SMTP infectado Malware

Saludos a todos, y muy agradecido de antemano a quienes me ayuden!

A finales de Abril ejecute por confiado el exe de un programa, al parecer ese ejecutable era un malware

mi internet se puso demasiado lento, cuando entro a navegar y etc

ofcourse1270×660 280 KB

verifique mi internet y el rendimiento es muy alto, algo que me sorprende porque no navego casi nada, antes no era así. igual cuando no navego sigue en alto.

por las dudas entre a https://whoer.net y me lleve con la sorpresa

que estaba en lista negra y que mi SMTP está infectado y en ese momento me di cuenta el motivo del porque mi internet esta demasiado lento.

por el spam del malware seguramente de ese exe

de inmediato instale el malwarebytes, pero no logra instalarse

espere horas y nada , entonces lo finalice para luego recurrir al adwcleaner

sau764×490 57.8 KB

termino de escanear y no encontró nada.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-19-2020
# Duration: 00:00:46
# OS:       Windows 10 Pro
# Scanned:  32067
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

estoy muy preocupado, espero su ayuda gracias

Hola

Reazlias en orden y me pones los informes

• Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

• Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) ¿Cómo saber si mi Windows es de 32 o 64 bits?

• Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Si.

• En la nueva ventana que se abre, presiona el botón Analizar y espera a que concluya el análisis.

• Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Pon igualmente el log de Eset.

Los dos logs de Frst, te has comido el encabezado en ambos…edita las respuestas y pegalo.

Es muy importante pegar los informes enteros, tal cual

si se me paso, bien ahora si

registro ESET

22/05/2020 12:10:39 p. m.
Archivos explorados: 268012
Archivos detectados: 0
Archivos desinfectados: 0
Tiempo total de exploración: 00:50:56
Estado de la exploración: Finalizado

Log ESET

11:06:15 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.2.6.0
# country="Peru"
# lang=13322
11:11:56 Updating
11:11:57 Update Init
11:12:07 Update Download
11:12:35 esets_scanner_reload returned 0
11:12:35 g_uiModuleBuild: 45528
11:12:35 Update Finalize
11:12:35 Call m_esets_charon_send
11:12:35 Call m_esets_charon_destroy
11:12:36 Updated modules version: 45528
11:12:46 Scanner engine: 45528
12:12:29 Call m_esets_charon_send
12:12:29 Call m_esets_charon_destroy

FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 13-05-2020 01
Ejecutado por Dataone (administrador) sobre DESKTOP-4FJ54G7 (22-05-2020 12:43:56)
Ejecutado desde C:\Users\Dataone\Desktop
Perfiles cargados: Dataone
Platform: Windows 10 Pro Versión 1903 18362.720 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\1B4F2187-1B4C-4225-80CD-615B65DB738B\MpSigStub.exe
(Autodesk, Inc. -> Autodesk) C:\Users\Dataone\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwwatcher.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwnetfilter.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwservice.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-45ec0b23.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MpCmdRun.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2018-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SpIDerAgent] => C:\Program Files\DrWeb\spideragent.exe [22144904 2020-02-12] (Doctor Web Ltd. -> Doctor Web, Ltd.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [665384 2019-12-05] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\Dataone\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-837477985-59271873-3779852295-1001\...\Run: [Opera Browser Assistant] => C:\Users\Dataone\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3004440 2020-05-18] (Opera Software AS -> Opera Software)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1B74B394-19DB-4DF5-9C6B-6307EB42C81D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-04-05] ( ) [Archivo no firmado]
Task: {54184224-8A0B-4D7E-9A08-C46B881914CA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Dataone\Desktop\ESETOnlineScanner_ESL.exe [14665312 2020-05-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {6046D6D1-14B7-4E6E-BC4F-A7323DBA3FD5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {6AA1F1E8-89AE-427D-ACB4-A11D8CEEBEB9} - System32\Tasks\Opera scheduled Autoupdate 1589520334 => C:\Users\Dataone\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-05-18] (Opera Software AS -> Opera Software)
Task: {B033E2B7-9110-450E-B53A-BFF88EE4EE70} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Dataone\Desktop\ESETOnlineScanner_ESL.exe [14665312 2020-05-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {C95CFC50-5FE1-4614-B7D3-B7836F9F9586} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [11490848 2020-01-29] (Doctor Web Ltd. -> Doctor Web, Ltd.)
Task: {D2B206E4-510A-4CE3-8496-7CD4F10F7428} - System32\Tasks\Opera scheduled assistant Autoupdate 1589520337 => C:\Users\Dataone\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-05-18] (Opera Software AS -> Opera Software)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{47177257-918e-476e-86e8-4d621d769fbd}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => Ningún archivo
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

Edge: 
======
DownloadDir: C:\Users\Dataone\Downloads

FireFox:
========
FF DefaultProfile: seaqyaci.default
FF ProfilePath: C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\seaqyaci.default [2020-01-18]
FF ProfilePath: C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release [2020-05-21]
FF Extension: (Canvas Defender) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\@canvas-shadow.xpi [2020-01-24]
FF Extension: (Dark Reader) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\[email protected] [2020-05-14]
FF Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\[email protected] [2020-04-24]
FF Extension: (CanvasBlocker) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\[email protected] [2020-03-19]
FF Extension: (IDM Integration Module) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\[email protected] [2020-04-30]
FF Extension: (uBlock Origin) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\[email protected] [2020-05-20]
FF Extension: (minerBlock) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\[email protected] [2020-05-15]
FF Extension: (webgl-defender) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\{2cf5dbed-78fe-4bd5-9524-38fdf837be98}.xpi [2020-05-15]
FF Extension: (Ignore Google Scripts) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\{a4e657a5-1734-4883-ad45-1faa8b671665}.xpi [2020-01-24]
FF Extension: (Matte Black (Red)) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\{a7589411-c5f6-41cf-8bdc-f66527d9d930}.xpi [2020-05-14]
FF Extension: (audiocontext-defender) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\{ab0ae774-f22f-479b-9b1b-6aff11bf6f5c}.xpi [2020-05-09]
FF Extension: (Dark Fox) - C:\Users\Dataone\AppData\Roaming\Mozilla\Firefox\Profiles\mbztaj7q.default-release\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2020-05-14]
FF HKU\S-1-5-21-837477985-59271873-3779852295-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Dataone\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Dataone\AppData\Roaming\IDM\idmmzcc5 [2020-05-05] [Heredado] [no firmado]
FF HKU\S-1-5-21-837477985-59271873-3779852295-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Heredado]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-05-01]

Opera: 
=======
OPR Extension: (Google Translate) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-05-20]
OPR Extension: (WebRTC Control) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\abbdelbgkogfgjkjflgmhebbfjahgalo [2020-05-15]
OPR Extension: (Dark Reader) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-05-15]
OPR Extension: (No Coin - Block miners on the web!) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\elbgaajlcmcdcjokedpklkpajmpchphb [2020-05-15]
OPR Extension: (Font Fingerprint Defender) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\gfbjnaflmhopbncmldmpikcmficnhfpk [2020-05-15]
OPR Extension: (J2TEAM Security) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\hmlcjjclebjnfohgmgikjfnbmfkigocc [2020-05-15]
OPR Extension: (Canvas Fingerprint Defender) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbabfmmaakhjdgmkgjalnoddnflbfpji [2020-05-15]
OPR Extension: (uBlock Origin) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2020-05-15]
OPR Extension: (Install Chrome Extensions) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-05-15]
OPR Extension: (AudioContext Fingerprint Defender) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljmppmdkkecmjklpellconfckclhemei [2020-05-15]
OPR Extension: (uBlocker - Ad Block Tool for Chrome) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\lmiknjkanfacinilblfjegkpajpcpjce [2020-05-19]
OPR Extension: (IDM Integration Module) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-05-15]
OPR Extension: (Canvas Blocker (Fingerprint protect)) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\nomnklagbgmgghhjidfhnoelnjfndfpd [2020-05-15]
OPR Extension: (minerBlock) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\ommpkaoknnopoeipocpeenjolbnabkfm [2020-05-15]
OPR Extension: (WebGL Fingerprint Defender) - C:\Users\Dataone\AppData\Roaming\Opera Software\Opera Stable\Extensions\opplenfjekjblcdkdlbagafllgogllem [2020-05-15]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1047416 2019-12-05] (Autodesk, Inc. -> Autodesk Inc.)
S4 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 DrWebAVService; C:\Program Files\DrWeb\dwservice.exe [14751344 2020-02-05] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2222488 2020-05-12] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebNetFilter; C:\Program Files\DrWeb\dwnetfilter.exe [7207592 2020-04-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-20] (Malwarebytes Inc -> Malwarebytes)
S4 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [237520 2020-04-21] (TEFINCOM S.A. -> )
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2123088 2019-12-12] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENCIÓN (no ServiceDLL)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [Archivo no firmado]
R0 DrWebLwf; C:\WINDOWS\System32\drivers\drweblwf.sys [505592 2020-04-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R0 DwDevGuard; C:\WINDOWS\System32\drivers\dwdg.sys [302824 2020-04-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 DwELAM; C:\WINDOWS\System32\drivers\dwelam.sys [31984 2020-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Doctor Web, Ltd.)
R0 DwProt; C:\WINDOWS\System32\drivers\dwprot.sys [877888 2020-04-30] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-05-20] (Malwarebytes Corporation -> Malwarebytes)
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [98160 2014-09-09] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [79872 2014-09-09] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-20] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-05-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-05-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-05-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [125088 2020-05-20] (Malwarebytes Inc -> Malwarebytes)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2018-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-18] (Microsoft Windows -> Realtek )
R3 Serenum; C:\WINDOWS\system32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Serial; C:\WINDOWS\System32\drivers\nuvserial.sys [86016 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
S3 silabenm; C:\WINDOWS\System32\drivers\silabenm.sys [23552 2014-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 silabser; C:\WINDOWS\System32\drivers\silabser.sys [79360 2014-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
R0 SpiderG3; C:\WINDOWS\System32\drivers\spiderg3.sys [392872 2020-04-03] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [134096 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [35256 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [394680 2020-05-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-22 12:43 - 2020-05-22 12:44 - 000020994 _____ C:\Users\Dataone\Desktop\FRST.txt
2020-05-22 12:43 - 2020-05-22 12:44 - 000000000 ____D C:\FRST
2020-05-22 12:36 - 2020-05-22 12:36 - 002286080 _____ (Farbar) C:\Users\Dataone\Desktop\FRST64.exe
2020-05-22 12:11 - 2020-05-22 12:11 - 000000368 _____ C:\Users\Dataone\Desktop\registro ESET.txt
2020-05-22 11:06 - 2020-05-22 11:06 - 000000772 _____ C:\Users\Dataone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-05-22 11:06 - 2020-05-22 11:06 - 000000655 _____ C:\Users\Dataone\Desktop\ESET Online Scanner.lnk
2020-05-21 16:27 - 2020-05-22 11:10 - 014665312 _____ (ESET spol. s r.o.) C:\Users\Dataone\Desktop\ESETOnlineScanner_ESL.exe
2020-05-21 12:10 - 2020-05-22 12:19 - 000000000 ____D C:\Users\Dataone\Desktop\sio
2020-05-20 17:41 - 2020-05-20 17:41 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-05-20 17:41 - 2020-05-20 17:41 - 000125088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-05-20 17:41 - 2020-05-20 17:41 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-05-20 17:40 - 2020-05-20 17:40 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-20 04:54 - 2020-05-20 04:54 - 000003816 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-05-20 04:54 - 2020-05-20 04:54 - 000003374 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-05-20 01:55 - 2020-05-22 10:44 - 000000000 ____D C:\Users\Dataone\AppData\LocalLow\IGDump
2020-05-20 01:43 - 2020-05-20 01:43 - 000000000 ____D C:\Users\Dataone\AppData\Local\mbam
2020-05-20 01:42 - 2020-05-20 01:42 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-20 01:42 - 2020-05-20 01:42 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-05-20 01:42 - 2020-05-20 01:42 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-05-20 01:42 - 2020-05-20 01:42 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-20 01:42 - 2020-05-20 01:42 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-20 01:42 - 2020-05-20 01:42 - 000000000 ____D C:\Users\Dataone\AppData\Local\mbamtray
2020-05-20 01:42 - 2020-05-20 01:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-20 00:03 - 2020-05-20 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-05-20 00:03 - 2020-05-20 00:03 - 000000000 ____D C:\Program Files\NordVPN network TUN
2020-05-20 00:03 - 2020-05-20 00:03 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-05-19 22:27 - 2020-05-21 20:48 - 000000515 _____ C:\Users\Dataone\Desktop\lee.txt
2020-05-19 21:12 - 2020-05-19 21:14 - 000000000 ____D C:\AdwCleaner
2020-05-19 20:59 - 2020-05-19 20:59 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-19 19:00 - 2020-05-19 19:00 - 000000000 ____D C:\Users\Dataone\AppData\Local\ESET
2020-05-19 17:34 - 2020-05-19 17:37 - 008196784 _____ (Malwarebytes) C:\Users\Dataone\Desktop\adwcleaner_8.0.4.exe
2020-05-19 12:20 - 2020-05-19 12:20 - 000000000 ____D C:\Users\Dataone\Downloads\DR2
2020-05-19 12:09 - 2020-05-19 16:05 - 000000000 ____D C:\Users\Dataone\AppData\Local\CrashDumps
2020-05-19 00:44 - 2020-05-20 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2020-05-19 00:44 - 2020-05-19 00:44 - 000000000 ____D C:\ProgramData\GridinSoft
2020-05-18 23:34 - 2020-05-19 20:51 - 000000598 _____ C:\Users\Dataone\Desktop\info.txt
2020-05-15 10:06 - 2020-05-21 10:34 - 000000000 ____D C:\Users\Dataone\Downloads\opera autoupdate
2020-05-15 00:25 - 2020-05-22 10:48 - 000004230 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1589520334
2020-05-15 00:25 - 2020-05-22 10:48 - 000001408 _____ C:\Users\Dataone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2020-05-15 00:25 - 2020-05-22 00:49 - 000001418 _____ C:\Users\Dataone\Desktop\Navegador Opera.lnk
2020-05-15 00:25 - 2020-05-19 11:28 - 000004480 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1589520337
2020-05-15 00:25 - 2020-05-15 00:25 - 000000000 ____D C:\Users\Dataone\AppData\Local\Opera Software
2020-05-14 23:24 - 2020-05-14 23:24 - 000000000 ____D C:\Users\Dataone\AppData\Roaming\Opera Software
2020-05-12 00:55 - 2020-05-12 00:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-05-05 23:22 - 2020-05-10 10:00 - 000000000 ____D C:\Users\Dataone\AppData\Roaming\IDM
2020-05-05 23:22 - 2020-05-05 23:22 - 000000000 ____D C:\ProgramData\IDM
2020-05-05 23:21 - 2020-05-22 12:37 - 000000000 ____D C:\Users\Dataone\AppData\Roaming\DMCache
2020-05-05 23:21 - 2020-05-22 00:49 - 000001081 _____ C:\Users\Dataone\Desktop\Internet Download Manager.lnk
2020-05-05 23:21 - 2020-05-05 23:22 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2020-05-05 23:21 - 2020-05-05 23:21 - 000000000 ____D C:\Users\Dataone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2020-05-05 23:21 - 2020-05-05 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2020-05-01 19:32 - 2018-12-20 06:05 - 000229296 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2020-05-01 01:57 - 2020-05-01 01:57 - 000000000 ____D C:\Users\Dataone\AppData\Local\cache
2020-04-30 19:15 - 2020-04-30 19:15 - 000001623 _____ C:\Users\Dataone\Downloads\drweb32.key

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-22 12:44 - 2020-01-17 23:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-05-22 12:43 - 2020-01-21 19:10 - 000000000 ____D C:\Program Files (x86)\System Ninja
2020-05-22 12:42 - 2020-01-17 16:27 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-22 12:39 - 2020-01-17 22:53 - 000000000 ____D C:\Users\Dataone
2020-05-22 12:38 - 2020-01-17 16:18 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-05-22 12:03 - 2020-01-17 22:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-22 10:40 - 2018-10-13 22:50 - 000000000 __SHD C:\Users\Dataone\IntelGraphicsProfiles
2020-05-22 01:16 - 2020-01-17 22:47 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-22 00:49 - 2020-01-31 20:45 - 000001098 _____ C:\Users\Dataone\Desktop\Adobe Animate 2019.lnk
2020-05-22 00:49 - 2020-01-23 14:17 - 000002174 _____ C:\Users\Dataone\Desktop\Loquendo TTS 7 Director.lnk
2020-05-22 00:49 - 2020-01-18 13:46 - 000001190 _____ C:\Users\Dataone\Desktop\Adobe Premiere Pro 2019.lnk
2020-05-22 00:49 - 2020-01-18 13:31 - 000001124 _____ C:\Users\Dataone\Desktop\Adobe Photoshop CC 2019.lnk
2020-05-21 23:16 - 2020-01-17 16:27 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-05-21 23:16 - 2020-01-17 16:26 - 000000000 ____D C:\WINDOWS\INF
2020-05-21 20:57 - 2020-01-19 14:19 - 000000000 ____D C:\Users\Dataone\Downloads\Compressed
2020-05-21 20:49 - 2018-03-09 09:23 - 000000000 ____D C:\Users\Dataone\AppData\LocalLow\Mozilla
2020-05-21 20:38 - 2020-01-19 14:19 - 000000000 ____D C:\Users\Dataone\Downloads\Video
2020-05-20 18:36 - 2020-01-22 09:57 - 000000000 ____D C:\Users\Dataone\AppData\Roaming\vlc
2020-05-20 17:46 - 2020-01-17 23:04 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-20 17:46 - 2020-01-17 16:31 - 000788560 _____ C:\WINDOWS\system32\perfh00A.dat
2020-05-20 17:46 - 2020-01-17 16:31 - 000155850 _____ C:\WINDOWS\system32\perfc00A.dat
2020-05-20 17:40 - 2020-01-22 19:21 - 000000000 ____D C:\Users\Dataone\AppData\Roaming\WTablet
2020-05-20 17:40 - 2020-01-18 12:07 - 000000000 ____D C:\ProgramData\Doctor Web
2020-05-20 17:40 - 2020-01-17 23:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-20 17:40 - 2020-01-17 16:18 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-05-20 01:42 - 2020-01-17 16:27 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-20 00:03 - 2020-01-24 19:29 - 000002046 _____ C:\Users\Public\Desktop\NordVPN.lnk
2020-05-20 00:03 - 2020-01-24 19:29 - 000000000 ____D C:\Users\Dataone\AppData\Local\NordVPN
2020-05-19 21:08 - 2020-01-21 19:22 - 000000000 ____D C:\Program Files\DrWeb
2020-05-19 15:40 - 2018-03-08 16:36 - 000000000 ____D C:\Users\Dataone\Doctor Web
2020-05-16 20:00 - 2018-03-06 12:50 - 000000000 ____D C:\Users\Dataone\Documents\Adobe
2020-05-16 17:29 - 2020-01-18 00:45 - 000000000 ____D C:\Users\Dataone\AppData\Local\D3DSCache
2020-05-16 17:09 - 2020-04-16 13:17 - 000000000 ____D C:\ProgramData\The Foundry
2020-05-16 17:09 - 2020-04-16 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Foundry
2020-05-16 16:55 - 2020-01-18 13:18 - 000000000 ____D C:\Program Files\Adobe
2020-05-16 16:54 - 2020-01-17 23:12 - 000000000 ____D C:\Users\Dataone\AppData\Roaming\Adobe
2020-05-16 16:54 - 2018-12-17 17:00 - 000000000 ____D C:\Users\Public\Documents\Adobe
2020-05-16 16:46 - 2020-01-18 17:32 - 000000000 ____D C:\ProgramData\Freemake
2020-05-16 16:25 - 2020-03-27 15:53 - 000000000 __SHD C:\DrWeb Quarantine
2020-05-15 18:22 - 2018-03-06 18:11 - 000000000 ____D C:\Users\Dataone\Documents\GTA Vice City User Files
2020-05-12 17:21 - 2020-04-11 13:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-05-12 17:21 - 2020-01-18 11:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-12 00:55 - 2020-01-18 11:31 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-05-08 12:36 - 2020-02-06 22:05 - 000000000 ____D C:\Users\Dataone\Documents\xgen
2020-05-05 15:45 - 2020-04-05 18:10 - 000000000 ____D C:\Users\Dataone\AppData\Roaming\IObit
2020-05-04 11:01 - 2020-01-17 22:41 - 000276728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-04 10:59 - 2020-01-17 16:27 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-04 10:59 - 2020-01-17 16:27 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-05-04 10:59 - 2020-01-17 16:27 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-05-04 10:59 - 2020-01-17 16:27 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-04 10:59 - 2020-01-17 16:27 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-04 10:59 - 2020-01-17 16:27 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-05-04 10:59 - 2020-01-17 16:27 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-04 10:59 - 2020-01-17 16:27 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-05-04 10:59 - 2020-01-17 16:21 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-01 01:57 - 2020-02-06 21:30 - 000000000 ____D C:\Users\Dataone\AppData\Local\Autodesk
2020-04-30 19:23 - 2020-01-22 21:35 - 000877888 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\dwprot.sys
2020-04-30 19:23 - 2020-01-22 21:35 - 000505592 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\drweblwf.sys
2020-04-30 19:23 - 2020-01-22 21:35 - 000302824 _____ (Doctor Web, Ltd.) C:\WINDOWS\system32\Drivers\dwdg.sys
2020-04-26 14:34 - 2019-10-24 01:25 - 000000000 ____D C:\Users\Dataone\.Loquendo
2020-04-25 13:56 - 2020-01-17 16:27 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-25 00:43 - 2020-01-17 16:27 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-24 00:00 - 2020-04-16 13:17 - 000000000 ____D C:\ProgramData\Reprise
2020-04-22 19:21 - 2020-02-06 21:31 - 000000000 ____D C:\ProgramData\Autodesk

==================== Archivos en la raíz de algunos directorios ========

2007-10-04 12:00 - 2007-10-04 12:00 - 000003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

ADDITION

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 13-05-2020 01
Ejecutado por Dataone (22-05-2020 12:45:16)
Ejecutado desde C:\Users\Dataone\Desktop
Windows 10 Pro Versión 1903 18362.720 (X64) (2020-01-18 04:12:45)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-837477985-59271873-3779852295-500 - Administrator - Disabled)
Dataone (S-1-5-21-837477985-59271873-3779852295-1001 - Administrator - Enabled) => C:\Users\Dataone
DefaultAccount (S-1-5-21-837477985-59271873-3779852295-503 - Limited - Disabled)
Invitado (S-1-5-21-837477985-59271873-3779852295-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-837477985-59271873-3779852295-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Dr.Web Security Space (Enabled - Up to date) {1F0B3F76-4795-94AD-DF9E-2678C33ACA8F}
AV: Dr.Web Security Space (Enabled - Up to date) {0A56AC17-36B3-8320-3A3C-9B74469F0756}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Dr.Web Security Space (Enabled - Up to date) {7EB562BC-FC81-363C-C38F-9AE2C1B01972}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Animate 2019 (HKLM-x32\...\FLPR_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_5) (Version: 20.0.5 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_4) (Version: 13.1.4 - Adobe Systems Incorporated)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.21.17 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
Autodesk Maya 2020 (HKLM\...\{7FF82F77-D33A-4FD1-933F-06ECB0202979}) (Version: 20.1.0.632 - Autodesk) Hidden
Autodesk Maya 2020 (HKLM\...\{E63648E7-BD88-4137-AED6-156E77E79DD3}) (Version: 2020.1.0.632 - Autodesk, Inc.)
Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk) Hidden
Bifrost Extension 2.0.5.0 for Maya 2020 (HKLM\...\{55EA9152-717D-460A-AA14-06C76B27FB84}) (Version: 2.0.5.0 - Autodesk)
Dr.Web Security Space (HKLM\...\{5352DB49-883D-4b64-8443-DA7B80C33ED5}) (Version: 12.0 - Doctor Web, Ltd.)
FastStone Capture 9.3 (HKLM-x32\...\FastStone Capture) (Version: 9.3 - FastStone Soft)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
K-Lite Mega Codec Pack 15.4.4 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.4.4 - KLCP)
Loquendo TTS 7 Carlos Multimedia High Quality (HKLM-x32\...\{CCB512D7-4500-4E5F-A2EA-26D512E4B2BF}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Carmen Multimedia High Quality (HKLM-x32\...\{08E73A78-70C4-4168-BB68-98B6D7A9001F}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo)
Loquendo TTS 7 Jorge Multimedia High Quality (HKLM-x32\...\{22BF5757-B409-4936-B711-959FE897BD4A}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 SDK Distribution (HKLM-x32\...\{30139AC2-AB19-4AEA-865F-2154240D851F}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Soledad Multimedia High Quality (HKLM-x32\...\{5A073D9F-DC37-4581-BD40-A88EEAB5048D}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Spanish (HKLM-x32\...\{02B7FE27-CF87-4380-B57B-9D7A543B1674}) (Version: 7.4.0 - Loquendo)
Loquendo TTS 7 Ximena High Quality (HKLM-x32\...\{C128CA1F-2D46-4C1F-80A1-B67727224DE9}) (Version: 7.7.1 - Loquendo)
Loquendo TTS: Jorge (Spanish) (HKLM-x32\...\LoqTTS-Jorge_is1) (Version:  - )
Loquendo TTS: Juan (Spanish) (HKLM-x32\...\LoqTTS-Juan_is1) (Version:  - )
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 76.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 76.0.1 (x64 es-ES)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla)
MtoA for Maya 2020 (HKU\S-1-5-21-837477985-59271873-3779852295-1001\...\MtoA2020) (Version: 4.0.2 - Autodesk)
NordVPN (HKLM-x32\...\{A87972CF-28AE-43DD-ACB5-16EBD1ED70C3}) (Version: 6.29.7 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.29.7) (Version: 6.29.7 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
Opera Stable 68.0.3618.125 (HKU\S-1-5-21-837477985-59271873-3779852295-1001\...\Opera 68.0.3618.125) (Version: 68.0.3618.125 - Opera Software)
Panel de control de NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rokoko Motion Library - Maya 2020.1 (HKLM\...\Rokoko Motion Library 1.0.0) (Version: 1.0.0 - Rokoko)
Rokoko Motion Library (HKLM\...\{92A4BB66-5445-4E92-ABFA-9DC9EE7FB559}) (Version: 1.0.0 - Rokoko) Hidden
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Substance in Maya 2020-2.0.3 (HKLM\...\{47209805-a05c-4af2-b34b-459745022023}_is1) (Version: 2.0.3 - Adobe)
System Ninja versión 3.2.7 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.2.7 - SingularLabs)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.38-2 - Wacom Technology Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
ZBrush 2020.1 Updater (HKLM\...\ZBrush 2020 2020) (Version: 2020.1 - Pixologic)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-19] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.10406.5015.0_x64__8wekyb3d8bbwe [2020-04-25] (Microsoft Corporation)
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-837477985-59271873-3779852295-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Dataone\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-837477985-59271873-3779852295-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Dataone\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-837477985-59271873-3779852295-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Dataone\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => Ningún archivo
ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2020-01-22] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2020-01-22] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-20] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6-x32: [DrwMenuHandlers] -> {E7593602-124B-47C9-9F73-A69308EDC973} => C:\Program Files\DrWeb\drwsxtn.dll [2020-01-22] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [DrwMenuHandlers64] -> {035B18F9-A217-44d5-91C9-B682C33C1078} => C:\Program Files\DrWeb\drwsxtn64.dll [2020-01-22] (Doctor Web Ltd. -> Doctor Web, Ltd.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-20] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [310784 2019-12-28] () [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [Archivo no firmado]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [Archivo no firmado]

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2020-01-17 16:27 - 2020-01-17 16:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-837477985-59271873-3779852295-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dataone\Pictures\Saved Pictures\cclose.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKU\S-1-5-21-837477985-59271873-3779852295-1001\...\StartupApproved\StartupFolder: => "GenuineService.lnk"
HKU\S-1-5-21-837477985-59271873-3779852295-1001\...\StartupApproved\Run: => "OneDrive"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{771B57E9-9B9F-4D7C-8804-677035667544}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB09B9D4-517C-4B49-9A0A-FCB08305138D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{31414EC7-5F42-4EA9-BA6E-58515DB1EA7A}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\Photoshop.exe (Adobe Inc. -> Adobe Systems Incorporated) [Archivo no firmado]
FirewallRules: [{DF9F956A-18D0-4506-8C9C-C020F5680B67}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\Photoshop.exe (Adobe Inc. -> Adobe Systems Incorporated) [Archivo no firmado]
FirewallRules: [{A172B70B-45F4-4523-8EB6-DB47236E0FCE}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\CRWindowsClientService.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{20D13AD4-3E3B-47F1-B1B8-3492D9EF7D0D}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\CRWindowsClientService.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{C2973776-DE5B-4669-BBA5-333D21126C98}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\PhotoshopPrefsManager.exe (Adobe Inc. -> Adobe Systems Inc.)
FirewallRules: [{C0BE52DE-724D-41A5-8B26-E722C789FAB1}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\PhotoshopPrefsManager.exe (Adobe Inc. -> Adobe Systems Inc.)
FirewallRules: [{E76BAC5B-8B2A-4275-9308-1092E2C2CC7E}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\CRLogTransport.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{B7E722EB-8069-445C-8540-5F6A116F0349}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\LogTransport2.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{4AA085AA-D5A4-4FB8-9CC0-F507ED7CD544}] => (Block) %ProgramFiles% (x86)\Freemake\Freemake Video Converter\FreemakeVC.exe => Ningún archivo
FirewallRules: [{7855D237-5789-4527-96CA-9F99F04BDB71}] => (Block) %ProgramFiles% (x86)\Freemake\Freemake Video Converter\FreemakeVC.exe => Ningún archivo
FirewallRules: [{DB1AB91A-DC65-4027-BF29-4EB7D24F2DCD}] => (Block) %ProgramFiles% (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe => Ningún archivo
FirewallRules: [{CF21DD04-DAF1-4DF1-80AD-9C47FB95F5EB}] => (Block) %ProgramFiles% (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe => Ningún archivo
FirewallRules: [{2B03CE12-8543-48D5-8176-0EF607319E3A}] => (Block) %ProgramFiles% (x86)\Freemake\Freemake Video Converter\SetupUpdate.exe => Ningún archivo
FirewallRules: [{7D6CDD86-E383-446C-B8F2-20849F647A46}] => (Block) %ProgramFiles% (x86)\Freemake\Freemake Video Converter\SetupUpdate.exe => Ningún archivo
FirewallRules: [TCP Query User{1A4A4BED-72D1-4952-86CB-5EB9AC9FB1D1}C:\program files (x86)\slimjet\slimjet.exe] => (Block) C:\program files (x86)\slimjet\slimjet.exe => Ningún archivo
FirewallRules: [UDP Query User{8B454904-2DD4-4C9C-92ED-08E61BD3EBDF}C:\program files (x86)\slimjet\slimjet.exe] => (Block) C:\program files (x86)\slimjet\slimjet.exe => Ningún archivo
FirewallRules: [{342726DB-255D-4DF8-898D-44AF78575D6E}] => (Allow) C:\Program Files\DrWeb\dwservice.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{6616D73E-2D12-4B43-B1B5-D8F892946043}] => (Allow) C:\Program Files\DrWeb\spideragent.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{9A9FBF06-4A8A-40C6-A2D4-63FADA489F4A}] => (Allow) C:\Program Files\DrWeb\dwnetfilter.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [TCP Query User{B47D1211-6A54-4350-B776-9067AEAB34E3}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{AE5655AE-0888-40A3-B56B-EA1748EE215B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{5A2BEE1A-0278-47C9-9D57-CC4B8EF8C254}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\maya.exe => Ningún archivo
FirewallRules: [{175CF446-325A-4A46-A9BC-69720E7F6088}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\maya.exe => Ningún archivo
FirewallRules: [{538920C8-42DD-446C-AF78-178B39A55D9B}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\mayabatch.exe => Ningún archivo
FirewallRules: [{AD8DD3B3-ED50-477D-A158-15F8AD7147E7}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\mayabatch.exe => Ningún archivo
FirewallRules: [{75AC5AE5-3249-42F6-B8D4-06152DD4C991}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\mayaServerTest.exe => Ningún archivo
FirewallRules: [{3994706F-F0FD-45A0-B29E-2CB0BC79C748}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\mayaServerTest.exe => Ningún archivo
FirewallRules: [{88EFCE26-7884-451A-A989-B34CC8E13C9A}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\Render.exe => Ningún archivo
FirewallRules: [{186B27C3-6DAC-4235-965C-4BEFC9DE481C}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\Render.exe => Ningún archivo
FirewallRules: [{E8BC6AEA-2AA3-4FF9-8926-D9D938ED187A}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\mayaServerTest.exe => Ningún archivo
FirewallRules: [{D4585D68-ECCE-4DFD-B8B7-69113BB8CA2E}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\fcheck.exe => Ningún archivo
FirewallRules: [{9C84AE4A-03A0-4A98-895E-7C3AFA3F59A2}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\fcheck.exe => Ningún archivo
FirewallRules: [{F62FA10D-1CA9-48E5-952B-252D61D9B514}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\mayaClockServer.exe => Ningún archivo
FirewallRules: [{38EDE6CB-EFE4-4DE8-B022-A987E731F61D}] => (Block) %ProgramFiles% (x86)\Maya2020\bin\mayaClockServer.exe => Ningún archivo
FirewallRules: [{F552E875-B7A8-4554-A35F-A8BF3EE39341}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrInstSvc.exe (Autodesk, Inc. -> Autodesk Inc.)
FirewallRules: [{9C4DD437-717B-44F5-A18C-79622DB1793C}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrInstSvc.exe (Autodesk, Inc. -> Autodesk Inc.)
FirewallRules: [{0B05DC54-1EAD-4D61-823D-503F189884E8}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrLauncher.exe (Autodesk, Inc. -> Autodesk Inc.)
FirewallRules: [{F63D9140-5846-4F3A-9902-545AB3015F82}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrLauncher.exe (Autodesk, Inc. -> Autodesk Inc.)
FirewallRules: [{38EE79B8-4746-47DA-A8E6-E43E4356DC4F}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\ADPClientService.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{AB7DFF32-1406-44CD-8A40-EA1D7FAEC141}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\ADPClientService.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{46DD823F-6985-48BE-BA98-753CE33E23B8}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{2CD3B7D1-2DCB-4E9E-8D9C-DD33CB9C993E}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{95050947-9A6C-4F2B-9691-F382076FBE75}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtWebEngineProcess.exe (Autodesk, Inc. -> The Qt Company Ltd.)
FirewallRules: [{F8169B53-6F47-49B7-9CAB-25723804B10A}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtWebEngineProcess.exe (Autodesk, Inc. -> The Qt Company Ltd.)
FirewallRules: [{40038CBD-86BF-42BC-AE6C-D6B655416A1A}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvcProxy.exe (Autodesk, Inc. -> Autodesk Inc.)
FirewallRules: [{EDCE4053-770F-49EB-A9DC-A45DF1734990}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvcProxy.exe (Autodesk, Inc. -> Autodesk Inc.)
FirewallRules: [{8770FFA5-E85D-4646-A2A8-D74757EE9B8D}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\Photoshop.exe (Adobe Inc. -> Adobe Systems Incorporated) [Archivo no firmado]
FirewallRules: [{4D2FB6E8-2EDC-4430-BC70-EF9B15356E73}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\Photoshop.exe (Adobe Inc. -> Adobe Systems Incorporated) [Archivo no firmado]
FirewallRules: [{A5056ECF-66F4-4B72-9BE4-CC0F765E92E0}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\CRWindowsClientService.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{A0957AA0-770F-40ED-B66B-83305F565709}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\CRWindowsClientService.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{25101660-B0E6-493C-9FC5-524586AB94DF}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\CRLogTransport.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{1D900097-6649-498C-9222-FC1D22F759DE}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019\CRLogTransport.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{CD303AE0-1AF5-4186-BAC9-F08A39A9E016}] => (Block) C:\Program Files\Pixologic\ZBrush 2020\ZUpgrader.exe (Pixologic Inc. -> Pixologic, Inc.)
FirewallRules: [{35E77A65-CDC6-4CF0-B153-C1BBF3AD338A}] => (Block) C:\Program Files\Pixologic\ZBrush 2020\ZUpgrader.exe (Pixologic Inc. -> Pixologic, Inc.)
FirewallRules: [{E6F6FD76-1093-4C70-A60F-6E32E614EDC8}] => (Block) C:\Program Files\Pixologic\ZBrush 2020\ZBrush.exe (Pixologic, Inc -> Pixologic, Inc.) [Archivo no firmado]
FirewallRules: [{603496CA-5BF2-4948-B386-E731DEC24665}] => (Block) C:\Program Files\Pixologic\ZBrush 2020\ZBrush.exe (Pixologic, Inc -> Pixologic, Inc.) [Archivo no firmado]
FirewallRules: [{25194F7E-015B-4937-81C9-2AF2DBABAA41}] => (Block) C:\Program Files\Pixologic\ZBrush 2020\ZBrush.exe (Pixologic, Inc -> Pixologic, Inc.) [Archivo no firmado]
FirewallRules: [{5A886082-41C6-4373-94C8-178667590BA3}] => (Block) C:\Program Files\Pixologic\ZBrush 2020\ZBrush.exe (Pixologic, Inc -> Pixologic, Inc.) [Archivo no firmado]
FirewallRules: [{D3E6910D-B83E-4876-A34F-7E5C6072C812}] => (Block) C:\Program Files\Pixologic\ZBrush 2020\updater.exe (Pixologic, Inc -> Pixologic)
FirewallRules: [{7D06A62D-16B3-49B5-BA30-0CEF3D5E34DA}] => (Block) C:\Program Files\Pixologic\ZBrush 2020\updater.exe (Pixologic, Inc -> Pixologic)
FirewallRules: [{1544B8CC-25C2-409E-8540-D32C81BC5C43}] => (Block) C:\Program Files\Pixologic\ZBrush 2020\Pixologic License Manager.exe (Pixologic Inc. -> Pixologic, Inc.)
FirewallRules: [{11A97D8F-61D4-4243-B6EF-C21B3A0380D5}] => (Block) C:\Program Files\Pixologic\ZBrush 2020\Pixologic License Manager.exe (Pixologic Inc. -> Pixologic, Inc.)
FirewallRules: [{25062565-E170-49F8-A3F2-729D9B86DF57}] => (Block) C:\Program Files (x86)\NordVPN\NordVPN.exe (TEFINCOM S.A. -> NordVPN)
FirewallRules: [{0790C536-F543-419E-AFAE-E7FC7B20EAB3}] => (Block) C:\Program Files (x86)\NordVPN\nordvpn-service.exe (TEFINCOM S.A. -> )
FirewallRules: [{604B5E3B-104C-48D4-9F0B-08B69D8B5DCF}] => (Block) C:\Program Files (x86)\NordVPN\nordvpn-service.exe (TEFINCOM S.A. -> )
FirewallRules: [{3016310C-00ED-4F9D-9220-74834F224490}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{D8F33AEA-0B27-4F4F-94EB-FF6FA8352F96}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{1BE9213D-3A1B-4FD1-A1AC-F1A298AE3A6B}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{C3A4429D-5956-4A83-B263-D3DE35F5D66C}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{40F08FC9-4E6F-4513-A1D9-381A4F849A67}] => (Block) %ProgramFiles%\Mari4.6v3\Bundle\bin\Mari4.6v3.exe => Ningún archivo
FirewallRules: [{89BFAF30-0119-40DF-A00D-B8709554FC46}] => (Block) %ProgramFiles%\Mari4.6v3\Bundle\bin\Mari4.6v3.exe => Ningún archivo
FirewallRules: [{A73549D8-8912-4D5D-AC0A-6ED9F5A6F7D3}] => (Block) %ProgramFiles%\The Foundry\LicensingTools7.1\FoundryLicenseUtility.exe => Ningún archivo
FirewallRules: [{A3BE7308-CD3D-459B-A2E3-1AC4B412161E}] => (Block) %ProgramFiles%\The Foundry\LicensingTools7.1\FoundryLicenseUtility.exe => Ningún archivo
FirewallRules: [{E94633A6-1487-466E-85ED-89C7865B0CB1}] => (Block) C:\Program Files\Autodesk\Maya2020\bin\maya.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{62D6C9EE-67E6-492D-BAB9-7FFA8A31CC40}] => (Block) C:\Program Files\Autodesk\Maya2020\bin\maya.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{BBE08122-F797-4F89-8348-6078C6392805}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{5FC56C76-F40A-4B7C-B2C8-47ABB15A60CE}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{0FD3D1E1-B0D5-42DE-969B-24513E184614}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\ADPClientService.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{46F0192D-7C8A-419B-BC6F-99AA4B1A067E}] => (Block) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\ADPClientService.exe (Autodesk, Inc. -> Autodesk, Inc.)
FirewallRules: [{1D084842-5D73-4F55-9CCE-DCA2E8451B97}] => (Block) C:\Program Files\Autodesk\Maya2020\bin\fcheck.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{260F7AF5-AF0B-4EB4-9C93-9FE51AD695E9}] => (Block) C:\Program Files\Autodesk\Maya2020\bin\fcheck.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{A9345BA2-9E55-4B2C-8EDC-4F27495F5F50}] => (Block) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{8E557E42-EAB7-4662-BC37-F02F9B5658AB}] => (Block) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{4296CF49-1417-43D0-83AB-9A19D065E988}] => (Block) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingAgent\AdskLicensingAgent.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{85DE432A-4106-499B-88FF-0FAEC2DBD4DA}] => (Block) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingAgent\AdskLicensingAgent.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{2B6519FF-AFCC-44F1-A08E-B644F4DD6E7A}] => (Block) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\helper\AdskLicensingInstHelper.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{C53F6F7A-CF45-46E3-B60D-9965B26B9CE0}] => (Block) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\helper\AdskLicensingInstHelper.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{D8ADA20C-CA4E-41D7-B0D9-81FF87F8C2DC}] => (Block) C:\Program Files (x86)\NordVPN\NordVPN.exe (TEFINCOM S.A. -> NordVPN)
FirewallRules: [{7ABA261C-B9BA-4C31-ADE8-29E130878F9F}] => (Block) C:\Users\Dataone\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [{04576A62-A07B-46DE-8F43-78EE4AE6ED5F}] => (Block) C:\Users\Dataone\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk)
FirewallRules: [TCP Query User{C54AEE74-A025-4AD8-A196-CD30A01748B6}C:\users\dataone\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Block) C:\users\dataone\appdata\local\programs\opera\68.0.3618.104\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{78222D8A-6708-44C4-99F5-12F5D47D63E3}C:\users\dataone\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Block) C:\users\dataone\appdata\local\programs\opera\68.0.3618.104\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{F9DB140D-F49F-4C1C-B0D1-CDF50A5EF880}] => (Block) C:\Program Files\DrWeb\dwnetfilter.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [{C91EDACB-83B3-42A8-83A4-69BF9BC1707B}] => (Block) C:\Program Files\DrWeb\dwnetfilter.exe (Doctor Web Ltd. -> Doctor Web, Ltd.)
FirewallRules: [TCP Query User{1B853362-6C95-4277-B338-73AEEC90908F}C:\users\dataone\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Block) C:\users\dataone\appdata\local\programs\opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{1213421A-4404-4B7C-93D9-CB8758487D96}C:\users\dataone\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Block) C:\users\dataone\appdata\local\programs\opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software)

==================== Puntos de Restauración =========================

18-05-2020 15:58:30 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/22/2020 12:36:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11820,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/22/2020 11:39:19 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4696,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/22/2020 11:07:07 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2400,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/22/2020 10:53:48 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1636,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/22/2020 10:40:51 AM) (Source: ESENT) (EventID: 454) (User: )
Description: DllHost (11684,R,98) WebPlatStorage: Error inesperado al recuperar o restaurar la base de datos -543.

Error: (05/22/2020 10:40:51 AM) (Source: ESENT) (EventID: 452) (User: )
Description: DllHost (11684,R,98) WebPlatStorage: La base de datos C:\Users\Dataone\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\CacheStorage\CacheStorage.edb requiere los archivos de registro 2-3, para recuperarse correctamente. El proceso de recuperación sólo encontró los archivos de registro a partir del 3.

Error: (05/22/2020 12:59:47 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7012,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/21/2020 11:34:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10624,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (05/22/2020 12:42:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (05/22/2020 12:40:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/22/2020 12:40:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (05/22/2020 12:38:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/22/2020 11:12:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/22/2020 11:12:37 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dataone\AppData\Local\Temp\ehdrv.sys

Error: (05/22/2020 11:12:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/22/2020 11:12:37 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Dataone\AppData\Local\Temp\ehdrv.sys


Windows Defender:
===================================
Date: 2020-04-26 14:32:40.235
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {08ADFC85-2B14-4B41-909D-D33D9A23EABD}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-04-25 13:59:30.543
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/DefenseEvasion!rfn&threatid=2147743421&enterprise=0
Nombre: Trojan:Win32/DefenseEvasion!rfn
Id.: 2147743421
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: containerfile:_C:\Users\Dataone\Desktop\AlemdarLeech_idman637build10.sanet.st.rar; file:_C:\Users\Dataone\Desktop\AlemdarLeech_idman637build10.sanet.st.rar->IDM_6.xx_Patch_V21.rar->IDM 6.xx Patch V21.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.313.2325.0, AS: 1.313.2325.0, NIS: 1.313.2325.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-04-20 13:27:16.546
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {B1C23F0A-86A1-45EB-9CA6-F8CEABCA18AF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-04-20 11:06:30.217
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {50B3C8C5-B736-404A-BC84-E12EFB942B65}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-04-17 11:16:51.449
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {627753FF-94C6-4F61-AE93-D4C14735710A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-05-22 12:42:22.092
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2646.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80080005
Descripción del error: Error en la ejecución de servidor 

Date: 2020-05-19 19:19:34.573
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2646.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

Date: 2020-05-19 19:19:34.572
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2646.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

Date: 2020-05-19 19:19:34.572
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2646.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

Date: 2020-05-19 19:18:42.573
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2646.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80072ee2
Descripción del error: Se superó el tiempo de espera para la operación 

CodeIntegrity:
===================================

Date: 2020-05-22 12:38:40.388
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\DrWeb\drwamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-22 12:38:40.379
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\DrWeb\drwamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-22 12:38:40.369
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\DrWeb\drwamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-22 12:38:40.359
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\DrWeb\drwamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-22 12:38:40.349
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\DrWeb\drwamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-22 12:38:40.339
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\DrWeb\drwamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-22 12:38:40.328
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\DrWeb\drwamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-22 12:38:40.315
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\DrWeb\drwamsi64.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 0503 01/25/2016
Placa base: ASUSTeK COMPUTER INC. H110M-A
Procesador: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Porcentaje de memoria en uso: 26%
RAM física total: 16266.23 MB
RAM física disponible: 11967.76 MB
Virtual total: 18698.23 MB
Virtual disponible: 14677.53 MB

==================== Unidades ================================

Drive c: (SISTEMA) (Fixed) (Total:243.07 GB) (Free:186.53 GB) NTFS
Drive e: (DATOS) (Fixed) (Total:687.37 GB) (Free:187.07 GB) NTFS

\\?\Volume{042e323f-6b89-4131-bb30-463f639fa844}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{0545e21d-dd35-4dc0-8c95-dded381dd342}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{cb156f93-169f-4523-a867-75e10caa3ceb}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: CCF92CAB)

Partition: GPT.

==================== Final de Addition.txt =======================

te comento que la velocidad de mi internet mejoro desde ayer, sin embargo en el rendimiento sigue apareciendo alto y en el SMTP sigue infectado

En la pagina donde te muestra smtp infectado…pulsa en el si y ponme captura de la pagina que sale

vale, sale lo siguiente

pleaseee1162×686 65.7 KB

Vale…ahora dale al link CBL Lookup y poneme cvaptura

unnamed1469×573 41.9 KB

apareció lo sgte

que mnarca es tu Router?’

En esa imagen te pone un link de un blog…pincha y ponme captura

Es que en es pagina que inicialmente pusiste te da intrucciones para solventarlo,pero para ello deberias de haber ido pinchando en los links,para eso te los ponen, no ?