISO.lnk
2020-03-24 02:09 - 2020-03-24 02:09 - 000000000 ____D C:\Users\karinasoule\Documents\My ISO Files
2020-03-24 02:09 - 2020-03-24 02:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
2020-03-24 02:09 - 2020-03-24 02:09 - 000000000 ____D C:\Program Files (x86)\UltraISO
2020-03-24 01:05 - 2020-03-24 01:05 - 000001807 _____ C:\Users\karinasoule\Desktop\empires2.exe - Acceso directo.lnk
2020-03-23 23:45 - 2020-03-29 02:50 - 000000000 ____D C:\Users\karinasoule\AppData\Local\TeamViewer
2020-03-23 23:44 - 2020-03-31 04:15 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\TeamViewer
2020-03-23 23:11 - 2020-03-26 03:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2020-03-23 23:11 - 2020-03-23 18:32 - 000011616 _____ C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2020-03-23 23:09 - 2020-03-26 03:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Games
2020-03-23 23:03 - 2020-03-23 23:04 - 000000000 ____D C:\Users\karinasoule\Downloads\age
2020-03-23 20:14 - 2020-03-23 20:14 - 000001049 _____ C:\Users\karinasoule\Desktop\Injected Anti-cheat.lnk
2020-03-23 20:14 - 2020-03-23 20:14 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sXe Injected
2020-03-23 20:14 - 2020-03-23 20:14 - 000000000 ____D C:\Program Files (x86)\sXe Injected
2020-03-23 20:12 - 2020-03-23 20:13 - 000000000 ____D C:\Users\karinasoule\AppData\Local\{8BC8BD94-AF60-D12C-C2F8-F4C4E690085C}
2020-03-23 18:38 - 2020-03-23 18:40 - 000000000 ____D C:\Users\karinasoule\AppData\Local\{79F14FAD-5D59-2315-30C1-06FD14A9FA65}
2020-03-23 18:28 - 2020-03-23 18:28 - 000143872 ____N (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2020-03-23 18:28 - 2020-03-23 18:28 - 000056832 ____N C:\Windows\SysWOW64\iyvu9_32.dll
2020-03-23 17:03 - 2020-03-23 17:03 - 000001128 _____ C:\Users\karinasoule\Desktop\GameRanger.lnk
2020-03-23 17:03 - 2020-03-23 17:03 - 000001114 _____ C:\Users\karinasoule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2020-03-23 17:03 - 2020-03-23 17:03 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\GameRanger
2020-03-23 16:53 - 2020-03-28 01:05 - 000000000 ____D C:\Users\karinasoule\Documents\Stronghold Crusader
2020-03-23 16:47 - 2020-03-24 04:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stronghold Crusader Extreme HD [GOG.com]
2020-03-23 16:47 - 2020-03-23 16:47 - 000000967 _____ C:\Users\Public\Desktop\Stronghold Crusader HD.lnk
2020-03-23 16:47 - 2020-03-23 16:47 - 000000967 _____ C:\ProgramData\Desktop\Stronghold Crusader HD.lnk
2020-03-23 16:43 - 2020-03-23 16:43 - 000000000 ____D C:\GOG Games
2020-03-23 16:22 - 2020-03-31 03:31 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\discord
2020-03-23 16:22 - 2020-03-23 16:22 - 000002238 _____ C:\Users\karinasoule\Desktop\Discord.lnk
2020-03-23 16:22 - 2020-03-23 16:22 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-03-23 16:22 - 2020-03-23 16:22 - 000000000 ____D C:\Users\karinasoule\AppData\Local\Discord
2020-03-22 21:41 - 2020-03-22 21:41 - 000001328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2020-03-22 21:41 - 2020-03-22 21:41 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2020-03-22 21:41 - 2020-03-22 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2020-03-22 21:40 - 2014-04-15 19:25 - 003932120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-03-22 21:40 - 2014-04-15 15:41 - 001002031 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2020-03-22 21:40 - 2014-04-14 16:49 - 058487808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2020-03-22 21:40 - 2014-04-14 15:04 - 000948440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2020-03-22 21:40 - 2014-04-07 10:35 - 002832088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2020-03-22 21:40 - 2014-04-07 10:35 - 002798296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2020-03-22 21:40 - 2014-03-28 18:03 - 000628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2020-03-22 21:40 - 2014-03-19 19:19 - 028324440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2020-03-22 21:40 - 2014-03-19 19:19 - 014844504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2020-03-22 21:40 - 2014-03-19 19:19 - 002101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2020-03-22 21:40 - 2014-03-19 19:19 - 002041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2020-03-22 21:40 - 2014-03-19 19:19 - 001933400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2020-03-22 21:40 - 2014-03-19 19:19 - 001137240 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2020-03-22 21:40 - 2014-03-19 19:19 - 001049688 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2020-03-22 21:40 - 2014-03-06 16:35 - 001959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2020-03-22 21:40 - 2014-03-03 20:21 - 001019608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2020-03-22 21:40 - 2014-02-18 17:04 - 002770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2020-03-22 21:40 - 2014-01-28 11:48 - 001286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2020-03-22 21:40 - 2013-10-11 11:31 - 000947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2020-03-22 21:40 - 2013-10-07 00:26 - 000415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2020-03-22 21:40 - 2013-08-14 15:36 - 000662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2020-03-22 21:40 - 2013-08-14 15:35 - 000663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2020-03-22 21:40 - 2012-08-31 19:18 - 007164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2020-03-22 21:40 - 2012-08-31 19:17 - 000434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2020-03-22 21:40 - 2012-08-31 19:17 - 000141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2020-03-22 21:40 - 2012-08-31 19:17 - 000124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2020-03-22 21:40 - 2012-08-31 19:17 - 000075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2020-03-22 21:40 - 2012-01-30 11:43 - 000836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2020-03-22 21:40 - 2012-01-10 10:20 - 000065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2020-03-22 21:40 - 2011-12-20 15:32 - 000331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2020-03-22 21:40 - 2011-11-22 16:28 - 000014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2020-03-22 21:40 - 2011-09-02 14:21 - 000221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2020-03-22 21:40 - 2011-09-02 14:21 - 000081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2020-03-22 21:40 - 2011-09-02 14:21 - 000078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2020-03-22 21:40 - 2011-08-23 17:00 - 000603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2020-03-22 21:40 - 2011-05-31 09:42 - 000693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2020-03-22 21:40 - 2011-03-17 12:17 - 001361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2020-03-22 21:40 - 2011-03-07 17:11 - 000148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2020-03-22 21:40 - 2010-11-08 07:31 - 000375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2020-03-22 21:40 - 2010-11-08 07:31 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2020-03-22 21:40 - 2010-11-08 07:31 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2020-03-22 21:40 - 2010-11-08 07:31 - 000204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2020-03-22 21:40 - 2010-11-08 07:31 - 000101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2020-03-22 21:40 - 2010-11-08 07:31 - 000078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2020-03-22 21:40 - 2010-11-03 18:30 - 000149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2020-03-22 21:40 - 2010-09-27 09:34 - 000318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2020-03-22 21:40 - 2010-07-22 16:48 - 000074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2020-03-22 21:40 - 2009-11-24 09:55 - 000518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2020-03-22 21:40 - 2009-11-24 09:55 - 000211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2020-03-22 21:40 - 2009-11-24 09:55 - 000198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2020-03-22 21:40 - 2009-11-24 09:55 - 000155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2020-03-22 21:39 - 2013-10-16 03:43 - 000209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2020-03-22 21:39 - 2013-10-11 12:47 - 000113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2020-03-22 21:39 - 2013-10-07 00:26 - 000501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2020-03-22 21:39 - 2013-10-07 00:26 - 000487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2020-03-22 21:39 - 2013-09-10 04:02 - 006217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2020-03-22 21:39 - 2013-09-10 04:02 - 000313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2020-03-22 21:39 - 2013-09-10 04:01 - 001938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2020-03-22 21:39 - 2013-09-10 04:01 - 000260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2020-03-22 21:39 - 2012-03-08 11:47 - 000108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 001756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 001568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 001486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 000728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 000712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 000491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 000432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 000428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 000242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 000242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2020-03-22 21:39 - 2011-05-31 09:42 - 000241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2020-03-18 20:41 - 2020-03-18 20:41 - 000001736 _____ C:\Users\Public\Desktop\Counter-Strike WaRzOnE.lnk
2020-03-18 20:41 - 2020-03-18 20:41 - 000001736 _____ C:\ProgramData\Desktop\Counter-Strike WaRzOnE.lnk
2020-03-18 20:41 - 2020-03-18 20:41 - 000000856 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike WaRzOnE.lnk
2020-03-18 20:41 - 2020-03-18 20:41 - 000000800 _____ C:\Users\Public\Desktop\HLDS.lnk
2020-03-18 20:41 - 2020-03-18 20:41 - 000000800 _____ C:\ProgramData\Desktop\HLDS.lnk
2020-03-18 20:41 - 2020-03-18 20:41 - 000000788 _____ C:\Users\Public\Desktop\Half Life.lnk
2020-03-18 20:41 - 2020-03-18 20:41 - 000000788 _____ C:\ProgramData\Desktop\Half Life.lnk
2020-03-18 20:39 - 2020-03-18 20:39 - 000000000 ____D C:\Games
2020-03-14 15:18 - 2020-03-14 15:18 - 000000000 ____D C:\Users\karinasoule\AppData\Local\mediaplayer
2020-03-14 14:33 - 2020-03-14 14:33 - 000002434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-03-14 14:33 - 2020-03-14 14:33 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-03-14 14:33 - 2020-03-14 14:33 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-03-14 14:33 - 2020-03-14 14:33 - 000002390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-03-14 14:33 - 2020-03-14 14:33 - 000002388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-03-14 14:33 - 2020-03-14 14:33 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2020-03-14 14:33 - 2020-03-14 14:33 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-03-14 14:33 - 2020-03-14 14:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2020-03-12 01:05 - 2020-03-04 23:30 - 001542920 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-03-12 01:05 - 2020-03-04 21:50 - 001479680 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-03-12 01:05 - 2020-03-04 21:23 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-03-12 01:05 - 2020-03-04 03:58 - 001335808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-03-12 01:05 - 2020-03-04 03:43 - 001377792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-03-12 01:05 - 2020-03-04 03:40 - 000214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-03-12 01:05 - 2020-03-03 21:40 - 007362288 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-12 01:05 - 2020-03-03 21:39 - 002013936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-03-12 01:05 - 2020-02-24 23:25 - 003329536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-12 01:05 - 2020-02-24 23:22 - 003634688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-12 01:05 - 2020-02-15 13:45 - 001728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-03-12 01:05 - 2020-02-15 13:41 - 001546240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-03-12 01:05 - 2020-02-13 15:22 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-03-12 01:05 - 2020-02-13 15:20 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-03-12 01:05 - 2020-02-13 15:03 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-03-12 01:05 - 2020-02-13 14:42 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-03-12 01:05 - 2020-02-13 14:39 - 000905728 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-03-12 01:05 - 2020-02-13 14:38 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-03-12 01:05 - 2020-02-13 14:25 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-03-12 01:05 - 2020-02-13 14:25 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-03-12 01:05 - 2020-02-13 14:17 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-03-12 01:05 - 2020-02-13 13:59 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-03-12 01:05 - 2020-02-13 13:58 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-03-12 01:05 - 2020-02-13 07:35 - 001765064 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-03-12 01:05 - 2020-02-13 03:23 - 001489512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-03-12 01:05 - 2020-02-13 02:26 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\DeviceMetadataRetrievalClient.dll
2020-03-12 01:05 - 2020-02-13 02:06 - 000861184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-03-12 01:05 - 2020-02-13 01:42 - 000459264 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-03-12 01:05 - 2020-02-13 01:41 - 002780160 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2020-03-12 01:05 - 2020-02-13 01:11 - 000332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-03-12 01:05 - 2020-02-13 01:06 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2020-03-12 01:05 - 2020-02-11 20:09 - 001368288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-03-12 01:05 - 2020-02-11 11:15 - 025753600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-03-12 01:05 - 2020-02-11 11:01 - 004168192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-03-12 01:05 - 2020-02-11 10:58 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-03-12 01:05 - 2020-02-11 10:50 - 002911232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-03-12 01:05 - 2020-02-11 10:48 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-03-12 01:05 - 2020-02-11 10:48 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-03-12 01:05 - 2020-02-11 10:39 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-03-12 01:05 - 2020-02-11 10:38 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2020-03-12 01:05 - 2020-02-11 10:37 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-03-12 01:05 - 2020-02-11 10:37 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-03-12 01:05 - 2020-02-11 10:30 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-03-12 01:05 - 2020-02-11 10:23 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-03-12 01:05 - 2020-02-11 10:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-03-12 01:05 - 2020-02-11 10:20 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-03-12 01:05 - 2020-02-11 10:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2020-03-12 01:05 - 2020-02-11 10:15 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-03-12 01:05 - 2020-02-11 10:14 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2020-03-12 01:05 - 2020-02-11 10:13 - 000660992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-03-12 01:05 - 2020-02-11 10:13 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-03-12 01:05 - 2020-02-11 10:09 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-03-12 01:05 - 2020-02-11 10:03 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-03-12 01:05 - 2020-02-11 10:02 - 015468544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-03-12 01:05 - 2020-02-11 10:01 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-03-12 01:05 - 2020-02-11 10:01 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-03-12 01:05 - 2020-02-11 09:58 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-03-12 01:05 - 2020-02-11 09:57 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2020-03-12 01:05 - 2020-02-11 09:55 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-03-12 01:05 - 2020-02-11 09:55 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2020-03-12 01:05 - 2020-02-11 09:52 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-03-12 01:05 - 2020-02-11 09:50 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-03-12 01:05 - 2020-02-11 09:50 - 001756672 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-03-12 01:05 - 2020-02-11 09:49 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-03-12 01:05 - 2020-02-11 09:48 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-03-12 01:05 - 2020-02-11 09:47 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-03-12 01:05 - 2020-02-11 09:47 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-03-12 01:05 - 2020-02-11 09:47 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-03-12 01:05 - 2020-02-11 09:46 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-03-12 01:05 - 2020-02-11 09:44 - 013854208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-03-12 01:05 - 2020-02-11 09:40 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-03-12 01:05 - 2020-02-11 09:35 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-03-12 01:05 - 2020-02-11 09:29 - 004387328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-03-12 01:05 - 2020-02-11 09:25 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-03-12 01:05 - 2020-02-11 09:24 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-03-12 01:05 - 2020-02-11 09:24 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-03-12 01:05 - 2020-02-08 17:05 - 000537824 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-03-12 01:05 - 2020-02-08 17:04 - 000140128 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-03-12 01:05 - 2020-02-08 15:32 - 000450536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-03-12 01:05 - 2020-02-08 15:32 - 000136744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-03-12 01:05 - 2020-02-08 14:55 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-03-12 01:05 - 2020-02-08 14:32 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-03-12 01:05 - 2020-02-08 14:10 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-03-12 01:05 - 2020-02-08 14:09 - 000933888 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-03-12 01:05 - 2020-02-08 14:04 - 001254912 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-03-12 01:05 - 2020-02-08 13:52 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-03-12 01:05 - 2020-02-08 13:52 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-03-12 01:05 - 2020-02-08 13:50 - 000550912 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-03-12 01:05 - 2020-02-08 13:50 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2020-03-12 01:05 - 2020-02-08 13:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2020-03-12 01:05 - 2020-02-08 13:35 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2020-03-12 01:05 - 2020-02-08 13:28 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-03-12 01:05 - 2020-02-07 15:46 - 000784896 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2020-03-12 01:05 - 2020-02-07 15:15 - 000787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-03-12 01:05 - 2020-02-07 15:02 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-03-12 01:05 - 2020-02-07 14:32 - 001680896 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-03-12 01:05 - 2020-02-05 11:38 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2020-03-12 01:05 - 2020-02-05 11:38 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2020-03-12 01:05 - 2020-02-05 11:20 - 001544888 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-12 01:05 - 2020-02-01 14:36 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2020-03-12 01:05 - 2020-02-01 14:07 - 000319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2020-03-12 01:05 - 2020-02-01 13:57 - 000845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2020-03-12 01:05 - 2020-02-01 13:56 - 001080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2020-03-12 01:05 - 2020-02-01 13:48 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2020-03-12 01:05 - 2020-02-01 13:44 - 000429568 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2020-03-12 01:05 - 2020-02-01 13:36 - 000542720 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-03-12 01:05 - 2020-02-01 13:34 - 000272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2020-03-12 01:05 - 2020-02-01 13:33 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2020-03-12 01:05 - 2020-02-01 13:24 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2020-03-12 01:05 - 2020-01-28 16:53 - 001349120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-03-12 01:05 - 2020-01-28 16:47 - 000955904 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2020-03-12 01:05 - 2020-01-14 18:05 - 000101832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2020-03-12 00:45 - 2020-02-13 03:03 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-03-12 00:45 - 2020-02-13 02:06 - 000129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-03-07 23:43 - 2020-03-24 04:42 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2020-03-07 23:43 - 2020-03-24 03:23 - 000000000 ____D C:\Users\karinasoule\AppData\Local\WhatsApp
2020-03-07 23:43 - 2020-03-07 23:45 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\WhatsApp
2020-03-07 23:41 - 2020-03-23 16:22 - 000000000 ____D C:\Users\karinasoule\AppData\Local\SquirrelTemp
2020-03-04 15:27 - 2020-03-04 15:27 - 003679421 _____ C:\Users\karinasoule\Downloads\videoplayback (2).m4a
2020-03-03 20:09 - 2020-03-03 20:09 - 003519578 _____ C:\Users\karinasoule\Downloads\videoplayback (1).m4a
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-03-31 04:29 - 2015-11-16 20:14 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-300670512-4152565617-490769388-1001
2020-03-31 04:24 - 2015-11-21 22:13 - 002883072 ___SH C:\Users\karinasoule\Desktop\Thumbs.db
2020-03-31 04:14 - 2019-03-03 21:10 - 000000000 ____D C:\Users\karinasoule\AppData\LocalLow\360WD
2020-03-31 04:14 - 2018-04-02 21:11 - 000000000 ____D C:\Windows\Minidump
2020-03-31 04:14 - 2014-12-04 00:24 - 000000000 ____D C:\Windows\Panther
2020-03-31 04:14 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\ModemLogs
2020-03-31 04:14 - 2013-08-22 10:36 - 000000000 ____D C:\Windows\Inf
2020-03-31 04:07 - 2015-11-16 20:16 - 000003994 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{01029158-18F3-4FFA-8A1C-7D4649B28F67}
2020-03-31 04:03 - 2015-11-17 21:20 - 000000000 __SHD C:\Users\karinasoule\IntelGraphicsProfiles
2020-03-31 04:02 - 2013-08-22 11:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-31 04:02 - 2013-08-22 11:44 - 000499680 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-31 04:01 - 2013-08-22 10:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-03-31 03:59 - 2014-12-04 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2020-03-31 03:59 - 2014-12-04 01:37 - 000000000 ____D C:\Program Files (x86)\ASUS
2020-03-31 03:32 - 2019-03-03 21:10 - 000000000 ____D C:\ProgramData\360TotalSecurity
2020-03-31 03:32 - 2019-03-03 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2020-03-31 02:35 - 2015-11-16 20:08 - 000000000 ____D C:\Users\karinasoule\AppData\Local\VirtualStore
2020-03-31 02:30 - 2013-08-22 10:25 - 000000386 _____ C:\Windows\win.ini
2020-03-29 02:46 - 2015-11-22 00:56 - 009993728 ___SH C:\Users\karinasoule\Downloads\Thumbs.db
2020-03-28 10:34 - 2019-03-03 23:33 - 000000000 __SHD C:\$360Section
2020-03-28 10:34 - 2019-03-03 21:30 - 000000000 ____D C:\ProgramData\360Quarant
2020-03-27 23:42 - 2014-12-04 01:38 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-27 04:25 - 2015-08-28 13:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-03-27 01:12 - 2016-03-19 14:38 - 000000000 ____D C:\Users\karinasoule\AppData\Local\ElevatedDiagnostics
2020-03-26 19:39 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\AppReadiness
2020-03-26 19:24 - 2013-08-22 12:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-26 16:56 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\system32\NDF
2020-03-26 00:48 - 2015-11-16 20:08 - 000000000 ____D C:\Users\karinasoule\AppData\Local\Packages
2020-03-25 21:20 - 2015-11-21 22:50 - 000000000 ____D C:\Users\karinasoule\Desktop\MUSICA
2020-03-25 21:18 - 2016-04-27 19:38 - 000000000 ____D C:\Users\karinasoule\Desktop\Pendrive gallego
2020-03-25 21:07 - 2018-04-08 18:24 - 000571904 ___SH C:\Users\karinasoule\Documents\Thumbs.db
2020-03-25 16:58 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\rescache
2020-03-25 16:24 - 2013-08-22 12:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-25 16:21 - 2017-03-09 22:06 - 000000000 ____D C:\Program Files\Microsoft Office
2020-03-25 04:16 - 2019-12-31 23:22 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\vlc
2020-03-24 16:37 - 2013-08-22 12:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-03-24 03:33 - 2017-11-18 19:39 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2020-03-24 03:33 - 2016-03-29 16:17 - 000000000 ___RD C:\Users\karinasoule\Documents\MEGA
2020-03-24 03:29 - 2017-06-21 13:39 - 000000000 ____D C:\ProgramData\Nero
2020-03-24 03:28 - 2014-12-03 23:47 - 000806698 _____ C:\Windows\system32\perfh00A.dat
2020-03-24 03:28 - 2014-12-03 23:47 - 000164584 _____ C:\Windows\system32\perfc00A.dat
2020-03-24 03:28 - 2014-03-18 06:53 - 001822472 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-24 03:25 - 2018-08-27 23:00 - 000000000 ____D C:\Users\karinasoule\AppData\Local\Nox
2020-03-24 03:25 - 2015-11-16 20:08 - 000000000 ____D C:\Users\karinasoule
2020-03-24 03:24 - 2019-03-11 21:06 - 000000000 ____D C:\Program Files (x86)\Steinberg
2020-03-24 03:22 - 2016-10-08 19:33 - 000000000 ____D C:\ProgramData\McAfee
2020-03-23 20:11 - 2019-03-03 21:30 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\360safe
2020-03-23 20:07 - 2018-08-27 23:43 - 000000000 ____D C:\Users\karinasoule\AppData\Roaming\NVIDIA
2020-03-23 19:08 - 2019-03-03 21:10 - 000000000 ____D C:\ProgramData\360safe
2020-03-23 16:52 - 2013-08-22 12:20 - 000000000 ____D C:\Windows\CbsTemp
2020-03-23 16:50 - 2015-11-17 10:53 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2020-03-23 16:50 - 2015-11-17 10:53 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2020-03-23 16:50 - 2015-11-17 10:49 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2020-03-23 16:50 - 2015-11-17 10:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2020-03-23 16:50 - 2013-08-22 08:22 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2020-03-23 16:50 - 2013-08-22 08:22 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2020-03-23 16:50 - 2013-08-22 08:17 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2020-03-23 16:50 - 2013-08-22 08:17 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2020-03-23 16:50 - 2013-08-22 08:17 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2020-03-23 16:50 - 2013-08-22 00:56 - 000377856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2020-03-23 16:50 - 2013-08-22 00:56 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2020-03-23 16:50 - 2013-08-22 00:51 - 000059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2020-03-23 16:50 - 2013-08-22 00:51 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2020-03-23 16:50 - 2013-08-22 00:51 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2020-03-22 21:41 - 2018-09-25 22:40 - 000319042 _____ C:\Windows\system32\Drivers\RTWAVES40.dat
2020-03-22 21:41 - 2018-09-25 22:40 - 000006786 _____ C:\Windows\system32\Drivers\rtwavesEFX.dat
2020-03-22 21:41 - 2018-09-25 22:40 - 000002626 _____ C:\Windows\system32\Drivers\rtwavesMFX.dat
2020-03-22 21:41 - 2017-01-11 18:27 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-03-22 01:30 - 2018-01-17 21:14 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-22 01:30 - 2018-01-17 21:14 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-19 15:05 - 2018-01-17 21:15 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-18 01:54 - 2016-10-08 19:32 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-18 01:53 - 2018-08-27 12:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-15 15:35 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\system32\setup
2020-03-12 01:40 - 2017-03-09 22:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-03-12 01:39 - 2015-11-17 17:57 - 000000000 ____D C:\Windows\system32\MRT
2020-03-12 01:30 - 2015-11-17 17:57 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-12 00:36 - 2020-01-16 20:36 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-03-12 00:36 - 2020-01-16 20:35 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-03-12 00:36 - 2020-01-16 20:35 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2020-03-11 23:56 - 2019-12-11 11:53 - 000002390 _____ C:\Users\karinasoule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2020-03-11 23:56 - 2017-07-26 11:46 - 000003182 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-300670512-4152565617-490769388-1001
==================== Archivos en la raíz de algunos directorios ========
2020-03-23 20:11 - 2020-03-23 20:11 - 014932720 _____ (Alejandro Cortés) C:\Program Files (x86)\Common Files\InjectedSetup.exe
2017-06-19 14:01 - 2017-06-19 14:01 - 000338362 _____ () C:\Users\karinasoule\AppData\Local\04720DD9_stp.CIS
2017-06-19 14:01 - 2017-06-19 14:01 - 000000228 _____ () C:\Users\karinasoule\AppData\Local\04720DD9_stp.CIS.part
2017-06-19 14:01 - 2017-06-19 14:01 - 000008734 _____ () C:\Users\karinasoule\AppData\Local\0D0F0189_stp.CIS
2017-06-19 14:01 - 2017-06-19 14:01 - 000000301 _____ () C:\Users\karinasoule\AppData\Local\0D0F0189_stp.CIS.part
2017-06-19 14:01 - 2017-06-19 14:01 - 000101029 _____ () C:\Users\karinasoule\AppData\Local\0D7C6DD1_stp.CIS
2017-06-19 14:01 - 2017-06-19 14:01 - 000000229 _____ () C:\Users\karinasoule\AppData\Local\0D7C6DD1_stp.CIS.part
2017-06-19 14:01 - 2017-06-19 14:01 - 000074242 _____ () C:\Users\karinasoule\AppData\Local\3DCE41AD_stp.CIS
2017-06-19 14:01 - 2017-06-19 14:01 - 000000225 _____ () C:\Users\karinasoule\AppData\Local\3DCE41AD_stp.CIS.part
2017-06-19 14:01 - 2017-06-19 14:01 - 000506658 _____ () C:\Users\karinasoule\AppData\Local\415C1132_stp.CIS
2017-06-19 14:01 - 2017-06-19 14:01 - 000000245 _____ () C:\Users\karinasoule\AppData\Local\415C1132_stp.CIS.part
2017-06-19 14:01 - 2017-06-19 14:01 - 000859221 _____ () C:\Users\karinasoule\AppData\Local\449869E8_stp.CIS
2017-06-19 14:01 - 2017-06-19 14:01 - 000000273 _____ () C:\Users\karinasoule\AppData\Local\449869E8_stp.CIS.part
2017-06-19 14:01 - 2017-06-19 14:01 - 004573147 _____ () C:\Users\karinasoule\AppData\Local\5D091AE5_stp.CIS
2017-06-19 14:01 - 2017-06-19 14:01 - 000000345 _____ () C:\Users\karinasoule\AppData\Local\5D091AE5_stp.CIS.part
2017-06-19 14:01 - 2017-06-19 14:01 - 000010196 _____ () C:\Users\karinasoule\AppData\Local\754B6D0C_stp.CIS
2017-06-19 14:01 - 2017-06-19 14:01 - 000000281 _____ () C:\Users\karinasoule\AppData\Local\754B6D0C_stp.CIS.part
2017-06-19 14:01 - 2017-06-19 14:01 - 007379116 _____ () C:\Users\karinasoule\AppData\Local\7796174F_stp.CIS
2017-06-19 14:01 - 2017-06-19 14:01 - 000000365 _____ () C:\Users\karinasoule\AppData\Local\7796174F_stp.CIS.part
2017-06-19 14:01 - 2017-06-19 14:01 - 001250393 _____ () C:\Users\karinasoule\AppData\Local\7E0FE3C0_stp.CIS
2017-06-19 14:01 - 2017-06-19 14:01 - 000000297 _____ () C:\Users\karinasoule\AppData\Local\7E0FE3C0_stp.CIS.part
2016-09-15 21:01 - 2019-06-15 18:16 - 000001456 _____ () C:\Users\karinasoule\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2018-03-28 14:46 - 2018-03-28 14:46 - 000000000 _____ () C:\Users\karinasoule\AppData\Local\{93C32A62-83F6-45DC-ABDF-ED655A39BD8D}
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2020-03-25 16:25
==================== Final de FRST.txt ========================
Addition.txt
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 29-03-2020
Ejecutado por karinasoule (31-03-2020 06:16:03)
Ejecutado desde C:\Users\karinasoule\Downloads\HERRAMIENTAS SISTEMAS\Farbar Recovery Scan Tool
Windows 8.1 Single Language (Update) (X64) (2015-11-16 23:07:34)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-300670512-4152565617-490769388-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-300670512-4152565617-490769388-1003 - Limited - Enabled)
Invitado (S-1-5-21-300670512-4152565617-490769388-501 - Limited - Disabled)
karinasoule (S-1-5-21-300670512-4152565617-490769388-1001 - Administrator - Enabled) => C:\Users\karinasoule
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: 360 Total Security (Disabled - Up to date) {2ACC6E6C-C52C-B3B4-DA13-A43E20B1E26D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Disabled - Up to date) {91AD8F88-E316-BC3A-E0A3-9F4C5B36A8D0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.8.0.1118 - 360 Security Center)
Actualización de NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (HKLM-x32\...\{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (HKLM-x32\...\{993908C2-50E1-4CCB-9846-D663D340896C}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{993908C2-50E1-4CCB-9846-D663D340896C}) (Version: 1.00.0000 - Microsoft Game Studios)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Battlefield 1942 HD (HKLM-x32\...\{231FB844-56FE-41B8-A074-8FB6A73794ED}_is1) (Version: 1.61 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
CutMaster 2D Professional v1.3.2.7 (HKLM-x32\...\CutMaster 2D Professional v1.3.2.7) (Version: 1.3.2.3 - code011)
Desinstalador de impresoras EPSON TX420W Series (HKLM\...\EPSON TX420W Series) (Version: - SEIKO EPSON Corporation)
Discord (HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Free M4a to MP3 Converter 9.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
GameRanger (HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Injected Anti-cheat (HKLM-x32\...\Injected Anti-cheat) (Version: 17.2.0.0 - Alejandro Cortés)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Office Profesional 2016 - es-es (HKLM\...\ProfessionalRetail - es-es) (Version: 16.0.12624.20320 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\OneDriveSetup.exe) (Version: 20.028.0206.0009 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movavi Video Suite 17 (HKLM-x32\...\Movavi Video Suite 17) (Version: 17.0.1 - Movavi)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NVIDIA Controlador de gráficos 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.84 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Photoshop Cs6 versión Final (HKLM-x32\...\{5CF1F901-ED27-4C34-A9CE-A10E8C1DDDB2}_is1) (Version: Final - Braian Urzagaste)
PolyBoard 6.05c (HKLM-x32\...\PolyBoard 6) (Version: 6.5.3.1 - Boole & Partners)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7224 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.0.0.6 - GOG.com)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.4445 - TeamViewer)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UltraISO Premium V9.12 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-012B-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version: - Microsoft)
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Voobly Game Data (HKLM-x32\...\Voobly_is1) (Version: Voobly Game Datas - Voobly)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2015-11-21] (ASUS Cloud Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-15] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-01-13] (Microsoft Corporation)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-08-28] (Microsoft Corporation) [MS Ad]
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_1.0.15.112_x64__8ptj331gd3tyt [2016-10-05] (LINE Corporation)
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-22] (Microsoft Corporation) [MS Ad]
MSN Finanzas -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
MSN Salud -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-06-09] (MAGIX)
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_1.1.13.8_x64__wgeqdkkx372wm [2014-12-04] (Twitter Inc.)
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-21] (Microsoft Corporation) [MS Ad]
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
CustomCLSID: HKU\S-1-5-21-300670512-4152565617-490769388-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-300670512-4152565617-490769388-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-300670512-4152565617-490769388-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-300670512-4152565617-490769388-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-300670512-4152565617-490769388-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-300670512-4152565617-490769388-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-300670512-4152565617-490769388-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> Ningún archivo
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [Archivo no firmado]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2019-11-07] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2019-11-07] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2019-11-07] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [8704 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\karinasoule\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Lucas - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Módulos cargados (Lista blanca) =============
2013-06-26 00:26 - 2013-06-26 00:26 - 001479168 _____ (ASUS Cloud Corporation.) [Archivo no firmado] C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll
2016-06-30 14:11 - 2009-06-30 10:33 - 000430080 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2016-06-30 14:11 - 2008-11-05 19:53 - 000237688 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2016-06-30 14:11 - 2009-07-01 11:09 - 000286720 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2016-06-30 14:11 - 2010-09-10 15:50 - 000135168 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2016-06-30 14:10 - 2010-09-13 15:00 - 000558592 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Windows\System32\enppmon.dll
2016-06-30 14:10 - 2008-05-14 19:22 - 000252416 _____ (SEIKO EPSON CORPORATION) [Archivo no firmado] C:\Windows\System32\enpres.dll
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\Users\karinasoule\Datos de programa:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\karinasoule\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)
HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice =>
HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice =>
HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice =>
HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice =>
HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice =>
HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice =>
HKU\FileCache\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice =>
==================== Internet Explorer sitios de confianza/restringidos ==========
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2013-08-22 10:25 - 2018-07-04 14:26 - 000000856 _____ C:\Windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-300670512-4152565617-490769388-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 186.130.128.250 - 186.130.129.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "AsInstCD"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\StartupApproved\StartupFolder: => "GameRanger.lnk"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_5817E9FDD68C80538BBDAF1229208947"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\StartupApproved\Run: => "Voobly"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{EBA4186A-79D6-41AE-8B7E-07387BF28640}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{A1CE8C21-2495-458E-A65A-F3FEE64B758E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{00790700-CCA3-4F4D-B4A5-959FDDA8C0C6}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{0FEED384-19F6-492E-BD8C-76B24ADC5D78}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{237B8F19-D296-4B4C-92C1-6E720216B279}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{B9204066-4EF2-43DC-8F80-CB2460F87011}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{BA9A3117-D53B-4ADE-AFF4-FBC400433633}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{73E5C523-2B04-4992-B824-47E971B2EC8F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4CF618B1-0F5A-46CE-8052-4CA4A6B8A192}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F755A28A-FB2D-482E-B99D-30218201D090}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{251E06DE-96A2-4D44-B2E0-737EBCC3B8B3}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe (QIHU 360 SOFTWARE CO. LIMITED -> )
FirewallRules: [{DE026C81-2EBB-40A8-AB94-53264D9DF05D}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe (QIHU 360 SOFTWARE CO. LIMITED -> )
FirewallRules: [{A68FE233-CBDD-4015-A4EC-95202EA16257}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> QIHU 360 SOFTWARE CO. LIMITED)
FirewallRules: [{6731FE3B-9DFD-41B9-9CAA-AA8077C9C9AF}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> QIHU 360 SOFTWARE CO. LIMITED)
FirewallRules: [{311E9DD7-812C-49DD-AC31-748C630FAD0F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6B6D639-F456-4139-80E0-94B3FA6377BD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4CA87645-6D86-4052-B696-A7A4DFED279A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{800E7581-46BE-47DD-8C11-8BCB3349D2D3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{249184F2-884B-42C6-9BBE-D33258F0D49E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4266B63E-D717-4FC4-B13D-9757B5ED8E21}] => (Allow) C:\Games\Counter-Strike WaRzOnE\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [{F31DB1AE-F459-4DE3-86E7-B85204BC1AC2}] => (Allow) C:\Games\Counter-Strike WaRzOnE\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [{3C9A26F9-632F-46E4-89B6-819F1478F27E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{EC66B34C-1D18-4A7C-8A18-BD4DCFB5D618}C:\users\karinasoule\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\karinasoule\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{873DBF08-57B7-4D1E-BC88-D9EE2F3C1001}C:\users\karinasoule\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\karinasoule\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{44D8B2DB-D272-44C3-A82B-16ADEDA895B2}C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe] => (Allow) C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe (Firefly Studios Limited -> )
FirewallRules: [UDP Query User{73D91BAB-C9A1-4B90-B43E-53D515692F55}C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe] => (Allow) C:\gog games\stronghold crusader extreme hd\stronghold crusader.exe (Firefly Studios Limited -> )
FirewallRules: [TCP Query User{686CFD1C-0807-41E9-A267-FAB842F0C06A}C:\games\counter-strike warzone\hl.exe] => (Allow) C:\games\counter-strike warzone\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [UDP Query User{88F3CE27-E95A-47D6-8DDF-AD4E59895090}C:\games\counter-strike warzone\hl.exe] => (Allow) C:\games\counter-strike warzone\hl.exe (Valve) [Archivo no firmado]
FirewallRules: [TCP Query User{DD2C28A6-1C6A-4632-AF70-80623A8306B2}C:\games\counter-strike warzone\hlds.exe] => (Allow) C:\games\counter-strike warzone\hlds.exe (Valve -> Valve)
FirewallRules: [UDP Query User{38296C80-BC1E-4F8C-A2F6-065DADDBEC65}C:\games\counter-strike warzone\hlds.exe] => (Allow) C:\games\counter-strike warzone\hlds.exe (Valve -> Valve)
FirewallRules: [TCP Query User{F839E1AC-DA45-4091-8F2F-9FA5B62781DB}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [UDP Query User{139C8FA1-3D6E-4F05-A82B-47EE14DD2D39}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [TCP Query User{7B19B010-7911-42FB-938E-61BAEB0BAD8F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{635CB620-7A4A-4BBB-8CF2-08B5AEC301C8}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{9D885EA8-586D-4ECB-8225-BB2837EF6D41}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Block) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{07333DAB-F4FA-421F-9511-E4AF34AC6871}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Block) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{3016B1E1-8802-4E8E-A782-9EBE0055A6F0}C:\program files (x86)\voobly\voobly.exe] => (Block) C:\program files (x86)\voobly\voobly.exe (Voobly) [Archivo no firmado]
FirewallRules: [UDP Query User{BB7349B7-3A85-4F54-9938-A94CB91DE41B}C:\program files (x86)\voobly\voobly.exe] => (Block) C:\program files (x86)\voobly\voobly.exe (Voobly) [Archivo no firmado]
FirewallRules: [TCP Query User{1638F851-BDCC-4BD0-A2F2-D880F19ADBBF}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [UDP Query User{FD313444-551D-4148-BC21-FAAA05C35AB6}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe (Microsoft Corporation) [Archivo no firmado]
FirewallRules: [{17716E13-1756-40E2-96FF-8E5FE445CE0E}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7FD77C61-01C1-4CAD-99ED-679C800F3200}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FB691090-96A8-4B48-8052-F4BCA628569D}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe (Ensemble Studios) [Archivo no firmado]
FirewallRules: [{906C8228-F9E5-426A-8A69-42A742B70D64}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe (Ensemble Studios) [Archivo no firmado]
FirewallRules: [TCP Query User{65980F46-FB3F-4A03-A24E-0EC521952D61}C:\program files (x86)\microsoft games\age of empires iii\age3.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires iii\age3.exe (Ensemble Studios) [Archivo no firmado]
FirewallRules: [UDP Query User{BC1854EC-5B73-461A-A23E-28FA090685A5}C:\program files (x86)\microsoft games\age of empires iii\age3.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires iii\age3.exe (Ensemble Studios) [Archivo no firmado]
FirewallRules: [{E48BAE4E-2591-4EB9-A980-62D71DC3D33E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{5483B450-5B42-4C56-94E8-04961DCCD400}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{BB5AD300-EC85-45A3-90D9-034AD4266E95}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C4351766-5E66-45A1-BEBD-DDD6A9C8D8A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{82F7C482-6C1A-46EA-982C-60E80A137503}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [UDP Query User{ADE4AE7C-F104-44F9-BFF6-880241A4B7A0}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{22FB7C31-A4E5-463C-83AE-3A36D7F908DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F8933B94-FC7E-421C-82FE-F6C771327BF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B39E46D8-7551-4441-B398-6BBA7CCA97DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E9D191DE-4A3F-4B45-BD76-F0B31C3F4B40}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3CC9A02A-61C9-4AED-A4D4-8A5634222418}C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe] => (Allow) C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe (Firefly Studios Limited -> )
FirewallRules: [UDP Query User{71BEA1FE-D6A4-4FE6-B076-77BE26B1234E}C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe] => (Allow) C:\gog games\stronghold crusader extreme hd\stronghold_crusader_extreme.exe (Firefly Studios Limited -> )
FirewallRules: [{61D6659C-B933-49E7-9139-6B012266A982}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> QIHU 360 SOFTWARE CO. LIMITED)
FirewallRules: [{0D7C7918-214E-4F64-BD6A-26D753D54D10}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> QIHU 360 SOFTWARE CO. LIMITED)
==================== Puntos de Restauración =========================
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Dispositivo de High Definition Audio
Description: Dispositivo de High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (03/31/2020 04:12:35 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (03/31/2020 04:02:22 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function: WIPolicyCreateAll::execute
Message: Unhandled exception caught during execution of work item
Policy File Name: DptfPolicyPassive.dll
Framework Event: PolicyCreate [27]
Exception Function: PolicyManager::createPolicy
Exception Text:
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_THERMAL_RELATIONSHIP_TABLE [91]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (03/31/2020 04:02:21 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function: WIPolicyCreateAll::execute
Message: Unhandled exception caught during execution of work item
Policy File Name: DptfPolicyActive.dll
Framework Event: PolicyCreate [27]
Exception Function: PolicyManager::createPolicy
Exception Text:
DPTF Build Version: 8.1.10605.221
DPTF Build Date: Oct 23 2015 12:24:15
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (03/31/2020 03:16:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa hamachi-2-ui.exe, versión 2.2.0.633, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: 219c
Hora de inicio: 01d60723c275fef2
Hora de finalización: 6
Ruta de acceso de la aplicación: C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
Identificador de informe: 17813901-7317-11ea-831f-305a3a6bea19
Nombre completo de paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (03/31/2020 02:47:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa WA.exe, versión 3.6.31.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.
Identificador de proceso: bd0
Hora de inicio: 01d6071f56d41606
Hora de finalización: 4294967295
Ruta de acceso de la aplicación: C:\Program Files (x86)\Worms Armageddon\WA.exe
Identificador de informe: 1d6f2881-7313-11ea-831f-305a3a6bea19
Nombre completo de paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (03/30/2020 11:54:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: voobly.exe, versión: 0.1.1.1262, marca de tiempo: 0x5cdad723
Nombre del módulo con errores: QtCore4.dll, versión: 4.5.2.0, marca de tiempo: 0x5419bbb2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000cd585
Identificador del proceso con errores: 0xa58
Hora de inicio de la aplicación con errores: 0x01d60703df1b58a5
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Voobly\voobly.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Voobly\QtCore4.dll
Identificador del informe: e852f64e-72fa-11ea-831f-305a3a6bea19
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (03/30/2020 06:49:34 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Un problema impidió que los datos del Programa para la mejora de la experiencia del usuario se enviaran a Microsoft, (error 80070005).
Error: (03/30/2020 07:21:36 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.
Operación:
Recopilando datos del escritor
Contexto:
Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
Nombre del escritor: System Writer
Id. de instancia del escritor: {308ff3d7-99b4-45b8-9296-ffbf8c1c7661}
Errores del sistema:
=============
Error: (03/31/2020 04:49:00 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Se anularon las instantáneas del volumen C: porque el almacenamiento de instantáneas no pudo crecer debido a un límite impuesto por el usuario.
Error: (03/31/2020 04:03:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio LogMeIn Hamachi Tunneling Engine no pudo iniciarse debido al siguiente error:
El servicio no respondió a tiempo a la solicitud de inicio o de control.
Error: (03/31/2020 04:03:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio LogMeIn Hamachi Tunneling Engine.
Error: (03/31/2020 04:02:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HuaweiHiSuiteService64.exe no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (03/31/2020 04:02:36 AM) (Source: sptd) (EventID: 4) (User: )
Description: El controlador detectó un error interno en la estructura de datos de .
Error: (03/31/2020 04:02:36 AM) (Source: sptd) (EventID: 4) (User: )
Description: El controlador detectó un error interno en la estructura de datos de .
Error: (03/31/2020 04:02:36 AM) (Source: sptd) (EventID: 4) (User: )
Description: El controlador detectó un error interno en la estructura de datos de .
Error: (03/31/2020 04:02:36 AM) (Source: sptd) (EventID: 4) (User: )
Description: El controlador detectó un error interno en la estructura de datos de .
Windows Defender:
===================================
Date: 2019-02-28 21:44:36.009
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {3F03D5A2-1EF3-4859-8D90-2318675C5667}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-02-22 14:03:15.728
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {CDC3904C-07F7-43CF-AFF0-0768765DEBDD}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-02-22 13:56:41.323
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {99A3C1DA-6076-4760-BAB1-730068E90516}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-02-22 13:41:30.561
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {8CD4422C-345E-41F8-955D-E0C349D5B342}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-02-21 19:41:37.929
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {EEF6407C-AD08-4D5C-B551-ED42D51F858D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2019-03-01 20:07:07.020
Description:
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x80004005
Descripción del error: Error no especificado
Motivo: El controlador de filtro no examinó los elementos y está en el modo indirecto. Esto puede deberse a recursos insuficientes.
Date: 2019-03-01 20:05:46.563
Description:
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x80004005
Descripción del error: Error no especificado
Motivo: El controlador de filtro no examinó los elementos y está en el modo indirecto. Esto puede deberse a recursos insuficientes.
Date: 2019-03-01 19:53:36.737
Description:
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x80004005
Descripción del error: Error no especificado
Motivo: El controlador de filtro no examinó los elementos y está en el modo indirecto. Esto puede deberse a recursos insuficientes.
Date: 2019-03-01 19:38:03.398
Description:
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x80004005
Descripción del error: Error no especificado
Motivo: El controlador de filtro no examinó los elementos y está en el modo indirecto. Esto puede deberse a recursos insuficientes.
Date: 2019-03-01 19:35:34.493
Description:
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x80004005
Descripción del error: Error no especificado
Motivo: El controlador de filtro no examinó los elementos y está en el modo indirecto. Esto puede deberse a recursos insuficientes.
CodeIntegrity:
===================================
Date: 2019-03-03 18:35:13.944
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-03-03 18:35:13.475
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-27 22:17:49.011
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-27 22:17:48.346
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-22 13:43:24.288
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-22 13:43:23.850
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-19 10:26:55.495
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-19 10:26:54.620
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. X555LD.311 02/05/2015
Placa base: ASUSTeK COMPUTER INC. X555LD
Procesador: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Porcentaje de memoria en uso: 61%
RAM física total: 3979.26 MB
RAM física disponible: 1539.88 MB
Virtual total: 4811.26 MB
Virtual disponible: 1944.3 MB
==================== Unidades ================================
Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:84.47 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:422.04 GB) NTFS
\\?\Volume{0d37d3e2-63b6-4da4-bd59-f2492a4735c2}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.32 GB) NTFS
\\?\Volume{3e534d64-26f0-46f0-bba7-8936bf9dbe96}\ (Restore) (Fixed) (Total:20.01 GB) (Free:12.79 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 19B855B7)
Partition: GPT.
==================== Final de Addition.txt =======================
Hola
No has descargado y ejecutado FRST desde el escritorio como te indiqué, muevelo allí si no fallará el siguiente paso.
MUY Importante Realiza una copia de seguridad del registro :
-
Para hacerlo descarga DelFix.exe( en tu escritorio).
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
(StarWind Software) [Archivo no firmado] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {0942c77c-3cb6-11ea-8314-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {49d94b7a-63a8-11e9-8306-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {4a5059b9-96d8-11e8-82db-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {638f44c1-ff26-11e9-8310-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {638f44ec-ff26-11e9-8310-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {9fda9afc-8826-11e7-82c1-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {a37eebd9-4c43-11ea-8316-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {a77c2ae8-8096-11e9-8309-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {b68ec375-c5e9-11e9-830c-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {b875699b-df25-11e8-82e8-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {bfedff3c-a943-11e8-82dd-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {bfedff71-a943-11e8-82dd-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {d90beffc-e180-11e9-830e-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {ef399161-3f87-11ea-8316-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {ef399178-3f87-11ea-8316-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {f70fe6e5-628b-11e8-82d5-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
SearchScopes: HKU\S-1-5-21-300670512-4152565617-490769388-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
BHO-x32: Sin Nombre -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Ningún archivo
CHR DefaultSearchURL: Profile 1 -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Search Manager) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\codhflfnidhlkphogdmhfhjmkehlfjjk [2020-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR Extension: (Chrome Media Router) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-04]
CHR HKLM\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKLM\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM-x32\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2020-03-26 15:22 - 2020-03-26 16:37 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-03-23 20:12 - 2020-03-23 20:13 - 000000000 ____D C:\Users\karinasoule\AppData\Local\{8BC8BD94-AF60-D12C-C2F8-F4C4E690085C}
2020-03-23 18:38 - 2020-03-23 18:40 - 000000000 ____D C:\Users\karinasoule\AppData\Local\{79F14FAD-5D59-2315-30C1-06FD14A9FA65}
2018-03-28 14:46 - 2018-03-28 14:46 - 000000000 _____ () C:\Users\karinasoule\AppData\Local\{93C32A62-83F6-45DC-ABDF-ED655A39BD8D}
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
AlternateDataStreams: C:\Users\karinasoule\Datos de programa:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\karinasoule\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
- Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
- Presionar el botón FIX/Corregir y aguardar a que termine.
- La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
Hola @Daniela Genial por la ayuda,por el momento todo correcto,los procesos mencionados desaparecieron ,todo marcha ok . Muchas gracias por la atención Saludos.
Acontinuacion adjunto el reporte de FRST.exe
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 29-03-2020
Ejecutado por karinasoule (31-03-2020 21:38:17) Run:1
Ejecutado desde C:\Users\karinasoule\Desktop
Perfiles cargados: karinasoule (Perfiles disponibles: karinasoule)
Modo de Inicio: Safe Mode (minimal)
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
(StarWind Software) [Archivo no firmado] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {0942c77c-3cb6-11ea-8314-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {49d94b7a-63a8-11e9-8306-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {4a5059b9-96d8-11e8-82db-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {638f44c1-ff26-11e9-8310-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {638f44ec-ff26-11e9-8310-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {9fda9afc-8826-11e7-82c1-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {a37eebd9-4c43-11ea-8316-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {a77c2ae8-8096-11e9-8309-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {b68ec375-c5e9-11e9-830c-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {b875699b-df25-11e8-82e8-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {bfedff3c-a943-11e8-82dd-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {bfedff71-a943-11e8-82dd-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {d90beffc-e180-11e9-830e-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {ef399161-3f87-11ea-8316-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {ef399178-3f87-11ea-8316-305a3a6bea19} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-300670512-4152565617-490769388-1001\...\MountPoints2: {f70fe6e5-628b-11e8-82d5-305a3a6bea19} - "G:\HiSuiteDownLoader.exe"
SearchScopes: HKU\S-1-5-21-300670512-4152565617-490769388-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
BHO-x32: Sin Nombre -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Ning�n archivo
CHR DefaultSearchURL: Profile 1 -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Search Manager) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\codhflfnidhlkphogdmhfhjmkehlfjjk [2020-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR Extension: (Chrome Media Router) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-04]
CHR HKLM\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKLM\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM-x32\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft -> Alcohol Soft Development Team)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2020-03-26 15:22 - 2020-03-26 16:37 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-03-23 20:12 - 2020-03-23 20:13 - 000000000 ____D C:\Users\karinasoule\AppData\Local\{8BC8BD94-AF60-D12C-C2F8-F4C4E690085C}
2020-03-23 18:38 - 2020-03-23 18:40 - 000000000 ____D C:\Users\karinasoule\AppData\Local\{79F14FAD-5D59-2315-30C1-06FD14A9FA65}
2018-03-28 14:46 - 2018-03-28 14:46 - 000000000 _____ () C:\Users\karinasoule\AppData\Local\{93C32A62-83F6-45DC-ABDF-ED655A39BD8D}
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ning�n archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ning�n archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ning�n archivo
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> Ning�n archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ning�n archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ning�n archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ning�n archivo
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ning�n archivo
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ning�n archivo
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ning�n archivo
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ning�n archivo
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ning�n archivo
AlternateDataStreams: C:\Users\karinasoule\Datos de programa:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\karinasoule\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe => No se encontró ningún proceso en ejecución
"HKU\S-1-5-21-300670512-4152565617-490769388-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AlcoholAutomount" => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0942c77c-3cb6-11ea-8314-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49d94b7a-63a8-11e9-8306-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4a5059b9-96d8-11e8-82db-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{638f44c1-ff26-11e9-8310-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{638f44ec-ff26-11e9-8310-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fda9afc-8826-11e7-82c1-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a37eebd9-4c43-11ea-8316-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a77c2ae8-8096-11e9-8309-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b68ec375-c5e9-11e9-830c-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b875699b-df25-11e8-82e8-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfedff3c-a943-11e8-82dd-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfedff71-a943-11e8-82dd-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d90beffc-e180-11e9-830e-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef399161-3f87-11ea-8316-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef399178-3f87-11ea-8316-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f70fe6e5-628b-11e8-82d5-305a3a6bea19} => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => eliminado correctamente
"Chrome DefaultSearchURL" => eliminado correctamente
"Chrome DefaultSuggestURL" => eliminado correctamente
CHR Extension: (Search Manager) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\codhflfnidhlkphogdmhfhjmkehlfjjk [2020-03-23] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Chrome Media Router) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Chrome Media Router) - C:\Users\karinasoule\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-04] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\SOFTWARE\Google\Chrome\Extensions\codhflfnidhlkphogdmhfhjmkehlfjjk => eliminado correctamente
HKLM\SOFTWARE\Google\Chrome\Extensions\gpggceimbegdiddifklmeponnmkppfho => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Google\Chrome\Extensions\codhflfnidhlkphogdmhfhjmkehlfjjk => eliminado correctamente
HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Google\Chrome\Extensions\gpggceimbegdiddifklmeponnmkppfho => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\codhflfnidhlkphogdmhfhjmkehlfjjk => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gpggceimbegdiddifklmeponnmkppfho => eliminado correctamente
HKLM\System\CurrentControlSet\Services\AxAutoMntSrv => eliminado correctamente
AxAutoMntSrv => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\HuaweiHiSuiteService64.exe => eliminado correctamente
HuaweiHiSuiteService64.exe => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\AndnetBus => eliminado correctamente
AndnetBus => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\AndNetDiag => eliminado correctamente
AndNetDiag => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ANDNetModem => eliminado correctamente
ANDNetModem => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\xhunter1 => eliminado correctamente
xhunter1 => servicio eliminado correctamente
C:\ProgramData\Malwarebytes' Anti-Malware (portable) => movido correctamente
C:\Users\karinasoule\AppData\Local\{8BC8BD94-AF60-D12C-C2F8-F4C4E690085C} => movido correctamente
C:\Users\karinasoule\AppData\Local\{79F14FAD-5D59-2315-30C1-06FD14A9FA65} => movido correctamente
C:\Users\karinasoule\AppData\Local\{93C32A62-83F6-45DC-ABDF-ED655A39BD8D} => movido correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => eliminado correctamente
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AlcoholShellEx => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{32020A01-506E-484D-A2A8-BE3CF17601C3} => eliminado correctamente
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AlcoholShellEx64 => eliminado correctamente
HKLM\Software\Classes\CLSID\{AF67B665-D752-424E-9A03-C7C218F2844F} => eliminado correctamente
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => eliminado correctamente
C:\Users\karinasoule\Datos de programa => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS eliminado correctamente
"C:\Users\karinasoule\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS no encontrado.
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-300670512-4152565617-490769388-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x8007042c
========= Final de CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est ejecutando e intente la solicitud de nuevo.
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est ejecutando e intente la solicitud de nuevo.
========= Final de CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11632502 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 376376602 B
Edge => 0 B
Chrome => 407266648 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 96778 B
systemprofile32 => 44076118 B
LocalService => 44077772 B
NetworkService => 61807060 B
karinasoule => 73886291 B
RecycleBin => 600601013 B
EmptyTemp: => 1.5 GB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 21:38:54 ====
Hola @lukitas.ju
Sigue estos pasos, para eliminar las herramientas utilizadas:
Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte
Nos alegramos que se te haya resuelto Damos el tema por solucionado.
Un saludo